Featured Post

Avira Antivirus Pro - Review 2020 - PCMag India

Image
Avira Antivirus Pro - Review 2020 - PCMag IndiaAvira Antivirus Pro - Review 2020 - PCMag IndiaPosted: 11 Jun 2020 12:00 AM PDTEvery computer needs antivirus protection, and one way companies can support that aim is to provide free antivirus to the masses. But these companies can't survive unless some users shell out their hard-earned cash for paid antivirus utilities. Piling on pro-only tools and components is one way companies encourage upgrading to a paid antivirus. Avira Antivirus Pro adds several components not available to users of Avira Free Security, but they don't really add much value. The biggest reason to pay for it is if you want to use Avira in a commercial setting, which isn't allowed with the free version.Avira's pricing is undeniably on the high side, with a list price of $59.88 per year for one license, $71.88 for three, and $95.88 for five. Admittedly, it seems to be perpetually on sale; just now, the one-license price is discounted to $44.99. That…

I need help removing Avast! completely from my PC - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

I need help removing Avast! completely from my PC - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer


I need help removing Avast! completely from my PC - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Posted: 23 Nov 2019 12:00 AM PST

Recently, I have been trying to switch over from Avast! anti-virus to Bitdefender anti-virus (free versions) for performance reasons, but have had problems with compatibility. Bitdefender states an error requesting that Avast Update Helper be uninstalled. Going through that window to uninstall does not assist in uninstalling that service or making the error go away.

I have used several methods to remove all remnants of Avast!, including using Revo Uninstaller to delete lingering keys related to Avast, and any existing folders. I don't know why Bitdefender continues to give me the error, and whether or not it is associated with the remaining .dll and Manifest files related to Avast!.
 

The remaining Avast .dll and Manifest files cannot be removed through all means I have tried. I have changed the ownership of the files to my user account, and it still needs permission from that account (Signed In) to delete or edit them. I have tried the official Avast Removal Software to remove any remaining bits and pieces, but to no avail, Bitdefender still does not go through installation.
 

Windows 10 Version: Version 1903 (OS Build 18362.476)

64-bit OS

-This post has been copied from Windows 10 support forums by recommendation.

Most likely infected. - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Posted: 17 Jan 2020 12:00 AM PST

Hey Hey. I've been downloading some files that don't have the best reputation which has lead me to suspect that I might have been infected possibly by a rat or some sort of spyware etc. I've been taking some risks recently and have run the usual scans, but they have been mostly 'clean' ignoring some blatant files that AV's report as dangerous files.

If someone would be so grateful to check my logs I would be very happy, indeed.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2020
Ran by Exoteric (administrator) on DESKTOP-J61AMHV (18-01-2020 03:01:55)
Running from C:\Users\Exoteric\Desktop
Loaded Profiles: Exoteric (Available Profiles: Exoteric)
Platform: Windows 10 Home Version 1909 18363.592 (X64) Language: suomi (Suomi)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\ADX AFSH0917 Gaming Headset\ADXMain_x64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Exoteric\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SOMIC6400Sound1] => C:\Program Files\ADX AFSH0917 Gaming Headset\ADXMain_x64.exe [2412032 2016-04-20] () [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-03-02] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [ADX AFPV0114 Gaming Mouse] => C:\Program Files (x86)\ADX\AFPV0114 Gaming mouse\Gaming Mouse.exe [4654072 2014-09-01] (Areson Technology -> Areson)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1207112 2018-03-05] (Overwolf Ltd -> )
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\Run: [Discord] => C:\Users\Exoteric\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\FlowSync.exe [1397248 2018-09-17] (Polar Electro Oy) [File not signed]
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2018-09-07] () [File not signed]
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [82336 2019-05-30] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [1456128 2018-11-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe -ByGPUTweakII -12 293 /RestartByRestartManager:4CC95804-8393-4638-B80F-81299269EC48
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe  /RestartByRestartManager:E172A36D-D4EC-43df-8D2B-9F894C78E4AD
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe  /RestartByRestartManager:BA3F8E70-020A-47aa-895F-2FF787933B9A
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)
Startup: C:\Users\Exoteric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-04-12]
ShortcutTarget: Twitch.lnk -> C:\Users\Exoteric\AppData\Roaming\Curse Client\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
BootExecute: autocheck autochk * bootdelete
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03D07ECE-166E-4A72-996D-AD3EE13D1A31} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {06A6A4FE-597E-4FEE-B0FA-9D613625E545} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2207009A-7930-4712-A99C-6C15537928DC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [1456128 2018-11-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2672380A-8C4B-4345-B11E-72BCF20CD512} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {27FBCDAA-12B1-44F0-AD49-E9D48F1434CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2E93722D-D62D-45C8-A38F-69DBC19C0596} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-11] (Google Inc -> Google Inc.)
Task: {33964F17-3D3D-4B22-BE1C-BEB43FD65DB8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {380DA0A9-3E1D-4FCE-B8E0-61D0B42F45ED} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E3BCC1A-58DB-424A-91AA-5BF3D87E4ACB} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-J61AMHV-Exoteric => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {48A9E135-568C-43F9-86DE-F78A13C66D25} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {5AC18BA6-F45E-49C2-B6CF-8F704F1EAC2A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {5F4B30A7-3AFE-4E79-B767-B960D503730D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6B459EB5-5A1B-4B5C-BB80-927C23BB1A5F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {75931170-B735-4CA7-9EAA-AFE27ADFA75D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-11] (Google Inc -> Google Inc.)
Task: {777650FD-DFB1-46C3-A418-A7FF8EA92B05} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1452360 2018-03-05] (Overwolf Ltd -> Overwolf LTD)
Task: {7AA5F14E-E755-43C6-878D-7139ECFC5C87} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {869A2372-D86E-4343-9F7E-A13A0E96E799} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {93C40FCD-04E1-476E-8157-B45FA1DB8321} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
Task: {A3861CDE-0442-4F04-89FD-33480F44478D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B8D08576-73B1-427C-85F8-33D7D912B984} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1E6145B-F95C-4006-B336-73B3EEF2AEC4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4CA502C-6A83-4D82-9129-3C7212AEFF73} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{513edd96-4be6-449b-92ac-b984799a08b0}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{6246f03d-83d3-44b8-984a-19a440667f61}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{e127bfc0-76aa-4335-8561-04ef7c6baa1e}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f0a9a07d-37f5-435d-ac47-4e4dc3b49911}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: cp1yvr3j.default-1528376412905
FF ProfilePath: C:\Users\Exoteric\AppData\Roaming\Mozilla\Firefox\Profiles\cp1yvr3j.default-1528376412905 [2020-01-18]
FF Notifications: Mozilla\Firefox\Profiles\cp1yvr3j.default-1528376412905 -> hxxps://www.facebook.com; hxxps://warframe.market; hxxps://riven.cerbion.net; hxxps://riven.market; hxxps://www.reddit.com
FF Extension: (uBlock Origin) - C:\Users\Exoteric\AppData\Roaming\Mozilla\Firefox\Profiles\cp1yvr3j.default-1528376412905\Extensions\uBlock0@raymondhill.net.xpi [2019-11-26]
FF Extension: (Universal Bypass) - C:\Users\Exoteric\AppData\Roaming\Mozilla\Firefox\Profiles\cp1yvr3j.default-1528376412905\Extensions\{529b261b-df0b-4e3b-bf42-07b462da0ee8}.xpi [2020-01-12]
FF Extension: (No Name) - C:\Users\Exoteric\AppData\Roaming\Mozilla\Firefox\Profiles\cp1yvr3j.default-1528376412905\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-25] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-25] (Adobe Systems Incorporated -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

Chrome:
=======
CHR Profile: C:\Users\Exoteric\AppData\Local\Google\Chrome\User Data\Default [2019-05-07]
CHR Extension: (Slides) - C:\Users\Exoteric\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-13]
CHR Extension: (Docs) - C:\Users\Exoteric\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-13]
CHR Extension: (Google Drive) - C:\Users\Exoteric\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-11]
CHR Extension: (YouTube) - C:\Users\Exoteric\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-11]
CHR Extension: (Sheets) - C:\Users\Exoteric\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-13]
CHR Extension: (Google Docs Offline) - C:\Users\Exoteric\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Exoteric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-13]
CHR Extension: (Gmail) - C:\Users\Exoteric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\Exoteric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-03-09] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774784 2018-03-08] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServices.exe [21640 2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21640 2019-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [309664 2019-05-30] (Locktime Software s.r.o. -> Locktime Software)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1452360 2018-03-05] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] (Razer USA Ltd. -> )
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16576568 2020-01-06] (Adlice -> )
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 AswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_1b1c9965dc1c6f0f\gameflt.sys [71000 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2017-03-22] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [178944 2019-05-30] (Locktime Software s.r.o. -> Locktime Software)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3334892267d8a3d1\nvlddmkm.sys [22744688 2019-11-21] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
U3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [40288 2020-01-18] (Adlice -> Windows ® Win 7 DDK provider)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-10-26] (Razer Inc. -> Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer Inc. -> Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer Inc. -> Razer, Inc.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SOMICG909; C:\WINDOWS\System32\drivers\SOMIC6533.sys [3782656 2016-05-10] (C-MEDIA ELECTRONICS INC. -> Somic Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-05-16] (TunnelBear, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2018-11-06] (ExprsVPN LLC -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2020-01-18] (Adlice -> )
R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [50224 2017-08-21] (Tomasz Moń -> USBPcap)
R3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_4beca0218f643d77\xvdd.sys [478256 2019-10-26] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-18 03:01 - 2020-01-18 03:02 - 000027211 _____ C:\Users\Exoteric\Desktop\FRST.txt
2020-01-18 03:00 - 2020-01-18 03:00 - 002573312 _____ (Farbar) C:\Users\Exoteric\Desktop\FRST64.exe
2020-01-18 01:18 - 2020-01-18 01:18 - 011539456 _____ (SurfRight B.V.) C:\Users\Exoteric\Downloads\HitmanPro_x64(1).exe
2020-01-18 01:18 - 2020-01-18 01:18 - 000040288 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\rkflt.sys
2020-01-18 01:18 - 2020-01-18 01:18 - 000000000 ___HD C:\OneDriveTemp
2020-01-18 01:17 - 2020-01-18 01:17 - 000148742 _____ C:\WINDOWS\system32\.crusader
2020-01-18 01:11 - 2020-01-18 01:17 - 000000000 ____D C:\ProgramData\HitmanPro
2020-01-18 01:11 - 2020-01-18 01:11 - 011575104 _____ (SurfRight B.V.) C:\Users\Exoteric\Downloads\HitmanPro_x64.exe
2020-01-17 22:13 - 2020-01-18 01:17 - 000028272 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2020-01-17 17:20 - 2020-01-17 17:20 - 001217720 _____ C:\Users\Exoteric\Desktop\setup.zip
2020-01-17 11:54 - 2020-01-17 11:54 - 008798648 _____ C:\Users\Exoteric\Downloads\onetap(7).exe
2020-01-16 17:25 - 2020-01-16 17:25 - 000000032 _____ C:\Users\Exoteric\Desktop\Tick.txt
2020-01-16 00:31 - 2020-01-16 00:31 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-16 00:31 - 2020-01-16 00:31 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 00:31 - 2020-01-16 00:31 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-16 00:31 - 2020-01-16 00:31 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 00:31 - 2020-01-16 00:31 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-16 00:31 - 2020-01-16 00:31 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-16 00:31 - 2020-01-16 00:31 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 00:31 - 2020-01-16 00:31 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-16 00:31 - 2020-01-16 00:31 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 00:31 - 2020-01-16 00:31 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 00:31 - 2020-01-16 00:31 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 00:31 - 2020-01-16 00:31 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-16 00:31 - 2020-01-16 00:31 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-16 00:31 - 2020-01-16 00:31 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 00:31 - 2020-01-16 00:31 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-16 00:31 - 2020-01-16 00:31 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 00:31 - 2020-01-16 00:31 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 00:31 - 2020-01-16 00:31 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 00:31 - 2020-01-16 00:31 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-16 00:26 - 2019-12-10 07:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-16 00:26 - 2019-12-10 06:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 22:54 - 2020-01-15 22:54 - 008798648 _____ C:\Users\Exoteric\Downloads\onetap(6).exe
2020-01-15 21:03 - 2020-01-15 21:03 - 000055463 _____ C:\Users\Exoteric\Downloads\Fl1cks_AWV5_Pack.rar
2020-01-15 19:06 - 2020-01-15 19:07 - 008798648 _____ C:\Users\Exoteric\Downloads\onetap(5).exe
2020-01-15 17:07 - 2020-01-15 17:07 - 008237744 _____ (Malwarebytes) C:\Users\Exoteric\Downloads\AdwCleaner(1).exe
2020-01-15 01:18 - 2020-01-15 01:18 - 000036458 _____ C:\Users\Exoteric\Downloads\slash1.cfg
2020-01-14 22:10 - 2020-01-14 22:10 - 000021382 _____ C:\Users\Exoteric\Downloads\Real_hvh_-_Copy.cfg
2020-01-14 21:36 - 2020-01-14 21:37 - 008798648 _____ C:\Users\Exoteric\Downloads\onetap(4).exe
2020-01-14 21:01 - 2020-01-14 21:01 - 000021374 _____ C:\Users\Exoteric\Downloads\aimware_v5 (1).cfg
2020-01-14 19:13 - 2020-01-14 19:13 - 000015922 _____ C:\Users\Exoteric\Downloads\BestOnetapcfg.cfg
2020-01-14 00:13 - 2020-01-14 00:13 - 000004070 _____ C:\Users\Exoteric\Downloads\dogeot2212.rar
2020-01-14 00:13 - 2020-01-14 00:13 - 000000000 ____D C:\Users\Exoteric\Downloads\dogeot2212
2020-01-14 00:10 - 2020-01-14 00:10 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Exoteric\Downloads\rkill.exe
2020-01-13 23:53 - 2020-01-14 00:01 - 000000000 ____D C:\evotap
2020-01-13 23:52 - 2020-01-13 23:52 - 000000000 ____D C:\Users\Exoteric\AppData\Roaming\evotap
2020-01-13 22:39 - 2020-01-13 22:39 - 005433791 _____ C:\Users\Exoteric\Downloads\EvoTap tapped by hvhirl.rar
2020-01-13 19:45 - 2020-01-13 19:45 - 000035347 _____ C:\Users\Exoteric\Downloads\hvhupdate45.cfg
2020-01-13 19:43 - 2020-01-13 19:43 - 000011819 _____ C:\Users\Exoteric\Downloads\TeeeSense TRY THIS ONE.cfg
2020-01-13 19:25 - 2020-01-13 19:25 - 000011819 _____ C:\Users\Exoteric\Downloads\Config1.cfg
2020-01-13 19:10 - 2020-01-13 19:10 - 000016336 _____ C:\Users\Exoteric\Downloads\XaNe-v4 (1).cfg
2020-01-13 16:05 - 2020-01-13 16:05 - 008798648 _____ C:\Users\Exoteric\Downloads\onetap(3).exe
2020-01-13 00:52 - 2020-01-13 00:52 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-01-13 00:52 - 2020-01-13 00:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-01-13 00:52 - 2020-01-13 00:52 - 000000000 ____D C:\Program Files\RogueKiller
2020-01-13 00:51 - 2020-01-13 00:52 - 046292096 _____ (Adlice Software ) C:\Users\Exoteric\Downloads\RogueKiller_setup(9).exe
2020-01-12 23:35 - 2020-01-12 23:35 - 000013913 _____ C:\Users\Exoteric\Downloads\slot4
2020-01-12 19:37 - 2020-01-12 19:37 - 008798648 _____ C:\Users\Exoteric\Downloads\onetap(2).exe
2020-01-12 19:25 - 2020-01-12 19:25 - 000001480 _____ C:\Users\Exoteric\Downloads\BetterDT.js
2020-01-11 01:50 - 2020-01-11 01:51 - 000000132 _____ C:\Users\Exoteric\Desktop\dundun.txt
2020-01-11 01:42 - 2020-01-11 01:42 - 008798648 _____ C:\Users\Exoteric\Downloads\onetap(1).exe
2020-01-11 01:27 - 2020-01-11 01:27 - 008798648 _____ C:\Users\Exoteric\Downloads\onetap.exe
2020-01-10 23:27 - 2020-01-11 01:02 - 000000000 ____D C:\Users\Exoteric\AppData\Local\SazInjector
2020-01-10 23:27 - 2020-01-10 23:27 - 000000000 ____D C:\Users\Exoteric\Documents\SazInjector
2020-01-10 23:14 - 2020-01-10 23:14 - 000000000 _____ C:\Users\Exoteric\Downloads\SazInjector.exe
2020-01-10 01:26 - 2020-01-10 01:27 - 000035880 _____ C:\Users\Exoteric\Downloads\lmao.cfg
2020-01-07 21:43 - 2020-01-07 21:43 - 000546436 _____ C:\WINDOWS\Minidump\010720-5890-01.dmp
2020-01-06 17:39 - 2020-01-06 17:39 - 000507180 _____ C:\WINDOWS\Minidump\010620-6109-01.dmp
2020-01-05 16:56 - 2020-01-05 16:57 - 000000000 ____D C:\Users\Exoteric\AppData\Roaming\dMTuaIbWWOEj
2020-01-04 14:34 - 2020-01-04 14:34 - 000591884 _____ C:\WINDOWS\Minidump\010420-5250-01.dmp
2020-01-04 14:18 - 2020-01-04 14:19 - 000523884 _____ C:\WINDOWS\Minidump\010420-5875-01.dmp
2020-01-03 23:05 - 2020-01-03 23:06 - 098776664 _____ ( ) C:\Users\Exoteric\Downloads\setup(2).exe
2019-12-31 15:50 - 2019-12-31 15:50 - 008345993 _____ C:\Users\Exoteric\Downloads\EqualizerAPO64-1.2.1.exe
2019-12-31 15:50 - 2019-12-31 15:50 - 000000000 ____D C:\Users\Exoteric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Equalizer APO 1.2.1
2019-12-31 15:50 - 2019-12-31 15:50 - 000000000 ____D C:\Program Files\EqualizerAPO
2019-12-31 15:49 - 2019-12-31 15:49 - 010413592 _____ C:\Users\Exoteric\Downloads\PeaceSetup.exe
2019-12-31 13:19 - 2019-12-31 13:19 - 000001546 _____ C:\Users\Exoteric\Desktop\Spotify.lnk
2019-12-29 20:06 - 2020-01-05 17:27 - 000000131 _____ C:\Users\Exoteric\Desktop\Vanhemmille.txt
2019-12-25 18:35 - 2019-12-25 18:35 - 000000078 _____ C:\Users\Exoteric\Desktop\Gigantti.txt
2019-12-24 18:28 - 2019-12-24 18:28 - 000000000 ____D C:\ProgramData\dbg
2019-12-24 18:25 - 2019-12-24 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2019-12-24 18:25 - 2019-12-24 18:25 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2019-12-24 18:21 - 2019-12-24 18:21 - 001321464 _____ (Microsoft Corporation) C:\Users\Exoteric\Downloads\wdksetup.exe
2019-12-24 18:19 - 2019-12-24 18:08 - 000810604 _____ C:\Users\Exoteric\Desktop\122419-5218-01.dmp
2019-12-24 18:07 - 2019-12-24 18:08 - 000810604 _____ C:\WINDOWS\Minidump\122419-5218-01.dmp
2019-12-20 17:35 - 2020-01-07 21:43 - 000000000 ____D C:\WINDOWS\Minidump
2019-12-20 17:35 - 2019-12-20 17:35 - 000817188 _____ C:\WINDOWS\Minidump\122019-5531-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-18 03:02 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-18 03:02 - 2018-02-26 20:41 - 000000000 ____D C:\FRST
2020-01-18 02:08 - 2019-11-30 22:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-18 02:08 - 2019-11-30 22:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-18 02:08 - 2019-11-30 22:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-18 02:08 - 2019-11-30 22:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-18 02:08 - 2019-10-03 21:12 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-01-18 02:08 - 2019-07-29 22:45 - 000003752 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-18 02:08 - 2019-07-29 22:45 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-18 02:08 - 2019-07-29 22:45 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-18 02:08 - 2019-07-29 22:45 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-18 02:08 - 2019-07-29 22:45 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-18 02:08 - 2019-07-29 22:45 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-18 02:08 - 2019-07-29 22:45 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-18 02:08 - 2019-07-29 22:45 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-18 02:08 - 2019-07-29 22:45 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-18 02:08 - 2019-07-29 22:45 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1391017280-3817108793-3187845191-1001
2020-01-18 02:08 - 2019-07-29 22:45 - 000002780 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-J61AMHV-Exoteric
2020-01-18 02:08 - 2019-07-29 22:45 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-18 02:08 - 2019-07-29 22:45 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-01-18 02:08 - 2019-07-29 22:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-01-18 02:08 - 2019-07-29 22:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-18 01:23 - 2019-07-29 22:48 - 002263790 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-18 01:23 - 2019-07-29 02:07 - 000777480 _____ C:\WINDOWS\system32\perfh019.dat
2020-01-18 01:23 - 2019-07-29 02:07 - 000156990 _____ C:\WINDOWS\system32\perfc019.dat
2020-01-18 01:23 - 2019-03-19 13:46 - 000441544 _____ C:\WINDOWS\system32\perfh00B.dat
2020-01-18 01:23 - 2019-03-19 13:46 - 000085432 _____ C:\WINDOWS\system32\perfc00B.dat
2020-01-18 01:23 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-18 01:20 - 2017-07-10 14:50 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-18 01:18 - 2017-03-03 21:20 - 000000000 ____D C:\Users\Exoteric\AppData\LocalLow\Mozilla
2020-01-18 01:18 - 2017-03-02 18:57 - 000000000 ___RD C:\Users\Exoteric\OneDrive
2020-01-18 01:17 - 2019-07-29 22:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-18 01:17 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-18 01:12 - 2017-03-02 22:39 - 000000000 ____D C:\Program Files (x86)\Steam
2020-01-18 01:07 - 2017-03-03 00:35 - 000000000 ____D C:\Users\Exoteric\AppData\Local\CrashDumps
2020-01-18 00:09 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-18 00:09 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-17 23:19 - 2019-07-29 13:52 - 000001210 _____ C:\Users\Exoteric\Desktop\Command Prompt.lnk
2020-01-17 22:11 - 2017-10-02 20:04 - 000000000 ____D C:\Users\Exoteric\AppData\Roaming\discord
2020-01-17 06:53 - 2017-10-11 19:03 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 06:53 - 2017-10-11 19:03 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 06:12 - 2019-07-29 22:45 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-16 15:12 - 2018-05-23 16:41 - 000000000 ____D C:\Users\Exoteric\AppData\Local\AVAST Software
2020-01-16 01:30 - 2019-07-29 22:38 - 000276496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 01:29 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 01:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 01:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 01:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 00:36 - 2017-03-02 20:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 00:33 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-16 00:33 - 2017-03-02 20:09 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-15 22:55 - 2018-05-25 21:23 - 000000000 ____D C:\Users\Exoteric\AppData\Local\D3DSCache
2020-01-13 00:52 - 2018-02-25 17:56 - 000000000 ____D C:\ProgramData\RogueKiller
2020-01-11 00:43 - 2019-12-04 15:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-11 00:43 - 2017-03-02 19:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-10 23:18 - 2017-03-02 22:39 - 000001061 _____ C:\Users\Public\Desktop\-nofriendsui.lnk
2020-01-09 16:46 - 2019-07-29 13:52 - 000002405 _____ C:\Users\Exoteric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-09 01:50 - 2017-03-02 19:08 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-07 21:43 - 2019-07-29 13:52 - 000000000 ____D C:\Users\Exoteric
2020-01-03 23:14 - 2017-03-02 22:20 - 000000000 ____D C:\Users\Exoteric\AppData\Local\NVIDIA
2020-01-03 23:04 - 2017-05-26 14:05 - 000000000 ____D C:\Users\Exoteric\AppData\Local\Battle.net
2020-01-03 20:01 - 2017-03-03 19:32 - 000000000 ____D C:\Users\Exoteric\AppData\Local\ElevatedDiagnostics
2019-12-24 18:45 - 2017-03-03 00:29 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-12-24 18:28 - 2017-07-27 13:33 - 000000000 ____D C:\Users\Exoteric\AppData\Local\DBG
2019-12-24 18:25 - 2017-03-02 22:18 - 000000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories ========

2020-01-09 19:11 - 2020-01-17 23:20 - 000000044 _____ () C:\Users\Exoteric\AppData\Roaming\Microsoft\data.ot
2018-09-28 15:33 - 2018-09-28 15:33 - 000000000 _____ () C:\Users\Exoteric\AppData\Local\oobelibMkey.log
2019-11-06 17:45 - 2019-11-06 17:45 - 000002094 _____ () C:\Users\Exoteric\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by Exoteric (18-01-2020 03:02:48)
Running from C:\Users\Exoteric\Desktop
Windows 10 Home Version 1909 18363.592 (X64) (2019-07-29 20:45:50)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

DefaultAccount (S-1-5-21-1391017280-3817108793-3187845191-503 - Limited - Disabled)
Exoteric (S-1-5-21-1391017280-3817108793-3187845191-1001 - Administrator - Enabled) => C:\Users\Exoteric
Järjestelmänvalvoja (S-1-5-21-1391017280-3817108793-3187845191-500 - Administrator - Disabled)
Vieras (S-1-5-21-1391017280-3817108793-3187845191-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1391017280-3817108793-3187845191-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
ADX AFPV0114 Gaming mouse (HKLM-x32\...\ADX AFPV0114 Gaming Mouse) (Version: 1.0 - ADX)
ADX AFSH0917 Gaming Headset (HKLM-x32\...\{D8D9AEBE-1712-4A4A-BC70-4CD9C82D0909}) (Version: 1.00.0005 - ADX Gaming)
AIDA64 Extreme v5.90 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.90 - FinalWire Ltd.)
AutoHotkey 1.1.30.03 (HKLM\...\AutoHotkey) (Version: 1.1.30.03 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Discord (HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - )
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Kits Configuration Installer (HKLM-x32\...\{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Minimal WLPC Content (HKLM-x32\...\{5A12DC60-4F2E-5F1F-B7DD-1B957C2620D3}) (Version: 10.1.18362.1 - Microsoft) Hidden
Mozilla Firefox 72.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 72.0.1 (x64 en-US)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
My Game Long Name (HKLM\...\UDK-de010f1d-5bfc-45f0-936d-390e55dd2443) (Version:  - Epic Games, Inc.)
NetLimiter 4 (HKLM\...\{8B6CA67A-7E1C-41F7-8857-6E50B552C40A}) (Version: 4.0.48.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.48.0) (Version: 4.0.48.0 - Locktime Software)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Grafiikkaohjain 441.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.41 - NVIDIA Corporation)
NVIDIA HD-ääniohjain 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX-järjestelmäohjelmisto 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OEM Test Certificates (HKLM-x32\...\{DB789F11-7F0F-C7F8-AF6F-357C44090C38}) (Version: 10.1.18362.1 - Microsoft) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.111.1.28 - Overwolf Ltd.)
Path of Building version 1.4.140 (HKLM-x32\...\{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.140 - Openarl)
Polar FlowSync version 3.0.0.1337 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 3.0.0.1337 - Polar Electro Oy)
Python 3.6.5 (32-bit) (HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\{3346977b-49da-4095-8f4d-f56f103e52e9}) (Version: 3.6.5150.0 - Python Software Foundation)
Python 3.6.5 Core Interpreter (32-bit) (HKLM-x32\...\{58E1C809-82C5-4EDF-B69B-188A6C81F21F}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Development Libraries (32-bit) (HKLM-x32\...\{21FD2EE0-8D55-49DC-A1B0-771696DDEE98}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Documentation (32-bit) (HKLM-x32\...\{5C613D87-0AED-48A9-A216-3A3783463D6C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Executables (32-bit) (HKLM-x32\...\{9107CF1A-A09C-4035-B29E-E79B4098AB8C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 pip Bootstrap (32-bit) (HKLM-x32\...\{C024F06C-0E37-4529-945F-7920A9CFFD78}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Standard Library (32-bit) (HKLM-x32\...\{8C2E8A7D-95CC-491C-AB9C-DE785A137D00}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Tcl/Tk Support (32-bit) (HKLM-x32\...\{052FD2FB-034D-4CDD-864E-798DE45C742A}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Test Suite (32-bit) (HKLM-x32\...\{86533809-919A-4858-AFC4-4226B86C5291}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python 3.6.5 Utility Scripts (32-bit) (HKLM-x32\...\{5C0C82E9-B580-4EE4-894A-4451A23B0E2C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{8A66FEC2-E443-4219-B9AC-F9B10607B57C}) (Version: 3.6.6295.0 - Python Software Foundation)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RogueKiller version 14.0.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.0.4.0 - Adlice Software)
SDK ARM Additions (HKLM-x32\...\{73681F86-CD86-4208-572F-959B45430B04}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
SDK ARM Additions EULA (HKLM-x32\...\{D3C12D2F-4EF0-7D05-6D9D-6542636B12F9}) (Version: 10.1.18362.1 - Microsoft Corporations) Hidden
SDK ARM Redistributables (HKLM-x32\...\{67EE3804-9642-62BA-EBF1-B1561FB4ECBE}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
SDK Debuggers ARM (HKLM-x32\...\{82E6BEFF-C8FB-1B97-3026-15C48C8FF960}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.5 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Twitch (HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 43.1 - Ubisoft)
USBPcap 1.2.0.3 (HKLM\...\USBPcap) (Version: 1.2.0.3 - Tomasz Mon)
Veikkaus (HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\Veikkaus) (Version:  - )
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
Windows Driver Kit - Windows 10.0.18362.1 (HKLM-x32\...\{79b88654-f6ed-4b70-83bf-2dd5bd68a715}) (Version: 10.1.18362.1 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wireshark 2.4.5 64-bit (HKLM-x32\...\Wireshark) (Version: 2.4.5 - The Wireshark developer community, hxxps://www.wireshark.org)
Viscera Cleanup Detail: alpha v0.25
 (HKLM\...\UDK-d3182f87-af3b-416c-9728-f5304d6fc726) (Version:  - RuneStorm
)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version:  - Blizzard Entertainment)
World of Warcraft Classic Beta (HKLM-x32\...\World of Warcraft Classic Beta) (Version:  - Blizzard Entertainment)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-10] (king.com)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-10-26] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-10-26] (Microsoft Corporation)
Gaming Services -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.35.26001.0_x64__8wekyb3d8bbwe [2019-12-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-10] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0 [2019-12-19] (Spotify AB) [Startup Task]
SUPERHOT - Windows 10 -> C:\Program Files\WindowsApps\SUPERHOTTeam.SHPLACEHOLDER_1.1.106.0_x64__hj98apedv0ctt [2019-10-28] (SUPERHOT Team)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-12-27 00:08 - 2016-03-24 11:27 - 000254464 ____N (C-MEDIA Electronics INC.) [File not signed] C:\Program Files\ADX AFSH0917 Gaming Headset\Driver\x64\vista\osConfLib.dll
2018-02-17 01:56 - 2018-01-28 17:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [232]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2019-01-09 14:32 - 000454382 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123haustiereundmehr.com
127.0.0.1    123moviedownload.com
127.0.0.1    www.123moviedownload.com

There are 15596 more lines.

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Exoteric\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.42.129
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "ADX AFPV0114 Gaming Mouse"
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\StartupApproved\Run: => "TSMApplication"
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\StartupApproved\Run: => "Polar FlowSync"
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1391017280-3817108793-3187845191-1001\...\StartupApproved\Run: => "NetLimiter"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{27BCB8BF-D485-4EB0-8BD5-A878E2E198FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EDE9B54D-25DC-4F48-8607-77EF2F17C9C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{8AED1B12-D4E4-4D75-B917-C12A698070CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{DE9371BA-493E-455B-9C80-21CCB0038557}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Totally Accurate Battle Simulator\TotallyAccurateBattleSimulator.exe (Landfall Games AB -> )
FirewallRules: [{B9C82C8E-7B6C-41DD-9182-A6C5557D7651}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Totally Accurate Battle Simulator\TotallyAccurateBattleSimulator.exe (Landfall Games AB -> )
FirewallRules: [{11C3E875-8C54-4988-ABB0-FE70CF6FBF37}] => (Allow) LPort=5354
FirewallRules: [{E145AD92-AAAD-4F58-9327-F561891222BE}] => (Allow) LPort=5354
FirewallRules: [{51B02720-E7DA-4C1E-8B47-C0D0460B15D5}] => (Allow) LPort=5354
FirewallRules: [{FA5F6589-A23F-4F1C-897D-8547BE7F88E8}] => (Allow) LPort=5354
FirewallRules: [UDP Query User{931DE100-6F75-4309-A9E4-31EC32555C98}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{CABFAC05-C657-4C1C-9EEE-1D888581F9D8}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{78CB3CD2-B4F9-44DB-93B7-3BDE0387E8F9}] => (Block) C:\users\exoteric\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [{3D22546B-DBA9-43DA-A970-F5348F466551}] => (Block) C:\users\exoteric\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [{9386E25F-C7D3-4AC2-8695-4F6D7F42B3EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{115ACFB2-E127-433E-9D8F-DDC77BC58012}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F012BBEB-844A-423B-83DD-6B706152CD86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BFECD70-893C-4DF3-B610-7FA3BB374E77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{20063947-E4CD-4A7D-93A6-C332F5394CBE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{A8F7900E-2D96-461B-A409-85246F884749}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe No File
FirewallRules: [{0C883BE1-AD7F-4263-A1EE-9A44A4F1F998}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{82A7E122-E375-4524-AE50-B87F253C78A6}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{19EE1CCC-9EE8-4B6F-8749-4CDF195C433B}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{899B8CCE-C2D0-4E97-A486-AE0A1B28AAF8}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{3B3AD2D8-D292-4360-AC17-15E3F59BE1CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{71C5ACC2-0CFD-4709-8634-DA41A8F4D491}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{C2990D94-B1D2-489E-BFDB-E75CDC59DB3D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7F97F4B9-72FD-4D05-8BDE-0DBF741E0039}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{F17A9DD2-1D5E-4A65-BACE-05142BF8651B}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [TCP Query User{200D3CA2-0A7B-41C0-949A-4AC6228F7E8C}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [{06EB51BB-832A-4E68-B86A-368E84C15156}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [File not signed]
FirewallRules: [{81A38C13-2D85-4E9C-8BBC-D4EF6A8BCEA0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe () [File not signed]
FirewallRules: [{AF8D5D09-688E-41ED-A4DC-8F8394702595}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{44E633ED-A5E4-4189-92CE-6D85A2B4ED3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{03D86EAC-03ED-4076-B828-3BA48E117B28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{196EA9D6-8576-4FFA-88B6-A987F21D1E94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{AB344E04-6B37-4D6C-A832-5D585D147339}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe No File
FirewallRules: [{45C4C308-C623-4919-BCFD-C3DEA64382F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe No File
FirewallRules: [{7B99E7FD-F722-49F9-9442-A2E3ACA0B2E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe No File
FirewallRules: [{DC9B931E-0F4D-427C-8C23-F65D2A36FEA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe No File
FirewallRules: [{4CD3A7DC-8CCF-4030-B372-45A51161D73F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{D3E7A001-2E33-48BA-B699-99806B2E20C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{E1862BB8-6437-422F-9C2D-7D4D9C19092F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{864F6A6D-139C-4EC4-9057-8473EC68EA72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{509EA2FB-74E7-4E1F-9D0F-4103F336F601}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{607EEA42-8D96-4944-BABD-D2D6F497C18D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{2C4866CE-5152-4A7B-8BF8-B9AD08C8F2FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{E2F9CDBB-0421-42B3-BB4C-F632F81BE322}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{C66C5AA4-52A2-446F-873C-3ADB4166BE0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{16C0ACC4-5FA2-495C-94C9-5DD2FC32623C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{E3E95439-003C-43BB-AC1F-CB634469E208}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{856A834A-52F3-4FC7-9424-95EA7A03A4BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{3EF9B14F-0DC6-4CB6-82C9-CA150573D997}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe No File
FirewallRules: [{33AD1B29-DA14-4E34-B040-069D13757B62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe No File
FirewallRules: [{DDF0C458-F256-422B-A640-644A3117FD2B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe No File
FirewallRules: [{63693630-121A-45DD-A3A4-95D062C5A474}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe No File
FirewallRules: [UDP Query User{A11F7DAF-CB1E-416A-A070-E65EEEB36A92}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe No File
FirewallRules: [TCP Query User{9D84EEBB-C8EE-4017-8BBB-CF255868C77C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe No File
FirewallRules: [UDP Query User{B79B1034-134F-458F-AF67-BEBE582C5CE5}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe No File
FirewallRules: [TCP Query User{56F7164A-7968-4BD7-878D-C3E6A9F55EBA}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe No File
FirewallRules: [UDP Query User{AFD8DB59-E3C2-4CB1-8A22-042C5AC4073F}C:\users\exoteric\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\exoteric\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{602D48A3-604C-4D42-8D14-1A25E0B37094}C:\users\exoteric\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\exoteric\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{408C1A6C-D089-43C5-B7A4-F45C55EB8518}C:\program files (x86)\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe No File
FirewallRules: [TCP Query User{245C7BFB-A5FD-4D78-ADB4-85E9D1D4B10C}C:\program files (x86)\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sword with sauce alpha\swordwithsauce\binaries\win64\swordwithsauce-win64-shipping.exe No File
FirewallRules: [{1E1348A9-85C0-4579-9822-695732653A77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAID World War II Beta\raid_win64_d3d9_release.exe No File
FirewallRules: [{0FC37D6B-F614-48AD-9442-050A17114E2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RAID World War II Beta\raid_win64_d3d9_release.exe No File
FirewallRules: [{AA6952E7-FCAB-4A20-A13E-65DA53F262EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheMonsterInside\The Monster Inside.exe () [File not signed]
FirewallRules: [{C81DEAA5-6C88-4E19-BC64-4B31C8260876}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheMonsterInside\The Monster Inside.exe () [File not signed]
FirewallRules: [{F950294C-F374-451E-9975-5ADA8DB84751}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4C2524BC-CFBA-4E75-92C7-E3583012C8ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{72E61E2E-7244-4FC6-9BCE-6C9443594C81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DF0FA52D-FC66-46BC-94C8-967C4F544049}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{81CC2810-3209-4EFC-8506-3FE5AB007A22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{0857880B-09AB-41E3-8DB0-0305BA704846}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{54354360-1180-4D08-9C0B-BCF07351D6E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7332A947-EA38-4065-A5BA-15811F1658ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9130AB47-71FA-4217-9BFA-C68E36E4FC9E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{07B6CCBC-B3A9-43A2-B452-0E618FB7EB3D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5A3FF9C2-575F-413F-8E6F-06A40DCC86F3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5AC48E47-5C06-485D-B971-83B0DE28629A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe No File
FirewallRules: [{7C71BEC2-AD61-4B48-844C-604F37929C7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe No File
FirewallRules: [{22776D6F-2BCE-419C-9E2F-10B4D35B2C7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe No File
FirewallRules: [{76712135-049E-489C-BE87-C177A64EEAEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe No File
FirewallRules: [{2AA47DC6-EDE9-4C3B-8462-A9C1F2378FD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Governor of poker 3\GOP3.exe () [File not signed]
FirewallRules: [{2F31B1D6-DE99-4F67-B187-39494B88A800}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Governor of poker 3\GOP3.exe () [File not signed]
FirewallRules: [TCP Query User{5BD4977C-0EF8-440D-86A0-EA21C0BD4C43}C:\users\exoteric\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\exoteric\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{5E8154AC-AA3D-4A1F-AC9A-3345045AFF79}C:\users\exoteric\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\exoteric\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{44C96CF7-46B3-41E6-83F1-DB04C9DDF8AF}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe No File
FirewallRules: [UDP Query User{8E6C85CF-8C39-4B3D-A8F2-3C81ED19C1DB}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe No File
FirewallRules: [{E2BC3526-CA9C-4A4E-93B5-42C0E1418E73}] => (Block) C:\program files (x86)\overwatch\overwatch.exe No File
FirewallRules: [{1759215A-3667-4DAB-9359-2378F82C9625}] => (Block) C:\program files (x86)\overwatch\overwatch.exe No File
FirewallRules: [{5C674757-4101-409F-BD8B-ED877A712FAD}] => (Block) C:\users\exoteric\appdata\local\popcorn-time\popcorn-time.exe No File
FirewallRules: [{F0C5B45F-4348-4D11-9E85-FC21C8E6D0AE}] => (Block) C:\users\exoteric\appdata\local\popcorn-time\popcorn-time.exe No File
FirewallRules: [TCP Query User{A7EB010B-5FC8-458B-ACB6-62641E7DC0FA}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe No File
FirewallRules: [UDP Query User{2741ABD3-3ED5-49A0-90A1-2748233E5D03}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe No File
FirewallRules: [{D24BFDD0-7557-4F4C-9D7F-B55A31B5472C}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe No File
FirewallRules: [{16E0B33A-091C-4BEC-9085-50CFA697C7D2}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe No File
FirewallRules: [{C1EBF531-82DC-4B23-9D29-7F036EA89B61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Chess\Chess.exe (BlueLine Game Studios) [File not signed]
FirewallRules: [{55980D29-3191-4CCD-8D5D-0C9F516C1488}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Chess\Chess.exe (BlueLine Game Studios) [File not signed]
FirewallRules: [TCP Query User{55463BC9-4FA7-40C7-BD79-29572EDC4BCD}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{316494D5-6705-444A-A2F0-2CF759E8904D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{88844DB4-A9BE-4DD5-8457-43DBECD7BA95}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{B71EE502-2705-453A-BECC-D4B57452831E}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [{47BD2EB4-EF59-4736-87E4-F8B82DA9A2AA}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [{0FDE69E9-DEAD-4D24-A5E7-94991539699D}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{A138F446-9919-4733-B677-923E08C18511}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{5EA00FA4-2751-4D34-9ECD-D24A7BD4C915}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [{A6371A33-7138-4E82-B1F1-5390C6E64BAF}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [{E57D4354-DA42-400C-BE29-AE808D7C3CD1}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{16939A67-C5C1-4864-B5AF-0BBB59FC0D33}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{3486965C-5D5B-476C-9926-BF99360F7FD5}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [{AD848F5A-32BA-421D-AFCE-B3148AAABD68}] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [{D108050D-3BEE-4FF2-91E3-3740E1DCBE09}] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [{A4D5E059-484F-4995-857E-1B74F512BD6F}] => (Allow) LPort=5354
FirewallRules: [{E085B168-7754-4A97-96E7-0A8F77773967}] => (Allow) LPort=5354
FirewallRules: [{BFC8B696-0D4D-42C8-9724-6C0D55D851AE}] => (Allow) LPort=5354
FirewallRules: [{040BCCC9-77A0-4E36-A824-7A4C609B608F}] => (Allow) LPort=5354
FirewallRules: [{963074D2-224F-475B-AB6C-78A4EB1C1417}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe No File
FirewallRules: [{D31C554A-5E62-4EBC-B902-33A718F64A4B}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe No File
FirewallRules: [{9271F3BD-A9A8-4747-BD4C-F05019344973}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe No File
FirewallRules: [{B35798C9-346E-4DB8-9884-7BF08A0A26AA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe No File
FirewallRules: [{2DE5634D-063B-4FF0-9269-0CE60CD0C675}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe No File
FirewallRules: [{4DEBB893-912D-4733-BE04-587C811234B4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe No File
FirewallRules: [{D8B50957-780A-4F29-A13D-4DDE03930492}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{F404FD7F-2C67-481C-8221-7605ABA562D2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{D39DDE75-6991-44FE-8E61-D7EDE80604AF}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe No File
FirewallRules: [TCP Query User{F875107A-A93E-4755-8550-C33F941CD298}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe No File
FirewallRules: [UDP Query User{1DEEFDED-CDF7-47F3-9743-B6752C9B07F3}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe No File
FirewallRules: [TCP Query User{A60D161D-FF22-4267-8157-CB1E5726CDE2}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe No File
FirewallRules: [UDP Query User{1B1897B1-4975-4BC4-922C-39526BC9EE6A}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe No File
FirewallRules: [TCP Query User{F02A60D1-4371-402B-855D-3FC0CBF751BD}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe No File
FirewallRules: [UDP Query User{2E7C3566-C712-4CAD-9064-8133BF15000D}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe No File
FirewallRules: [{A9F34C90-D48F-4AAF-8958-3AE1C2AB87D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed]
FirewallRules: [{5DF71322-ACFD-42FC-85B6-69A3B1EE5E34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed]
FirewallRules: [{6F75A229-0D4C-4217-B183-0ED2D20FDAE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGI Prologue\MGI Prologue\MGI.exe () [File not signed]
FirewallRules: [{8F5E7359-87E4-4267-889B-C8093407A4A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGI Prologue\MGI Prologue\MGI.exe () [File not signed]
FirewallRules: [{809E1939-A454-45D1-85A6-FED3CF12133F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pact with a witch\pact_with_a_witch.exe () [File not signed]
FirewallRules: [{05538885-61F6-438C-B0CD-ACD12DA4B561}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pact with a witch\pact_with_a_witch.exe () [File not signed]
FirewallRules: [{4D937C18-064C-4266-8F27-3A91D67E195C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Backrooms Game\The Backrooms Game.exe () [File not signed]
FirewallRules: [{5C348206-37FC-4CEC-9340-FDB76A8D8901}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Backrooms Game\The Backrooms Game.exe () [File not signed]
FirewallRules: [TCP Query User{382A268E-31C5-4537-B974-59493626A4ED}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{3E72FEA2-CFF0-47F1-B92F-2CE4C5BD7CB5}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{90B56808-C729-4F8D-B72F-923C57DAFB6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe No File
FirewallRules: [{B22DC0AC-DA91-4963-8B83-863C22028F2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe No File
FirewallRules: [TCP Query User{2CE56713-4017-4211-8025-21D11216B1A3}C:\program files (x86)\blizzard app\battle.net.exe] => (Allow) C:\program files (x86)\blizzard app\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{42240175-83AC-4DCA-B5B0-CBAE8AD66752}C:\program files (x86)\blizzard app\battle.net.exe] => (Allow) C:\program files (x86)\blizzard app\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{768B0D39-777B-4D5A-9E7E-19F822069E48}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{1E5D8CC7-73B5-40A9-8A49-4FF075D1392F}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{81494757-9605-495F-996A-2BA0AEB23B32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B47BB799-70CD-41B3-953B-5A82814E6254}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5ED26EB6-CF89-493E-9BCB-CB31708DE1B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0C49DA74-C49B-439B-B6C8-851D037C9290}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{98E42CEE-DED4-4E6E-A251-B5D44B416C00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{E9A2566F-E179-406F-93D8-8CD9E957DAF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{E614ECE8-FD63-4EF5-ABBD-0A8FC530A1FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{023DE19D-701E-408D-85B7-D1BE93345415}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B995A76-46DD-422F-913A-CBEAD70850A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E983550E-1E71-4CA5-9624-688194CED359}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C2B774C-CBFB-4F7F-8EE6-4C0DF32DAA63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C62602A6-7743-4508-B2DB-93A2903742C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A23A5FD1-62F6-4B84-A315-C437B8F71F21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F6EDD216-44F5-401B-B6C7-F50AA6BF3D46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70AD7BED-B24E-4259-9C72-A50D1E010318}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{709A02E2-CD5D-43CC-AACD-3065A636ECB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{04450A40-3EC2-495A-AF7E-31DDA06CA8ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{DE436C17-8D3A-46D3-8A70-EDCB2717FEC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Santa's Rampage\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{CE9AB762-8ECB-4728-9E2D-E1C2A6BFF6F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{0D3410A3-D75D-4D1A-A7D6-568ADFEA0DD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{B7B10010-41C7-4582-AC61-26A1A475EBA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{20002FED-5CF0-4C03-840C-59E9D147328B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{22214BEF-F469-4C07-A8B9-1F778300F9E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E15D6A9F-8903-4C35-B464-649910C5388B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{418C7651-73C0-4815-A582-AE2EB9AFF734}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{316DA242-5316-4463-B631-C0078B3F5F3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F1FF247B-48CB-45D7-8DBD-C86AB4017FFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{D83BCFA5-057D-4669-B194-D33B64C712A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{BFEC0144-02D0-4608-8184-AE2ACCDCE5F2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

03-01-2020 18:49:53 Scheduled Checkpoint
11-01-2020 01:49:20 Installed DirectX
14-01-2020 19:02:58 Installed DirectX
18-01-2020 01:16:10 Checkpoint by HitmanPro

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (01/18/2020 02:46:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Aktivointikontekstin luonti kohteelle C:\Users\Exoteric\Downloads\esetsmartinstaller_enu.exe epäonnistui. Virhe resurssiluettelo- tai käytäntötiedoston  rivillä .
Sovelluksen edellyttämä osaversio on ristiriidassa jo aktiivisena olevan osaversion kanssa.
Ristiriitaiset osat:
Osa 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.592_none_e6c0b1911312be02.manifest.
Osa 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.592_none_2e6de868278ee708.manifest.

Error: (01/18/2020 02:44:17 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5244,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/18/2020 02:13:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1852,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/18/2020 01:34:06 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5104,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/18/2020 01:16:45 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14404,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/18/2020 01:16:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Salauspalvelut eivät voineet käsitellä OnIdentity()-kutsua järjestelmän kirjoitusobjektissa.

Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.

System Error:
Resurssien lataustoiminto ei löytänyt MUI-tiedostoa.
.

Error: (01/18/2020 01:16:10 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Aseman tilannevedospalvelun virhe: Odottamaton virhe kyseltäessä IVssWriterCallback-liittymää. hr = 0x80070005, Käyttö estetty.
.
Syynä ovat usein joko kirjoittaja- tai pyytäjäprosessin virheelliset suojausasetukset.

Toiminto:
   Kerätään kirjoitustoiminnon tietoja

Sijainti:
   Kirjoitustoiminnon luokkatunnus: {e8132975-6f93-4464-a53e-1050253ae220}
   Kirjoitustoiminnon nimi: System Writer
   Kirjoitustoiminnon esiintymän tunnus: {20bfb7d0-9f6e-443e-969d-ecde499ad24c}

Error: (01/18/2020 01:07:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Viallisen sovelluksen nimi: csgo.exe, versio: 0.0.0.0, aikaleima: 0x5dfc26fc
Viallisen moduulin nimi: unknown, versio: 0.0.0.0, aikaleima: 0x00000000
Poikkeuskoodi: 0xc0000005
Virhepoikkeama: 0x3dceac1b
Viallisen prosessin tunnus: 0x154c
Viallisen sovelluksen käynnistysaika: 0x01d5cd7bf526623d
Viallisen sovelluksen polku: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Viallisen moduulin polku: unknown
Raportin tunnus: bb333e56-789d-4bbc-859b-62037853179c
Viallisen paketin koko nimi:
Viallisen paketin suhteellinen sovellustunnus:

System errors:
=============
Error: (01/18/2020 01:17:54 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Palvelu HitmanPro38CrusaderBoot lopetettiin, koska ilmeni seuraava palvelukohtainen virhe:
Toiminto suoritettiin.

Error: (01/17/2020 11:17:46 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: BITS-palvelu ei käynnistynyt.  Virhe: 2147500053.

Error: (01/17/2020 11:17:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Palvelin {995C996E-D918-4A8C-A302-45719A6F4EA7} ei rekisteröitynyt DCOM:n  kanssa annetun ajan sisällä.

Error: (01/17/2020 11:17:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Palvelin {995C996E-D918-4A8C-A302-45719A6F4EA7} ei rekisteröitynyt DCOM:n  kanssa annetun ajan sisällä.

Error: (01/17/2020 11:17:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J61AMHV)
Description: Palvelin {38E441FB-3D16-422F-8750-B2DACEC5CEFC} ei rekisteröitynyt DCOM:n  kanssa annetun ajan sisällä.

Error: (01/17/2020 11:14:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Palvelu Software Protection on päättynyt odottamatta. Tämä on tapahtunut 2 kertaa. 300000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Restart the service.

Error: (01/17/2020 11:12:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Palvelu Software Protection on päättynyt odottamatta. Tämä on tapahtunut 1 kertaa. 120000 millisekunnin kuluttua suoritetaan seuraava korjaustoimi: Restart the service.

Error: (01/17/2020 10:14:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Palvelu Software Protection lopetettiin virheen takia. Virhe:
%%2285758504

Windows Defender:
===================================
Date: 2019-07-29 23:46:50.530
Description:
Kohteen Windows Defenderin virustentorjunta reaaliaikainen suojaus on kohdannut virheen ja epäonnistunut.
Toiminto: Toiminnan valvonta
Virhekoodi: 0x80508023
Virheen kuvaus: Ohjelma ei löytänyt haittaohjelmia tai muita mahdollisesti ei-toivottuja ohjelmia tästä laitteesta.
Syy: Haittaohjelmien torjunnan suojaustiedot ovat lakanneet toimimasta tuntemattomasta syystä. Joissakin tapauksissa palvelun uudelleenkäynnistäminen voi ratkaista ongelman.

CodeIntegrity:
===================================

Date: 2020-01-18 01:18:57.893
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-18 01:18:57.882
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-18 01:18:57.872
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-18 01:18:57.861
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-18 01:18:57.849
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-18 01:18:57.839
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-18 01:18:57.828
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-18 01:18:57.816
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1902 06/24/2016
Motherboard: ASUSTeK COMPUTER INC. Z170-A
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 31%
Total physical RAM: 16304.67 MB
Available physical RAM: 11155.87 MB
Total Virtual: 18736.67 MB
Available Virtual: 11037.25 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:446.39 GB) (Free:113.94 GB) NTFS

\\?\Volume{8b6c381a-6752-49c8-9ddd-1bd1b8f8bb06}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{d1c8e346-bd43-4937-86f6-18b5ed255d83}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 626C894A)

Partition: GPT.

==================== End of Addition.txt =======================


Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US