Jump to content

n65adserv.com


Recommended Posts

Hello,

    I have had Malwarebytes for a while and have had it detect many threats with no issues. However, my browsers have become infected by this particular web page. It is being blocked but I would prefer to remove it from the system for I do not know when it might cause damage. I have run the anti-rootkit software and run the system scans and have still have been unable to remove such. How can I get rid of it before it becomes a major issue?

Link to post
Share on other sites

Hello timothycovenant and welcome to Malwarebytes,

Continue with the following:

Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Protection Scroll to and make sure the following are selected:
    Scan for Rootkits
    Scan within Archives
     
  • Scroll further to Potential Threat Protection make sure the following are set as follows:
    Potentially Unwanted Programs (PUP`s) set as :- Always detect PUP`s (recommended)
    Potentially Unwanted Modifications (PUM`s) set as :- Alwaysdetect PUM`s (recommended)
     
  • Click on the Scan make sure Threat Scan is selected,
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.
    'Could not load DDA driver'
     
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab
  • If asked to restart your computer to complete the removal, please do so
  • When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more to retrieve the log.


To get the log from Malwarebytes do the following:
 
  • Click on the Reports tab > from main interface.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Please download Zemana AntiMalware and save it to your Desktop.
 
  • Install the program and once the installation is complete it will start automatically.
  • Without changing any options, press Scan to begin.
  • After the short scan is finished, if threats are detected press Next to remove them.
    Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please re-boot your computer manually.
     
  • Open Zemana AntiMalware again.
  • Click on user posted image icon and double click the latest report.
  • Now click File > Save As and choose your Desktop before pressing Save.
  • Attach saved report in your next message.


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those logs in your reply...

Thank you,

Kevin.
Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/22/17
Scan Time: 6:55 PM
Log File: 264f6f8a-b77c-11e7-9e5c-fcaa14935a20.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2018
Components Version: 1.0.212
Update Package Version: 1.0.3071
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Covenant-PC\Covenant

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 411823
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 2 min, 32 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

2017.10.22-19.04.46-i0-t92-d2.txt

Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/22/17
Scan Time: 6:55 PM
Log File: 264f6f8a-b77c-11e7-9e5c-fcaa14935a20.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2018
Components Version: 1.0.212
Update Package Version: 1.0.3071
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Covenant-PC\Covenant

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 411823
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 2 min, 32 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

# AdwCleaner 7.0.3.1 - Logfile created on Sun Oct 22 23:18:28 2017
# Updated on 2017/29/09 by Malwarebytes 
# Running on Windows 7 Ultimate (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Covenant\AppData\Local\Assistant


***** [ Files ] *****

Deleted: C:\END
Deleted: C:\Users\Covenant\AppData\Roaming\Microsoft\Windows\Start Menu\Youtube.lnk


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\SearchUrl|Default [http:\\www.safesear.ch\web\?type=20160824-155-sshome-ie-df&q={searchTerms}]
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1580 B] - [2017/10/22 23:17:52]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

----------------------------------------------------------------------------------------------------------------------------------------------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2017
Ran by Covenant (22-10-2017 19:24:51)
Running from C:\Users\Covenant\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-03-13 02:28:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3109899598-285666356-3721746433-500 - Administrator - Disabled)
Covenant (S-1-5-21-3109899598-285666356-3721746433-1000 - Administrator - Enabled) => C:\Users\Covenant
Guest (S-1-5-21-3109899598-285666356-3721746433-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.34 - GIGABYTE)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Active Directory Authentication Library for SQL Server (HKLM\...\{E646D196-A17B-4F14-BE7B-F774527FE5E0}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{44DC843A-C591-4064-BE1F-2BDC177AF50C}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Anime Studio Pro 6.0 (HKLM-x32\...\Anime Studio Pro_is1) (Version:  - Smith Micro Software, Inc.)
ANT Drivers Installer x64 (HKLM\...\{240AA00C-0F18-4496-9FAF-41BFA956655B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
Application Profiles (HKLM-x32\...\{F706E89E-A55A-CEA8-C608-287D9C659CDA}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Belkin USB Wireless Adapter (HKLM-x32\...\{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.13 - Belkin) Hidden
Belkin USB Wireless Adapter (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.13 - Belkin)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.3.0 - Canon Inc.)
Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{3BE011C0-F2D9-9F6B-25E1-587259644A94}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{6A69EDE3-D163-A85B-EFF5-B6BFD8EF5939}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{4F486CF2-F8AF-2DD4-BA15-82BD71BC3035}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{C3F79F99-C09E-7914-A9C4-BF1761285A06}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{08E3C0C2-26E9-9DDF-0FBD-A4A71C970D75}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{C6BC8342-0973-A829-D49F-8B3039E01D8F}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{9A4F2F48-9EC0-8AA0-AC80-1BD761537A1A}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{E8ED0DBD-DAC0-1BC5-87A7-5FC3BEAD33AB}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2802B62A-05D9-356B-9DB6-AFEE51E9EF5E}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2D92AB66-1EFA-8239-F226-53341E2BD245}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{27E4863C-0002-3B6A-2D7D-CF98C1019272}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{8E1F1F1A-38D8-DC76-FE6C-B8412AF9396D}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{4BD4B445-F149-D47E-006B-0B705152110D}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{D3376CD8-E366-C5F5-B9D1-2B8017C4F1C5}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{C8013991-2166-AFC4-B75B-7E58FBEF02AF}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{F97EB77D-3343-7A62-0E92-48D2A0D97ED6}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{10AF885E-F96E-2718-9CC7-3F4A32EA2316}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{3CB92C15-57A0-E469-1CE3-236BB1569F88}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{5F54D971-F27A-8666-B33D-B8CF0B81ED10}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{D9E8F7A4-5D65-FA27-F201-F5F0FD82D035}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{60821F44-17A1-0286-10E7-3FE3956D3B85}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{F8D60F8D-EB56-6785-5A3F-89AF111675B2}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{04E38C1D-A2B0-1419-8ACC-98B6FEAD2AE3}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{DCB70A99-1143-1A59-DC16-B5404742E80A}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{082B8683-4ED5-212D-33E6-7F0993292B6D}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{AE16A85A-BC40-63F6-6B70-F99ABB7D7742}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{167789D4-E6F4-B19F-6770-BFC20C3FC13D}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CBE7BA08-EAC5-DE2B-440F-F4D8BEB70AF0}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{0B3B12AC-956C-3D2B-E375-CA8A210A8B3C}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{58FB3574-D67D-234C-A59C-7B615651C274}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{7443BBA4-32DB-B648-5092-0C52676507CD}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{D9FD8784-6410-7DB7-C641-266AD8676284}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B3173724-EC46-4B89-6EDC-59032E1A3D2E}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{D519CA66-2A8D-EA88-7904-0ADF96FC975B}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{591B77CA-0AE6-A405-5A73-D5600D45F9E8}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{93A870AC-3B36-D648-7A45-547B4DA40315}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{267258CB-876B-958B-9214-D4924847C146}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{FB81D531-71CC-69A0-F776-95C2498492F0}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{31BA3CC8-6A73-126C-B424-16A56B64C75F}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{41698BE7-59FF-D322-610A-FBAE703917B7}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{203DA8C6-D37D-632D-6606-187E3BEAB254}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{E0110488-ACE4-B3B1-18F5-FA087ECFE73C}) (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
DC Universe Online Live (HKU\S-1-5-21-3109899598-285666356-3721746433-1000\...\DG0-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dotfuscator and Analytics Community Edition 5.19.1 (HKLM-x32\...\{2A7F99F6-88A4-4B44-B350-41C0B147A39C}) (Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Elevated Installer (HKLM-x32\...\{320C7CDF-4A4B-461B-9813-DE10727550CA}) (Version: 5.6.2.0 - Garmin Ltd or its subsidiaries) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.0.2051 - Foxit Software Inc.)
FreeCAD 0.16 - A free open source CAD system (HKLM\...\FreeCAD 0.16) (Version: 0.16.6700 - Juergen Riegel)
Garmin Express (HKLM-x32\...\{9aeca0eb-4419-4529-9931-5ff4b8a9b17c}) (Version: 5.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{54E23F88-007A-45D9-A0E2-AE0E8E37A9B0}) (Version: 5.6.2.0 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Git version 2.11.0 (HKLM\...\Git_is1) (Version: 2.11.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Malwarebytes version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, ZiraPro) (HKLM-x32\...\{C7CDC27F-0952-4DF1-9E41-B75140933BC6}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{9CED5D08-5664-4668-A927-CD6C60C4175D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (HKLM-x32\...\{948B5F49-A57E-46B4-9F1E-145D7A9E66D7}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{F6F8053F-D328-4ACA-93A1-A49E495899F2}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service RC0 (HKLM-x32\...\{1852BD30-570B-4E47-8752-461448E8E250}) (Version: 13.0.12000.52 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{D9F55D00-A8AB-4518-A56E-D9D5E615542A}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60311.1) (HKLM-x32\...\{28292CA9-8D65-4E37-95A3-753EEB38F122}) (Version: 14.0.60311.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM\...\{495CC0B4-D4C3-4D87-8317-F66BA48C5552}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM-x32\...\{3A87F9F2-D65D-4BA9-8459-E5BBE31EA64D}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{E02DF945-0531-4E5E-9C6B-2B660C0AE66D}) (Version: 2.8.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 2 (HKLM-x32\...\{04fa3a35-1f49-4510-8051-819cdc1e6e01}) (Version: 14.0.25123.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{13FE8B50-B340-4FDA-BB6E-AA1F5FAB8205}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT RC0 (HKLM-x32\...\{AB72EB1C-9CF4-4274-984D-5EDA8BF37A08}) (Version: 13.0.1100.286 - Microsoft Corporation)
Python 3.6.1 (32-bit) (HKU\S-1-5-21-3109899598-285666356-3721746433-1000\...\{1babc3bc-6a32-44f7-bf4d-60eec36c9ad1}) (Version: 3.6.1150.0 - Python Software Foundation)
Python 3.6.1 Add to Path (32-bit) (HKLM-x32\...\{ED8BD450-5015-4CB3-95B5-2D93F23E111B}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Core Interpreter (32-bit) (HKLM-x32\...\{E63E60CA-437B-4894-8395-81F2F66483B0}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Development Libraries (32-bit) (HKLM-x32\...\{3029D656-0C32-4AC9-84FB-A15056F356CC}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Documentation (32-bit) (HKLM-x32\...\{D1198C40-C6F5-4FFB-B98C-79BF1FE706C1}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Executables (32-bit) (HKLM-x32\...\{A7036382-80F1-4FC1-B244-D31AA50337F4}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 pip Bootstrap (32-bit) (HKLM-x32\...\{899F7F28-F6D3-4E5B-8FBE-F7929036172A}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Standard Library (32-bit) (HKLM-x32\...\{3BCCB89B-CD98-4F78-8436-78847FABFD68}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F6ED0771-FE83-4A1C-BE65-A06CB65B46D5}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Test Suite (32-bit) (HKLM-x32\...\{F44EF183-905E-48BB-998E-53FC99B36FE3}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Utility Scripts (32-bit) (HKLM-x32\...\{2AA7DAB3-6778-42A7-9F33-22615234540E}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation)
Python Tools 2.2.3 for Visual Studio 2015 (HKLM-x32\...\{FDCEC41C-35DA-421C-A520-53D185BC43FA}) (Version: 2.2.40315.00 - Microsoft Corporation)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.26 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.)
Realtek Ethernet Controller  Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
RIFT (HKLM-x32\...\{D7A0A22A-C132-4B6F-8D68-67B95117DE93}) (Version: 1.0.0 - Trion Worlds, Inc.) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{263EF873-F5D0-3134-A962-356C21A3510F}) (Version: 14.0.25126 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SOLIDWORKS 2016 x64 Edition SP02 (HKLM\...\{768F3B65-1695-47B7-9002-B11400CB111D}) (Version: 24.120.50 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP02 (HKLM-x32\...\SolidWorks Installation Manager 20160-40200-1100-100) (Version: 24.2.0.50 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2016 SP02 x64 Edition (HKLM\...\{8537E059-C18B-4DE6-AED6-CD9B90240C35}) (Version: 24.20.50 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2016 x64 Edition SP02 (HKLM\...\{BCB9F00D-D23D-465C-B7BB-629900B7FF51}) (Version: 16.2.0030 - Dassault Systèmes SolidWorks Corp) Hidden
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
T.Flight Hotas drivers (HKLM-x32\...\{E08E6F77-E66C-47FC-8565-0AA3389D48C8}) (Version: 1.TFHT.2015 - Thrustmaster)
Team Explorer for Microsoft Visual Studio 2015 Update 2 (HKLM-x32\...\{7932CD6F-86D3-3EE4-8A02-B954404D1FFC}) (Version: 14.95.25118 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (HKLM-x32\...\{60890089-588B-4362-B9C5-A9C11D6E5DD1}) (Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{DD51688B-194A-4A10-83D8-40AD1D9954A1}) (Version: 1.8.30.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-3109899598-285666356-3721746433-1000\...\UnityWebPlayer) (Version: 5.3.4f1 - Unity Technologies ApS)
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{33952D66-D503-10CA-DD8E-E365C15EB4E0}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B048B812-32DE-3474-FA64-223B6A63AD47}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
VS Update core components (HKLM-x32\...\{6A878817-D626-305A-BE8D-94C93F70E27A}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-3) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-4) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-2) (Version: 1.0.54.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-3) (Version: 1.0.54.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-4) (Version: 1.0.54.0 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
XCom Long War EW Mod version 1.0 (HKLM-x32\...\{860C3266-65B9-4BF2-937A-1778483046B5}_is1) (Version: 1.0 - JohnnyLump)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
yWriter5 (HKLM-x32\...\yWriter5_is1) (Version:  - Spacejock Software)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Users\Covenant\Desktop\Zemana AntiMalware\ZAMShellExt64.dll [2017-10-22] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => G:\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => G:\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2016-12-23] (Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => G:\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Utilities\bin\x64\TxView.dll [2010-06-02] (Microsoft Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Users\Covenant\Desktop\Zemana AntiMalware\ZAMShellExt64.dll [2017-10-22] ()
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => G:\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => G:\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2016-12-23] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {027DE2FC-744A-44C1-9074-76F623D30990} - System32\Tasks\{99A900DF-8D6A-417B-B9EE-7C0CA6A692AD} => C:\Windows\system32\pcalua.exe -a "J:\SteamLibrary\steamapps\common\Fallout 3 goty\Fallout3 - Garden of Eden Creation Kit.exe" -d "J:\SteamLibrary\steamapps\common\Fallout 3 goty"
Task: {12D7905C-7D4A-4F8A-92DD-2A5F890150F6} - System32\Tasks\{AA8A38B7-13C7-4170-94ED-8D524C322528} => C:\Windows\system32\pcalua.exe -a D:\PLAYD2.EXE -d D:\
Task: {14ADD72B-6B24-450B-88F9-1960A38C7205} - System32\Tasks\{C03413E5-0E15-4061-B330-EC38B00B8050} => C:\Windows\system32\pcalua.exe -a C:\Users\Covenant\Downloads\Setup(1).exe -d C:\Users\Covenant\Downloads
Task: {3231464E-211A-495D-9C10-6C81C48ED683} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => G:\Visual Studio 2015\Common7\IDE\VSIXAutoUpdate.exe [2016-03-22] (Microsoft Corporation)
Task: {50540C76-A1DF-4CD4-B7A0-A4E58C7FE734} - System32\Tasks\{676219A2-B71C-43DB-9EA2-E19A13486E77} => J:\SteamLibrary\steamapps\common\Fallout 3 goty\Fallout3.exe
Task: {5CFA1A14-6EF0-4F35-9051-F5183DE05229} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {6161EFBF-E1D5-42FB-982A-0AA2A2CF9175} - System32\Tasks\{EFF846B8-4D54-4AC5-9CE1-06C5A59C4575} => C:\Windows\system32\pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {68FBB0E0-9B3A-438B-A0A2-468A4A436D0B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16] (Adobe Systems Incorporated)
Task: {71B92948-B555-42EF-B1CA-81271059A54A} - System32\Tasks\{EE5C943E-C347-4500-B470-C60791AA983B} => J:\SteamLibrary\steamapps\common\Fallout 3 goty\Fallout3.exe
Task: {7894AC16-F653-41DD-A3A0-84B3AB6DEC27} - System32\Tasks\{062EF0FE-6E88-4A95-8FDD-9D39E68B3FD0} => C:\Windows\system32\pcalua.exe -a D:\display\DRIVERS\Installation\Setup.exe -d D:\display\DRIVERS\Installation
Task: {91FF90EF-0356-4AA5-8201-413622F48D3F} - System32\Tasks\{8AD6ED4A-3D80-4412-B5CD-72F69CBAED5A} => C:\Windows\system32\pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {93BBBEC4-BCF1-4267-9B0F-95DF9CDA8915} - System32\Tasks\{55D289DC-EBD7-45AD-B9A3-D8E96087487E} => G:\SteamLibrary\steamapps\common\Avorion\bin\Avorion.exe
Task: {99890A7D-5266-4F94-9FFD-1586A0042B7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12] (Google Inc.)
Task: {A3DAF292-916F-4659-B27F-664F694FE52E} - System32\Tasks\{6C983683-716F-4BD5-930A-6BCD275BB169} => J:\SteamLibrary\steamapps\common\Fallout 3 goty\Fallout3.exe
Task: {AC647E97-1028-41DF-9E75-52B0465F9244} - System32\Tasks\{059ECB71-6AEB-4453-9A69-124B05E8E0AE} => G:\SteamLibrary\steamapps\common\Avorion\bin\Avorion.exe
Task: {AF7592DA-A05F-4AF7-BDDC-B8DDC6C5EBE3} - System32\Tasks\{1D42C9C3-1540-4718-8CBD-4FF116FF008B} => J:\SteamLibrary\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
Task: {BD19D8D8-9092-4522-8507-8FBA0CFBD032} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
Task: {DFF54AF7-72AF-4A43-B5BB-3DBAFF2F57B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12] (Google Inc.)
Task: {E175E15F-5E94-49CE-A4AA-590249260711} - System32\Tasks\{2A15AEF8-4C5D-4646-84A8-62FEA92CA7DD} => J:\SteamLibrary\steamapps\common\Fallout 3 goty\FalloutLauncher.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-05-06 01:45 - 2015-05-06 01:45 - 000214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 11:08 - 2014-02-11 11:08 - 000817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 11:08 - 2014-02-11 11:08 - 003650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-05-06 01:45 - 2015-05-06 01:45 - 000127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-10-11 19:19 - 2014-05-15 19:25 - 000084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-07-19 18:09 - 2017-07-19 18:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-03-07 03:04 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-02-10 22:27 - 2016-02-10 22:27 - 000267672 _____ () C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldBodyDiffu.dll
2017-09-26 15:34 - 2017-09-21 03:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-26 15:34 - 2017-09-21 03:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-08-17 22:15 - 2017-08-17 22:15 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3109899598-285666356-3721746433-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Covenant\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8CF79774-29E7-4516-81B1-137AEDFE3F3B}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{46E53AED-0808-4067-ABE8-006EF7F8CC95}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9C46AAC0-1C9F-4573-B265-DCC0901DEDA5}] => (Allow) H:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{563EB453-2D4B-49E1-A4CC-49FCA7120751}] => (Allow) H:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D9FA0C28-20A9-4283-BE60-C3A1B699AC55}] => (Allow) E:0\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{29DA4915-43DC-4746-BD10-87883C6C58BB}] => (Allow) E:0\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [TCP Query User{846CF612-DFA2-41CC-867C-AB52A0B2D5BE}H:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
FirewallRules: [UDP Query User{7C6703F9-6557-4B5F-AE7B-5DEBDE2EC306}H:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
FirewallRules: [{11DA6AEE-56B5-48E5-8283-03CDE7CD55BB}] => (Allow) I:\SteamLibrary\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{CEB32BA4-4DB8-4C32-8B58-B72EB01C239C}] => (Allow) I:\SteamLibrary\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [TCP Query User{064343BC-A07A-40EE-B234-BC8739496DD0}E:0\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) E:0\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{6562A355-586B-4C3A-8B4B-DC4F48B08B8A}E:0\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) E:0\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{DD708AA7-B5C8-45A6-8028-4F8EA13B5664}] => (Allow) E:0\SteamLibrary\SteamApps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{41B16CF0-93FF-420B-AB8F-576D07D365DC}] => (Allow) E:0\SteamLibrary\SteamApps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{A2B64479-082F-45E2-A1A0-BDD08F7D4631}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\X3 Terran Conflict\X3AP.exe
FirewallRules: [{B838731F-1DDC-480F-936E-7788AA5DE1D6}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\X3 Terran Conflict\X3AP.exe
FirewallRules: [{660DAA29-30B4-4B4B-A790-DF53855C81A4}] => (Allow) E:0\SteamLibrary\SteamApps\common\MinerWars\MinerWars.exe
FirewallRules: [{21D3324A-7C00-46A5-95C1-C45D5EE03AF3}] => (Allow) E:0\SteamLibrary\SteamApps\common\MinerWars\MinerWars.exe
FirewallRules: [{12AAD23D-3359-4A9C-8842-47BC1184F4BF}] => (Allow) E:0\SteamLibrary\SteamApps\common\LogicBots\LogicBots.exe
FirewallRules: [{95332337-569E-4EE6-9068-1B08DF8515E6}] => (Allow) E:0\SteamLibrary\SteamApps\common\LogicBots\LogicBots.exe
FirewallRules: [TCP Query User{E0F169D4-9B5C-4745-B610-A2C5855D0FF0}G:\diablo iii\diablo iii.exe] => (Allow) G:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{D8F51B7A-0BEE-441F-A68F-CAD092AD815B}G:\diablo iii\diablo iii.exe] => (Allow) G:\diablo iii\diablo iii.exe
FirewallRules: [{257BCEBE-C561-4E2B-BED2-EC5EEA717D23}] => (Allow) E:0\SteamLibrary\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{E194CE7F-039F-4DE1-8842-981FDF1248BE}] => (Allow) E:0\SteamLibrary\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{FDCBEC02-6A69-46FC-B28A-A02CC49A32F7}] => (Allow) E:0\SteamLibrary\SteamApps\common\Interstellar Rift\Build\IR.exe
FirewallRules: [{9CB420A7-F712-41A8-86A7-89D14828DE62}] => (Allow) E:0\SteamLibrary\SteamApps\common\Interstellar Rift\Build\IR.exe
FirewallRules: [{E5854439-8AF1-4E49-8992-F037347812E8}] => (Allow) E:1\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{DF3F10E5-6E9B-45FC-B1CE-45230997AA8A}] => (Allow) E:1\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{CEA60991-9A6E-41E8-A413-5E7A3565B18D}] => (Allow) E:1\SteamLibrary\steamapps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{DDA7C400-06E0-46C0-AB7D-83A32E241EF5}] => (Allow) E:1\SteamLibrary\steamapps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{364C6463-C03B-420A-8C22-2E62E6172F5F}] => (Allow) E:1\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{53AFE36E-788A-40F4-9935-F01F8F46AD0D}] => (Allow) E:1\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{D84F3C0E-E6EB-4655-B417-58504A27254B}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Deus Ex\System\Revision.exe
FirewallRules: [TCP Query User{EECB39BC-500E-4CD0-A73B-B488E302EF09}E:1\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:1\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{A8ECE784-6F97-464C-91FC-CD7613FF458B}E:1\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:1\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{A51B620A-B541-430D-B590-E4C05E91D9FE}] => (Allow) E:1\SteamLibrary\steamapps\common\Factorio\bin\x64\Factorio.exe
FirewallRules: [{74009F9F-5FE3-4BD4-8883-94CE9BADF680}] => (Allow) E:1\SteamLibrary\steamapps\common\Factorio\bin\x64\Factorio.exe
FirewallRules: [{FD60F3E6-E405-4C2A-A9EE-26F901689394}] => (Allow) E:1\SteamLibrary\steamapps\common\The Mystery of a Lost Planet\Planet.exe
FirewallRules: [{016256B7-778B-49FF-8837-16DFE04BAF7B}] => (Allow) E:1\SteamLibrary\steamapps\common\The Mystery of a Lost Planet\Planet.exe
FirewallRules: [{E4F49A5F-D953-4602-8A88-25EF1EBB60DD}] => (Allow) E:0\SteamLibrary\SteamApps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{3FE9DDAA-9C06-4208-9FEF-B54E2CF0B9C6}] => (Allow) E:0\SteamLibrary\SteamApps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{C1740F42-CFCE-4DA7-9A49-9794993AFCC9}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{A0E060FF-906C-4BCC-8EE0-344753BD3436}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{E60902D4-C17F-4EBD-BC3A-A1A463403EB8}H:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
FirewallRules: [UDP Query User{A4E6AA4B-955C-492F-85E7-08CD57FA3BD3}H:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe
FirewallRules: [{F4D32678-C943-4F6D-B155-3883FA5CB6A1}] => (Allow) E:0\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7AD4C2BF-E044-4442-93EE-CD11F1D5F412}] => (Allow) E:0\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{825AFAC5-E918-48E9-B0A6-CA2E98EFAC89}] => (Allow) E:0\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{FBB55E0D-66BA-40F7-9CA6-4DF8493745CD}] => (Allow) E:0\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{A7390E95-FD9A-45BA-B703-864467E0089D}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{69C4D834-BF18-4B1E-8E97-111E747C5A17}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E1729746-B2D8-499B-B552-FA65411ADF6B}] => (Allow) C:\Program files (x86)\raidxpert2\apache\bin\httpd.exe
FirewallRules: [{03A8B162-9480-4CE1-98D0-CA026729B5B2}] => (Allow) E:0\SteamLibrary\SteamApps\common\InvisibleInc\invisibleinc.exe
FirewallRules: [{CC7B5901-0E89-4382-9FAF-C95F92A278A2}] => (Allow) E:0\SteamLibrary\SteamApps\common\InvisibleInc\invisibleinc.exe
FirewallRules: [{3759B6AD-DF88-44B0-85CA-A59DA01467E3}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\star trek online\Star Trek Online.exe
FirewallRules: [{5CB36B00-48AB-4C56-BD71-E26ACE9762DC}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\star trek online\Star Trek Online.exe
FirewallRules: [{D387367A-8C90-40D5-9CD9-0D27088F4F10}] => (Allow) E:0\SteamLibrary\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{AEA16522-F37E-418B-9F36-D9945424DCDB}] => (Allow) E:0\SteamLibrary\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{A80B9659-763E-4562-B67E-7D3B57C44E95}] => (Allow) E:0\SteamLibrary\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{103CC239-342C-43CF-800E-EEC05BD01743}] => (Allow) E:0\SteamLibrary\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{B81CEC93-88C6-4A42-9428-F3FA4270E539}] => (Allow) E:0\SteamLibrary\SteamApps\common\Empyrion - Galactic Survival\Empyrion.exe
FirewallRules: [{8D6B2AE6-9A57-4898-A281-2A9F71C42AE0}] => (Allow) E:0\SteamLibrary\SteamApps\common\Empyrion - Galactic Survival\Empyrion.exe
FirewallRules: [{30476428-D37C-4C80-8559-BC3A04292256}] => (Allow) E:0\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{331B974B-9FFC-42C8-A950-094FB0E7AE99}] => (Allow) E:0\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{DE74F6BD-2D7C-40AB-961D-8F124A257191}] => (Allow) E:0\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{14B48905-C3B0-4DF0-9E5A-5D0F6674F5A0}] => (Allow) E:0\SteamLibrary\SteamApps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{1BA9F6C7-C2C5-4EC3-A191-3A6CB7A9CE43}] => (Allow) E:0\SteamLibrary\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{4EA59333-9CB7-4083-802F-DAF294ACBCF0}] => (Allow) E:0\SteamLibrary\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{EF856769-1FB1-4A2B-BC04-F1B0896A687F}] => (Allow) E:0\SteamLibrary\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{F99E86C4-2C70-49AF-A248-204E5A075926}] => (Allow) E:0\SteamLibrary\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{F82AD078-7AA5-43F0-8336-4110DE91DB6E}] => (Allow) G:\Visual Studio 2015\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{025DB0F1-447C-4F76-A8AA-640DE7996652}C:\program files (x86)\microsoft directx sdk (june 2010)\utilities\bin\x86\audconsole3.exe] => (Block) C:\program files (x86)\microsoft directx sdk (june 2010)\utilities\bin\x86\audconsole3.exe
FirewallRules: [UDP Query User{9284A00A-45E0-42D2-92DD-A65EC139E382}C:\program files (x86)\microsoft directx sdk (june 2010)\utilities\bin\x86\audconsole3.exe] => (Block) C:\program files (x86)\microsoft directx sdk (june 2010)\utilities\bin\x86\audconsole3.exe
FirewallRules: [TCP Query User{9A4BE1B6-D909-40B1-95F9-787A5A8ED11B}G:\diablo iii\diablo iii.exe] => (Allow) G:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{4C4A8867-EAC2-4116-BFA2-FC2940B13211}G:\diablo iii\diablo iii.exe] => (Allow) G:\diablo iii\diablo iii.exe
FirewallRules: [{57A5DF57-954B-4CC6-A297-6933B6356F23}] => (Allow) E:0\SteamLibrary\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{54918C13-0C9C-4CAA-8DF6-EECA4DDABFD5}] => (Allow) E:0\SteamLibrary\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{4E94DD60-F324-4907-95AC-6B0F3B2AF737}] => (Allow) G:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{56E37889-BD3F-4E61-BD9F-B67E87A8EA00}] => (Allow) G:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{B2DC2A61-4AC3-446A-9200-1A8E5DBF732F}] => (Allow) G:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{20D5ADE7-AF8A-4479-8BE3-EE4CE489CA92}] => (Allow) G:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{12A3F7B2-B3F7-434A-85AE-D508DFB8C518}] => (Allow) J:\SteamLibrary\steamapps\common\Naval Action\Client.exe
FirewallRules: [{368D13D7-141D-4812-9F0F-66A0E065DDE8}] => (Allow) J:\SteamLibrary\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{8473DB9D-A5C3-48E9-8736-3D45E6C44AAB}] => (Allow) J:\SteamLibrary\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{F3BCCEAD-DC02-4B8B-B15A-A268EA853177}] => (Allow) E:1\SteamLibrary\steamapps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{C7460B2E-F309-4B5C-8983-E141AA652166}] => (Allow) E:1\SteamLibrary\steamapps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{259717A3-C37E-41FF-9B63-77D4583AE34B}] => (Allow) E:1\SteamLibrary\steamapps\common\Evochron Legacy\EvochronLegacy.exe
FirewallRules: [{EA0163FF-F051-452C-9F00-CF18EE3F587C}] => (Allow) E:1\SteamLibrary\steamapps\common\Evochron Legacy\EvochronLegacy.exe
FirewallRules: [{20B8D08A-2AAB-403F-9553-E34B4192D8B1}] => (Allow) E:0\SteamLibrary\SteamApps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{E48C3D32-EA3D-478F-8C2E-6E84B0434E70}] => (Allow) E:0\SteamLibrary\SteamApps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{2B9D99E8-B03A-4033-9859-3DA35282C91A}] => (Allow) E:1\SteamLibrary\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{F8041AB2-2567-4B3C-92D9-872F26D2A447}] => (Allow) E:1\SteamLibrary\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{8BC8420B-37AA-42C4-AACA-21F7A967FEE6}] => (Allow) E:0\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{9C247F0E-F8D8-4516-AD91-2F3C70434860}] => (Allow) E:0\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{965ED780-5A27-495E-846E-DCE29E8A0F20}] => (Allow) E:0\SteamLibrary\SteamApps\common\FortressCraft\64\FC_64.exe
FirewallRules: [{3C431B6E-FF96-43D8-BA84-74DDC96766F8}] => (Allow) E:0\SteamLibrary\SteamApps\common\FortressCraft\64\FC_64.exe
FirewallRules: [{C0494129-2F1A-4689-9BE7-A8F9B7ED41B3}] => (Allow) E:1\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{628D2E42-2B99-4406-8EC3-1A498BCEF4B6}] => (Allow) E:1\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{A26372C1-445A-4CDE-9B38-761476372EF1}] => (Allow) E:1\SteamLibrary\steamapps\common\Sirius Online\ExeFile.exe
FirewallRules: [{A9A9EFEF-57FB-4FC2-A746-34E74676CF3F}] => (Allow) E:1\SteamLibrary\steamapps\common\Sirius Online\ExeFile.exe
FirewallRules: [{FB2F8D6E-E1DB-4243-961F-77F2A5FE25F0}] => (Allow) E:1\SteamLibrary\steamapps\common\Factorio\bin\x64\Factorio.exe
FirewallRules: [{820DEA66-51B9-4D1A-B955-F4174C3397C5}] => (Allow) E:1\SteamLibrary\steamapps\common\Factorio\bin\x64\Factorio.exe
FirewallRules: [{6958D42A-E905-4CF8-9FBB-8AF68D125F68}] => (Allow) E:0\SteamLibrary\SteamApps\common\Kingdoms\Kingdoms.exe
FirewallRules: [{FEB60C08-6C6A-44BA-ADCA-3C1E662B91E7}] => (Allow) E:0\SteamLibrary\SteamApps\common\Kingdoms\Kingdoms.exe
FirewallRules: [{5CD5369D-0116-4E04-9999-1375138A3C56}] => (Allow) E:1\SteamLibrary\steamapps\common\Planetbase\Planetbase.exe
FirewallRules: [{AD22409B-66D9-4965-96AD-69CFF01C8AA3}] => (Allow) E:1\SteamLibrary\steamapps\common\Planetbase\Planetbase.exe
FirewallRules: [{7406B401-9177-4F8E-B909-BFE806DD6950}] => (Allow) E:1\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{1CD909A0-4034-4F80-816A-8E4235321A6D}] => (Allow) E:1\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{BD3C21D8-4A08-4239-9D22-A142BFAA7CAA}] => (Allow) E:0\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{97098E50-2794-4D9C-98E5-FA1E63D0DA84}] => (Allow) E:0\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{3BA771A7-ED6A-40A2-B55B-C268250ABCAE}] => (Allow) E:0\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{F83CBD2F-597B-469F-8083-17DBF0D3AA37}] => (Allow) E:0\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{84424B9D-545C-4D3C-990C-A48D911BB351}] => (Allow) E:0\SteamLibrary\SteamApps\common\LogicBots\LogicBots.exe
FirewallRules: [{C7BD3706-2846-440B-A658-92509291F5AB}] => (Allow) E:0\SteamLibrary\SteamApps\common\LogicBots\LogicBots.exe
FirewallRules: [{37752F3A-F6A2-4D56-AF7D-A9FF214708B0}] => (Allow) E:0\SteamLibrary\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
FirewallRules: [{82CC2827-F88D-4E4B-8B6B-12DB599044D3}] => (Allow) E:0\SteamLibrary\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
FirewallRules: [{79C5C59B-E659-417B-ADAA-54B61BB042F2}] => (Allow) E:0\SteamLibrary\SteamApps\common\Interstellar Rift\Build\IR.exe
FirewallRules: [{F70CAB6F-3F12-4F66-B18F-7E2DAD2A7999}] => (Allow) E:0\SteamLibrary\SteamApps\common\Interstellar Rift\Build\IR.exe
FirewallRules: [{6EE96A65-230B-4D64-A07F-92F6CE6D0827}] => (Allow) J:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{D4DB5416-9F35-4AB3-A7AC-29DEB4D16DA1}] => (Allow) J:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{1187FF94-1CD3-48FF-89D6-A634F5AFBB9D}] => (Allow) I:\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{14A29533-4D45-4CA6-861F-9B052C4672E2}] => (Allow) I:\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{062A9FB3-D8EB-4C36-9231-A382F468A73D}] => (Allow) I:\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{65E882DC-CA6F-4113-856C-160B0166ABC3}] => (Allow) I:\SteamLibrary\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{7EE06EBC-4F43-479B-8857-D12A2EE97D20}] => (Allow) J:\SteamLibrary\steamapps\common\Planetbase\Planetbase.exe
FirewallRules: [{5A542976-6EEF-4E95-81E2-837CFD3412CD}] => (Allow) J:\SteamLibrary\steamapps\common\Planetbase\Planetbase.exe
FirewallRules: [{6888974E-B010-48BD-8BA5-C2C18D22DE9C}] => (Allow) I:\SteamLibrary\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
FirewallRules: [{0F9086CA-65A6-4557-A3F0-0E4C1D21D7DE}] => (Allow) I:\SteamLibrary\SteamApps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
FirewallRules: [{BBA93FA3-DE5A-4AB9-BF5D-2F8EBF07F6D5}] => (Allow) I:\SteamLibrary\SteamApps\common\LogicBots\LogicBots.exe
FirewallRules: [{D3119DD3-15A6-472C-B1DD-2EA44D1B2E85}] => (Allow) I:\SteamLibrary\SteamApps\common\LogicBots\LogicBots.exe
FirewallRules: [{803F85D3-5A3F-449B-8CE5-AB7D93EB0670}] => (Allow) I:\SteamLibrary\SteamApps\common\Kingdoms\Kingdoms.exe
FirewallRules: [{AB0FD7A7-E6BE-4E2A-95EB-ED75244C9718}] => (Allow) I:\SteamLibrary\SteamApps\common\Kingdoms\Kingdoms.exe
FirewallRules: [{8086EEC2-B950-46AF-94CA-9E888849C408}] => (Allow) I:\SteamLibrary\SteamApps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{A0F7055D-A776-4835-8BF9-A88CC578B61A}] => (Allow) I:\SteamLibrary\SteamApps\common\From The Depths\From_The_Depths.exe
FirewallRules: [TCP Query User{92872A42-1702-40C9-A641-D81BA3BC8DAE}I:\steamlibrary\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) I:\steamlibrary\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{8C97A503-2487-4906-A5BC-BC4E8577150D}I:\steamlibrary\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) I:\steamlibrary\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{F954042D-6C84-47FE-B999-7C2C3793709F}] => (Allow) J:\SteamLibrary\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{D28B0EA9-C0DA-48AD-8C67-F65F7A8CC4BA}] => (Allow) J:\SteamLibrary\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{5F2C40D9-A8AB-4531-8475-9B3E581613BE}] => (Allow) I:\SteamLibrary\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{7BF83F49-01E3-45FA-AB33-D41B563715ED}] => (Allow) I:\SteamLibrary\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{068AE47A-181D-4BC6-868C-7A15D163ECA0}] => (Allow) I:\SteamLibrary\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{A072E021-67DD-45A7-A00A-7997EBC17466}] => (Allow) I:\SteamLibrary\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [TCP Query User{94EC18EE-E192-45AD-A293-8CAAA4D19DAC}J:\steamlibrary\steamapps\common\sirius online\exefile.exe] => (Allow) J:\steamlibrary\steamapps\common\sirius online\exefile.exe
FirewallRules: [UDP Query User{2A08C673-398E-4253-A7C1-BC486382495B}J:\steamlibrary\steamapps\common\sirius online\exefile.exe] => (Allow) J:\steamlibrary\steamapps\common\sirius online\exefile.exe
FirewallRules: [{4CC4D121-6773-4871-8575-4916A629DDD9}] => (Allow) I:\SteamLibrary\SteamApps\common\X3 Terran Conflict\X3TC.exe
FirewallRules: [{DAECB3BD-8779-46FE-8D0F-08A3307F8EB1}] => (Allow) I:\SteamLibrary\SteamApps\common\X3 Terran Conflict\X3TC.exe
FirewallRules: [TCP Query User{D81107CA-4CD0-447F-BF4E-8966C85BC481}H:\program files (x86)\steam\steamapps\common\landmark\landmark64.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\landmark\landmark64.exe
FirewallRules: [UDP Query User{57BC575C-EED3-4374-B500-5DF6F341BA97}H:\program files (x86)\steam\steamapps\common\landmark\landmark64.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\landmark\landmark64.exe
FirewallRules: [{6980092A-B996-45A5-AA13-4286F7664A14}] => (Allow) J:\SteamLibrary\steamapps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{FD594D78-EAD2-42BE-8113-3FA9E90642D7}] => (Allow) J:\SteamLibrary\steamapps\common\Stonehearth\Stonehearth.exe
FirewallRules: [TCP Query User{AAC30BFA-EAEB-4BA6-88EC-8D9A8190FC0E}H:\program files (x86)\steam\steamapps\common\spaceengineers\dedicatedserver64\spaceengineersdedicated.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\spaceengineers\dedicatedserver64\spaceengineersdedicated.exe
FirewallRules: [UDP Query User{93E99BFC-2B76-427F-8597-646AC7EBEC78}H:\program files (x86)\steam\steamapps\common\spaceengineers\dedicatedserver64\spaceengineersdedicated.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\spaceengineers\dedicatedserver64\spaceengineersdedicated.exe
FirewallRules: [TCP Query User{8410D56A-DB3F-46A4-B2C6-28D73D357613}I:\steamlibrary\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) I:\steamlibrary\steamapps\common\empyrion - galactic survival\empyrion.exe
FirewallRules: [UDP Query User{02114CDA-4F9D-4F90-BB75-11A1FD25A3B1}I:\steamlibrary\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) I:\steamlibrary\steamapps\common\empyrion - galactic survival\empyrion.exe
FirewallRules: [{67FD0791-6B5D-405C-84DF-28ECE15B4731}] => (Allow) J:\SteamLibrary\steamapps\common\Champions Online\Champions Online.exe
FirewallRules: [{62839B28-F3F7-46FB-A50F-BEA486864E3A}] => (Allow) J:\SteamLibrary\steamapps\common\Champions Online\Champions Online.exe
FirewallRules: [TCP Query User{860F7EAC-7435-4C1C-BAB5-302FABA68BD4}J:\steamlibrary\steamapps\common\champions online\champions online\live\gameclient.exe] => (Allow) J:\steamlibrary\steamapps\common\champions online\champions online\live\gameclient.exe
FirewallRules: [UDP Query User{0680D188-2374-4739-B52E-BF9AD485C90E}J:\steamlibrary\steamapps\common\champions online\champions online\live\gameclient.exe] => (Allow) J:\steamlibrary\steamapps\common\champions online\champions online\live\gameclient.exe
FirewallRules: [TCP Query User{B72C42F0-949C-4AE9-BF05-0C8114F77351}J:\dc_universe\unreal3\binaries\win32\dcgame.exe] => (Allow) J:\dc_universe\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{10391DB3-BCBE-42C5-9A36-DAF0AABC1DA9}J:\dc_universe\unreal3\binaries\win32\dcgame.exe] => (Allow) J:\dc_universe\unreal3\binaries\win32\dcgame.exe
FirewallRules: [{6BF66CBB-3740-45B6-84A4-961B5D6D3768}] => (Allow) J:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{D251E3D5-1C26-4EE4-9654-D5480E54A1C1}] => (Allow) J:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{869962CC-15D7-4EF7-B86F-284D52D36A29}] => (Allow) I:\SteamLibrary\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{3C1EBFA1-0FF1-4ED3-9207-83B573CBC29A}] => (Allow) I:\SteamLibrary\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{3990CF70-F694-422C-A98E-837DE15C3E42}] => (Allow) J:\SteamLibrary\steamapps\common\SimplePlanes\SimplePlanes.exe
FirewallRules: [{EA394CF6-DF6C-4381-ACCD-F8EFFAFE9E5F}] => (Allow) J:\SteamLibrary\steamapps\common\SimplePlanes\SimplePlanes.exe
FirewallRules: [TCP Query User{1C02D68B-859A-4064-BBC7-FAEA9D926FC2}H:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) H:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{97D8C39A-29AB-4F5D-B561-19660600E260}H:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) H:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{58E296A1-1F26-400E-9D9D-37916ED60A53}E:2\portal 2\portal2.exe] => (Allow) E:2\portal 2\portal2.exe
FirewallRules: [UDP Query User{8FA28EA5-637E-4182-A49B-9A5BCC311F8A}E:2\portal 2\portal2.exe] => (Allow) E:2\portal 2\portal2.exe
FirewallRules: [TCP Query User{7FA72263-A060-4961-8F1E-C2ACE5156BBA}L:\nox\game.exe] => (Allow) L:\nox\game.exe
FirewallRules: [UDP Query User{A8F629FA-A347-4AAF-8A7F-0C705F81F26C}L:\nox\game.exe] => (Allow) L:\nox\game.exe
FirewallRules: [{F9E07C59-B7E1-4E6B-B585-B30B9C04E42D}] => (Allow) J:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{E942066A-156B-46EC-9E4B-D45BB6480025}] => (Allow) J:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{3F15F972-1EB5-42CE-B1D0-AF329ACBA5CA}] => (Allow) J:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{455B790B-CC9F-44A3-9865-E3BCFCE8BEF2}] => (Allow) J:\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{C030012C-1768-4492-87F6-6836B179BA40}] => (Block) I:\steamlibrary\steamapps\common\divinity original sin enhanced edition\shipping\eocapp.exe
FirewallRules: [{B6AB4D72-017A-4B1B-BEBD-AE0D7CCA3DC0}] => (Block) I:\steamlibrary\steamapps\common\divinity original sin enhanced edition\shipping\eocapp.exe
FirewallRules: [{03C85560-DC45-46CB-9029-1B0447399D01}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{AB0B8EA2-70A4-4CD8-ADB1-7C4F89CBA08A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5C2EA185-98AE-4EF2-B38B-E975D5EC8835}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{090F48F1-3DB5-4942-B3F0-4487B214DF3A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{FBCD1FCE-D1E8-498D-BC04-A91840C65C5A}J:\steamlibrary\steamapps\common\unloved\unloved\binaries\win32\unloved-win32-shipping.exe] => (Allow) J:\steamlibrary\steamapps\common\unloved\unloved\binaries\win32\unloved-win32-shipping.exe
FirewallRules: [UDP Query User{5F444DDD-65CE-40ED-8458-92E128DF8511}J:\steamlibrary\steamapps\common\unloved\unloved\binaries\win32\unloved-win32-shipping.exe] => (Allow) J:\steamlibrary\steamapps\common\unloved\unloved\binaries\win32\unloved-win32-shipping.exe
FirewallRules: [{42B90632-FD63-4D78-8AB8-D99A37AE48D4}] => (Block) J:\steamlibrary\steamapps\common\unloved\unloved\binaries\win32\unloved-win32-shipping.exe
FirewallRules: [{E9BE7BDA-5D82-4E1A-B7BC-AC0627D66B74}] => (Block) J:\steamlibrary\steamapps\common\unloved\unloved\binaries\win32\unloved-win32-shipping.exe
FirewallRules: [TCP Query User{2A0CADC6-966E-4CDB-B209-9B7E7BCA312A}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [UDP Query User{C2CA5D69-1546-4C2D-AB39-AFBB6174949E}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [TCP Query User{5636AD82-9265-44B2-8A6B-F1CD37B5003F}I:\steamlibrary\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) I:\steamlibrary\steamapps\common\empyrion - galactic survival\empyrion.exe
FirewallRules: [UDP Query User{F9129F5D-4F28-4092-9849-8382D280B115}I:\steamlibrary\steamapps\common\empyrion - galactic survival\empyrion.exe] => (Allow) I:\steamlibrary\steamapps\common\empyrion - galactic survival\empyrion.exe
FirewallRules: [{AE406F42-2F2F-4ACC-83F3-B1907CE2C417}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{B9A35329-99E0-4799-9B27-3BDAFADF57E8}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{C92843CB-BB6B-4BE4-AC83-5032E2AC4CFD}J:\steamlibrary\steamapps\common\gauntlet\binaries\gauntlet.exe] => (Block) J:\steamlibrary\steamapps\common\gauntlet\binaries\gauntlet.exe
FirewallRules: [UDP Query User{8B99007D-B4EF-45DC-9E0A-A9B5ADF6E01D}J:\steamlibrary\steamapps\common\gauntlet\binaries\gauntlet.exe] => (Block) J:\steamlibrary\steamapps\common\gauntlet\binaries\gauntlet.exe
FirewallRules: [TCP Query User{CFA8A005-EB8D-489C-B6A3-0A2A71578C24}I:\steamlibrary\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) I:\steamlibrary\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{32E14827-CE1B-42A7-A739-9469114507E2}I:\steamlibrary\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) I:\steamlibrary\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{6FD99A1A-FB2D-4604-B03E-5AED5564FC01}H:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{4338A063-A518-4865-AEE8-C9662CC095B3}H:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [{D11D406A-86BB-4618-B673-173FB482FAF2}] => (Allow) I:\SteamLibrary\SteamApps\common\ContraptionMaker\ContraptionMaker.exe
FirewallRules: [{62E62F63-72F3-4D36-B0CA-A3DFE7C4C50B}] => (Allow) I:\SteamLibrary\SteamApps\common\ContraptionMaker\ContraptionMaker.exe
FirewallRules: [{230C1662-42B3-4924-B23A-3E618907430B}] => (Allow) J:\SteamLibrary\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{4FF852AF-3909-472D-8384-9D318E761C29}] => (Allow) J:\SteamLibrary\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{BFFC8064-0284-45D6-A541-6987BA862AE0}] => (Allow) J:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{1CAA1D4A-8C54-4DC9-A621-28903C687405}] => (Allow) J:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{8156352A-4877-4BDB-A242-54A0EEE29157}] => (Allow) H:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4935AF78-3BDB-460D-9F05-EEED2F465898}] => (Allow) H:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{9E4BFA4D-7BAD-425A-8F96-EC9DC397FF72}J:\steamlibrary\steamapps\common\sirius online\siriusonline.exe] => (Allow) J:\steamlibrary\steamapps\common\sirius online\siriusonline.exe
FirewallRules: [UDP Query User{3038BCFC-D5FC-4791-AB3E-DE56ECCB0EE6}J:\steamlibrary\steamapps\common\sirius online\siriusonline.exe] => (Allow) J:\steamlibrary\steamapps\common\sirius online\siriusonline.exe
FirewallRules: [{9E8A608A-0D0F-4615-82C9-0B405ED29555}] => (Block) J:\steamlibrary\steamapps\common\sirius online\siriusonline.exe
FirewallRules: [{5DC9D2C4-294F-4E00-B764-7547C793412C}] => (Block) J:\steamlibrary\steamapps\common\sirius online\siriusonline.exe
FirewallRules: [TCP Query User{BB02D2F2-CEFE-446D-A02D-E1B31209A298}G:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) G:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{FBC137B5-4C2B-4A71-9A5C-28F26C253D9C}G:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) G:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{7D4051BD-49A4-4F5F-A656-8B8748786DB4}C:\users\covenant\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\covenant\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{826E6797-15D1-4308-917C-390AD172F586}C:\users\covenant\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\covenant\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{57DC5B0E-B21F-429E-BBCE-360AB3CFEF64}] => (Block) C:\users\covenant\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{CD5AA8F0-E208-48B0-BD85-B6780F99E12F}] => (Block) C:\users\covenant\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{E16E67DE-B5EE-4653-9024-2F650E923BA3}] => (Allow) I:\SteamLibrary\SteamApps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{6129284F-34A3-4091-9CC6-9F807A2BA412}] => (Allow) I:\SteamLibrary\SteamApps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [TCP Query User{68DD94F6-9320-4DD7-8FC3-2A550A7828D4}G:\diablo iii\x64\diablo iii64.exe] => (Allow) G:\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{8532D498-C417-4041-8B29-4F20702B36B4}G:\diablo iii\x64\diablo iii64.exe] => (Allow) G:\diablo iii\x64\diablo iii64.exe
FirewallRules: [TCP Query User{CC71569A-2C62-4947-A3E4-39925813FBA2}C:\users\covenant\unity\editor\unity.exe] => (Block) C:\users\covenant\unity\editor\unity.exe
FirewallRules: [UDP Query User{DF5A6DEC-5B75-49F0-8E2E-27468FFA0183}C:\users\covenant\unity\editor\unity.exe] => (Block) C:\users\covenant\unity\editor\unity.exe
FirewallRules: [{B7BCF644-25AA-4798-A67B-93B6BC796351}] => (Allow) G:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{DFBC3E2F-2E57-49CA-95A3-806391D1E64E}] => (Allow) G:\SteamLibrary\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{21356C4A-4703-46C9-9E97-1369281AD113}] => (Allow) G:\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{28E49C3F-3E0C-49DF-9B5A-7E52D3970BE9}] => (Allow) G:\SteamLibrary\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [TCP Query User{10434555-6CC1-482B-8DB8-88D8CDB97BBA}G:\steamlibrary\steamapps\common\avorion\bin\avorionserver.exe] => (Allow) G:\steamlibrary\steamapps\common\avorion\bin\avorionserver.exe
FirewallRules: [UDP Query User{979966E4-4779-413E-AF97-278692BAA8CE}G:\steamlibrary\steamapps\common\avorion\bin\avorionserver.exe] => (Allow) G:\steamlibrary\steamapps\common\avorion\bin\avorionserver.exe
FirewallRules: [{99636503-6F90-46C3-BD8D-6FDD8FFB3B8F}] => (Allow) G:\SteamLibrary\steamapps\common\Industry Giant 2\ig2_AddOn.exe
FirewallRules: [{B9D24AAF-4C6F-4EB0-B74E-AD030A00D473}] => (Allow) G:\SteamLibrary\steamapps\common\Industry Giant 2\ig2_AddOn.exe
FirewallRules: [TCP Query User{8364DE87-72D9-4494-BBE3-5E9FF50AA82D}E:3\nox\game.exe] => (Block) E:3\nox\game.exe
FirewallRules: [UDP Query User{4DB5A9D5-6F68-48F6-B871-2E3660EBD7AC}E:3\nox\game.exe] => (Block) E:3\nox\game.exe
FirewallRules: [TCP Query User{708D14D9-1632-4AF7-AF07-233222F4A302}G:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) G:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{0E060D0D-8341-4608-A737-6DDA5C1BE200}G:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) G:\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [TCP Query User{EC3089C0-27D5-4161-AA6A-A600F3B32CD0}H:\program files (x86)\smith micro\poser 8\poser.exe] => (Allow) H:\program files (x86)\smith micro\poser 8\poser.exe
FirewallRules: [UDP Query User{92B572B3-369D-41E1-8609-9D6472910CB6}H:\program files (x86)\smith micro\poser 8\poser.exe] => (Allow) H:\program files (x86)\smith micro\poser 8\poser.exe
FirewallRules: [TCP Query User{B77A8361-E38B-445B-B67C-07BD11506C9B}M:\portal 2\portal2.exe] => (Block) M:\portal 2\portal2.exe
FirewallRules: [UDP Query User{2AE5E58A-1558-4BE1-AC53-9D16177DCFE0}M:\portal 2\portal2.exe] => (Block) M:\portal 2\portal2.exe
FirewallRules: [{6472B73E-E812-4ED7-9D09-44267D3AC1BB}] => (Allow) G:\SteamLibrary\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{F6F00D5D-9745-4325-9011-1A5EB19554E7}] => (Allow) G:\SteamLibrary\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{D4A3EC0B-6BDE-4AA9-AE99-6E3F27F49D7F}G:\steamlibrary\steamapps\common\war for the overworld\wftogame.exe] => (Block) G:\steamlibrary\steamapps\common\war for the overworld\wftogame.exe
FirewallRules: [UDP Query User{F093703E-32DC-4138-891D-F6E104C22DDA}G:\steamlibrary\steamapps\common\war for the overworld\wftogame.exe] => (Block) G:\steamlibrary\steamapps\common\war for the overworld\wftogame.exe
FirewallRules: [{1CA07DDF-EEC2-4F97-9613-EB8D58B893F2}] => (Allow) C:\Program Files (x86)\Realtek\RTL8185 Wireless LAN Utility\RtWLan.exe
FirewallRules: [{DB519CC5-11D4-4809-A34A-D30E62041AC5}] => (Allow) C:\Program Files (x86)\Realtek\RTL8185 Wireless LAN Utility\RtWLan.exe
FirewallRules: [{8026D4D2-B6B0-4DD6-B0E4-4BB17F82EDEE}] => (Allow) LPort=1542
FirewallRules: [{B6D7D4B9-FDF3-4F3E-9CC7-117F58F27D33}] => (Allow) LPort=1542
FirewallRules: [{E9568554-5DEB-4679-A198-CFCB4254CC43}] => (Allow) LPort=53
FirewallRules: [{5755801A-D761-4139-9726-7E1FCE0B42C6}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{4F793AA8-70D6-4B95-9544-FC389CF222EE}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [TCP Query User{4CA8FF25-E75C-48C8-8E74-8820C469FABA}H:\program files (x86)\skype\phone\skype.exe] => (Allow) H:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{56E00878-560B-4775-B85A-CB37EFAC400E}H:\program files (x86)\skype\phone\skype.exe] => (Allow) H:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B7F846A0-4019-4694-91AE-824BCAB7C99C}] => (Allow) I:\SteamLibrary\SteamApps\common\Kingdoms\News Tycoon.exe
FirewallRules: [{305299E0-67CE-4A2F-943F-9268BD019527}] => (Allow) I:\SteamLibrary\SteamApps\common\Kingdoms\News Tycoon.exe
FirewallRules: [{869231E9-F157-4C70-94AF-C2D2E568EF7B}] => (Allow) G:\SteamLibrary\steamapps\common\Offworld Trading Company\StardockLauncher.exe
FirewallRules: [{906B9D3E-DC71-4A4C-A107-335D5FE57F3C}] => (Allow) G:\SteamLibrary\steamapps\common\Offworld Trading Company\StardockLauncher.exe
FirewallRules: [TCP Query User{F5B37BA7-8462-435D-9395-FA69A0F7B330}G:\2017\left4dead\left4dead\l4d on krystal\left4dead.exe] => (Allow) G:\2017\left4dead\left4dead\l4d on krystal\left4dead.exe
FirewallRules: [UDP Query User{0023F6DC-A587-44B8-9511-C3C048325A79}G:\2017\left4dead\left4dead\l4d on krystal\left4dead.exe] => (Allow) G:\2017\left4dead\left4dead\l4d on krystal\left4dead.exe
FirewallRules: [TCP Query User{29149A73-7CE1-49A6-9204-CA7639FAA4DF}J:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) J:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{D0E8311A-84F8-4D28-81F2-092813218D47}J:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) J:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{C4FA9357-AD1D-402B-80BF-EFA8F111D2F3}] => (Allow) I:\SteamLibrary\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{985ACF5F-ADC1-42F3-B7FD-AFFC79BF0B19}] => (Allow) I:\SteamLibrary\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{E837ED62-F620-4621-9E27-775DEB37CDA6}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{E9905E6D-E86F-467E-BBF2-5EB2AD5867B0}] => (Allow) G:\SteamLibrary\steamapps\common\RIFT\riftpatchlive.exe
FirewallRules: [{5C373CAF-1744-4E3D-BE6B-799457657528}] => (Allow) I:\SteamLibrary\SteamApps\common\Interstellar Rift\Build\IR.exe
FirewallRules: [{1AB54468-135E-414E-B9B1-7A624923300B}] => (Allow) I:\SteamLibrary\SteamApps\common\Interstellar Rift\Build\IR.exe
FirewallRules: [{C016169B-CC09-4343-8452-043EA5990BD6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0FA803D1-FB70-4CAD-98B6-F65EBB823C52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5FEDA8E8-B75E-4224-A33E-DDAA583B1B07}] => (Allow) I:\SteamLibrary\SteamApps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{40C3B837-76E3-4A71-8811-02A770EC78C2}] => (Allow) I:\SteamLibrary\SteamApps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{D55FB351-04EE-4F87-996D-D8D436840FF0}] => (Allow) J:\SteamLibrary\steamapps\common\Naval Action\Client.exe
FirewallRules: [{40FF64EF-0127-4905-81EE-E5EB44B39B7D}] => (Allow) J:\SteamLibrary\steamapps\common\Naval Action\Client.exe
FirewallRules: [{EC4067F4-D27E-42EE-9884-4D8780009385}] => (Allow) J:\SteamLibrary\steamapps\common\Naval Action\Client_.exe
FirewallRules: [{93DC51B0-85BC-4865-89CA-FAA62093664D}] => (Allow) J:\SteamLibrary\steamapps\common\Naval Action\Client_.exe
FirewallRules: [{A6897C3D-E62E-43E3-B48B-77CE0D9A539A}] => (Allow) J:\SteamLibrary\steamapps\common\Naval Action\NavalActionCrashSender.exe
FirewallRules: [{A663928B-3140-4BB5-ACD4-A68C44181B8C}] => (Allow) J:\SteamLibrary\steamapps\common\Naval Action\NavalActionCrashSender.exe
FirewallRules: [{6E6ADF00-A264-4EDB-9A24-AAA0E389993D}] => (Allow) J:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{E6D137B8-71B2-4618-8D11-B29B65D5A129}] => (Allow) J:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{142E6502-D524-4ADD-B93B-801B16FA34F9}] => (Allow) I:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{E7BCA2B6-58A2-4EAD-963E-3541EC28823A}] => (Allow) I:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [TCP Query User{1F443E8D-4306-4224-B28D-4D4CE327D1BC}I:\steamlibrary\steamapps\common\starmade\dep\java\jre1.7.0_80\bin\javaw.exe] => (Allow) I:\steamlibrary\steamapps\common\starmade\dep\java\jre1.7.0_80\bin\javaw.exe
FirewallRules: [UDP Query User{18BD6D49-386D-455F-8829-642A57642692}I:\steamlibrary\steamapps\common\starmade\dep\java\jre1.7.0_80\bin\javaw.exe] => (Allow) I:\steamlibrary\steamapps\common\starmade\dep\java\jre1.7.0_80\bin\javaw.exe
FirewallRules: [{122E4C20-3A4F-41D8-A7C5-C80C9A0846AA}] => (Allow) G:\SteamLibrary\steamapps\common\Avorion\bin\Avorion.exe
FirewallRules: [{29B1EC21-8EB7-4FD8-BAE0-5736FD8C291B}] => (Allow) G:\SteamLibrary\steamapps\common\Avorion\bin\Avorion.exe
FirewallRules: [{D77DC128-1785-4C3C-A23F-E6B0A417466E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{28D82CE1-03DC-41DF-A8B9-0A18215DA60C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{67651B18-BBB9-4081-89AE-B12E09B16C58}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{E84F42EB-B7A1-42AB-9537-3AC49DCA3FFC}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{9D697FAF-2554-4C1A-BE49-460700221DF1}J:\steamlibrary\steamapps\common\avorion\bin\avorionserver.exe] => (Allow) J:\steamlibrary\steamapps\common\avorion\bin\avorionserver.exe
FirewallRules: [UDP Query User{34731448-A7B6-404A-8ACB-7710B6F34B96}J:\steamlibrary\steamapps\common\avorion\bin\avorionserver.exe] => (Allow) J:\steamlibrary\steamapps\common\avorion\bin\avorionserver.exe
FirewallRules: [{F868550A-57F1-4FF6-8CD4-68083C6AC3A7}] => (Allow) G:\SteamLibrary\steamapps\common\Deserts of Kharak\DesertsOfKharak64.exe
FirewallRules: [{D45E947A-895A-49DC-BF0A-68E88B3615EC}] => (Allow) G:\SteamLibrary\steamapps\common\Deserts of Kharak\DesertsOfKharak64.exe
FirewallRules: [{1760B5A4-286D-4A3E-9A2D-035D0AD050D7}] => (Allow) G:\SteamLibrary\steamapps\common\Deserts of Kharak\TechnicalManual\DoK_Manual.exe
FirewallRules: [{ED808C3B-8B6D-44D8-9EF6-2158EA2278C1}] => (Allow) G:\SteamLibrary\steamapps\common\Deserts of Kharak\TechnicalManual\DoK_Manual.exe
FirewallRules: [TCP Query User{A4C4AF44-4794-4A0F-9C45-365CA4FF776D}I:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) I:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{964CF8D1-BC6D-49BA-9FAF-7D15ED88191B}I:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) I:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{6B0B7AA3-BBC4-4DF7-BF6D-F2FD127A02A3}] => (Allow) I:\SteamLibrary\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{80C0D592-CFB3-46B9-9D98-A3055E6EC507}] => (Allow) I:\SteamLibrary\SteamApps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{52E085DA-EF14-4ABD-A3F0-4D737A515C6C}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Deus Ex\Revision\System\Revision.exe
FirewallRules: [{5E190CA5-DF48-44C6-8F1F-90BF0A248CAB}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Deus Ex\Revision\System\Revision.exe
FirewallRules: [{666D8C5D-F316-438A-B7F1-10E8E35ACE5D}] => (Allow) J:\SteamLibrary\steamapps\common\DCSWorld\Run.exe
FirewallRules: [{CB63AB5D-EA68-413B-9B20-B2D6D9EA8176}] => (Allow) J:\SteamLibrary\steamapps\common\DCSWorld\Run.exe
FirewallRules: [TCP Query User{A74738D6-5C54-4A46-91EF-A96821E2BBF4}C:\program files (x86)\java\jre1.8.0_121\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\java.exe
FirewallRules: [UDP Query User{84BF0D73-FA14-4D7D-B9FA-360635E22A3A}C:\program files (x86)\java\jre1.8.0_121\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\java.exe
FirewallRules: [{3B8AC5C4-0FD5-49F7-A3B7-72ED2329F916}] => (Allow) J:\SteamLibrary\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{765988C8-0AE2-4C8A-909B-7070C4C8DFAD}] => (Allow) J:\SteamLibrary\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{B0A9CFC5-B81C-4B76-B353-B99A1DC2E5C1}] => (Allow) J:\SteamLibrary\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{A95B7A52-9247-464D-B8C9-7C799578EECD}] => (Allow) J:\SteamLibrary\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{13D6713C-B0DB-4839-BD09-9E789BDFF6F5}] => (Allow) J:\SteamLibrary\steamapps\common\Interstellar Transport Company\Interstellar_Transport_Company_win64.exe
FirewallRules: [{943AFF10-19A8-49A2-A8F1-B41253FE47E1}] => (Allow) J:\SteamLibrary\steamapps\common\Interstellar Transport Company\Interstellar_Transport_Company_win64.exe
FirewallRules: [TCP Query User{69B0D742-96BD-4569-A85C-4479350C55B5}I:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Block) I:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [UDP Query User{86455E04-8998-4B71-AF42-A64B58F62900}I:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe] => (Block) I:\steamlibrary\steamapps\common\7 days to die\7daystodie.exe
FirewallRules: [{B3F211B4-E53E-4FE1-B373-85C52FEF3052}] => (Allow) J:\SteamLibrary\steamapps\common\UNLOVED\Unloved.exe
FirewallRules: [{D24CA961-443C-44C8-8031-F813C660A736}] => (Allow) J:\SteamLibrary\steamapps\common\UNLOVED\Unloved.exe
FirewallRules: [{86DBF3A7-B07D-48CF-A8F2-5A15A9BD6BE6}] => (Allow) J:\SteamLibrary\steamapps\common\Infinifactory\infinifactory.exe
FirewallRules: [{4B0E2C4C-F796-4DC4-A5F9-0E9D08DEFE6A}] => (Allow) J:\SteamLibrary\steamapps\common\Infinifactory\infinifactory.exe
FirewallRules: [{40977EA4-3DDB-4156-B5F8-D2B4D5EF918A}] => (Allow) J:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe
FirewallRules: [{B2FC646B-21E9-41BA-831D-B543DA9A7CB6}] => (Allow) J:\SteamLibrary\steamapps\common\Wolcen\win_x64\Wolcen.exe
FirewallRules: [{A619B774-EBC7-47F2-9555-64A815DC9AB2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{44BD9973-87CE-4FFB-952A-0780BB9B5740}] => (Allow) J:\SteamLibrary\steamapps\common\Avorion\bin\Avorion.exe
FirewallRules: [{D202D3FD-6C41-4D48-8CE7-6B7222C0754B}] => (Allow) J:\SteamLibrary\steamapps\common\Avorion\bin\Avorion.exe
FirewallRules: [{3A9CBB04-3D91-4241-B778-5680F99FCF51}] => (Allow) I:\SteamLibrary\SteamApps\common\Interstellar Rift\Build\IR.exe
FirewallRules: [{0B313CE2-C032-42E8-BD77-1BF5D3900FCD}] => (Allow) I:\SteamLibrary\SteamApps\common\Interstellar Rift\Build\IR.exe
FirewallRules: [{4339A7A3-FF0B-411D-8F8F-A4B5E45EEE18}] => (Allow) J:\SteamLibrary\steamapps\common\Starship Corporation\StarshipCorporation.exe
FirewallRules: [{5C5BD793-7E8B-4FA7-B3F2-7DA2C6B91894}] => (Allow) J:\SteamLibrary\steamapps\common\Starship Corporation\StarshipCorporation.exe
FirewallRules: [{7CC2E158-B593-4C10-A2B3-030C8B74E749}] => (Allow) J:\SteamLibrary\steamapps\common\Endless Sky\EndlessSky.exe
FirewallRules: [{CF7686DD-DC97-4340-9B29-2BAC55916CDB}] => (Allow) J:\SteamLibrary\steamapps\common\Endless Sky\EndlessSky.exe
FirewallRules: [{2CA25CAF-3D76-40EA-8645-C43F4E6937A4}] => (Allow) I:\SteamLibrary\SteamApps\common\Automation\WindowsNoEditor\AutomationGame.exe
FirewallRules: [{54A19B33-3155-4367-9796-523D7971DB97}] => (Allow) I:\SteamLibrary\SteamApps\common\Automation\WindowsNoEditor\AutomationGame.exe
FirewallRules: [{93966E61-EE7A-4042-8BA8-DF01B13659DE}] => (Allow) J:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{DD014BBF-AB4A-4786-BA8B-A87BCDBE794B}] => (Allow) J:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [TCP Query User{6076989F-3A4F-420C-91D5-C66CB45ABE91}H:\program files (x86)\gstarcad2011standard\icad.exe] => (Allow) H:\program files (x86)\gstarcad2011standard\icad.exe
FirewallRules: [UDP Query User{AB46D08E-3596-4B68-AC58-38A2DABF08D2}H:\program files (x86)\gstarcad2011standard\icad.exe] => (Allow) H:\program files (x86)\gstarcad2011standard\icad.exe
FirewallRules: [{12B67704-5BB1-4D67-A09D-FA77B99C29CA}] => (Allow) J:\SteamLibrary\steamapps\common\Celestial Command\CelestialCommand.exe
FirewallRules: [{CF4B30B2-2651-4F52-A036-9CD9DAF1CC62}] => (Allow) J:\SteamLibrary\steamapps\common\Celestial Command\CelestialCommand.exe
FirewallRules: [{BD28C906-CB1D-4FF0-B962-6DFEDF24CB68}] => (Allow) I:\SteamLibrary\SteamApps\common\Automation\WindowsNoEditor\AutomationGame\Binaries\Win64\AutomationGame-Win64-Shipping.exe
FirewallRules: [{3A38B966-7D1A-4F13-BDBF-0669AE695076}] => (Allow) I:\SteamLibrary\SteamApps\common\Automation\WindowsNoEditor\AutomationGame\Binaries\Win64\AutomationGame-Win64-Shipping.exe
FirewallRules: [{3E9EA526-AAE1-47FB-8E6A-5082B6C79EF6}] => (Allow) J:\SteamLibrary\steamapps\common\DCSWorld\bin\DCS.exe
FirewallRules: [{2062725F-43EA-4FF2-B542-D58C3E923A57}] => (Allow) J:\SteamLibrary\steamapps\common\DCSWorld\bin\DCS.exe
FirewallRules: [{DA21BE6A-9887-482D-8934-0DF17BB96C40}] => (Allow) J:\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [{5D56BCC3-C8FC-46A3-9E5B-C91812174B92}] => (Allow) J:\SteamLibrary\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe
FirewallRules: [TCP Query User{A49223F1-3236-4DEA-976A-8173F6F46A89}J:\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) J:\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe
FirewallRules: [UDP Query User{F76F62A7-8D54-4908-BA52-B112B723CCBD}J:\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe] => (Allow) J:\steamlibrary\steamapps\common\divinity original sin 2\bin\eocapp.exe

==================== Restore Points =========================

07-02-2016 20:00:11 Windows Backup
10-02-2016 00:53:22 Removed Apple Software Update
10-02-2016 00:55:39 Configured 3TB+Unlock B11.0411.1
14-02-2016 20:00:44 Windows Backup
17-02-2016 05:05:57 Windows Update
21-02-2016 20:00:37 Windows Backup
25-02-2016 03:43:57 Windows Update
28-02-2016 20:00:39 Windows Backup
01-03-2016 02:25:20 Installed DirectX
06-03-2016 20:00:42 Windows Backup
10-03-2016 02:28:03 Installed DirectX
10-03-2016 02:52:03 Installed DirectX
10-03-2016 04:21:05 Windows Update
30-09-2017 12:28:02 Scheduled Checkpoint
03-10-2017 12:02:20 Garmin Express
08-10-2017 18:35:36 Windows Update
09-10-2017 21:55:18 Restore Operation
09-10-2017 22:24:04 Garmin Express
18-10-2017 16:51:17 Scheduled Checkpoint
18-10-2017 18:06:14 Windows Update
22-10-2017 12:17:03 Restore Operation

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/22/2017 07:21:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/22/2017 07:12:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/22/2017 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (10/22/2017 06:54:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/22/2017 04:53:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/22/2017 03:52:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/22/2017 12:23:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/22/2017 12:23:09 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070005.

Error: (10/22/2017 09:12:55 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Windows Kits\8.0\bin\x86\makecat.exe.Manifest".
Dependent Assembly Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/22/2017 09:12:55 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Windows Kits\8.0\bin\x64\makecat.exe.Manifest".
Dependent Assembly Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (10/22/2017 07:19:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Routine run service failed to start due to the following error: 
The system cannot find the file specified.

Error: (10/22/2017 07:19:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error: 
Access is denied.

Error: (10/22/2017 07:18:28 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/22/2017 07:18:27 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/22/2017 07:18:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (10/22/2017 07:18:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (10/22/2017 07:18:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Razer Game Scanner service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (10/22/2017 07:18:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Thrustmaster® Hotas Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/22/2017 07:18:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SQL Server VSS Writer service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/22/2017 07:18:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The RzSurroundVADStreamingService service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.


==================== Memory info =========================== 

Processor: AMD FX(tm)-8320 Eight-Core Processor 
Percentage of memory in use: 12%
Total physical RAM: 32728.74 MB
Available physical RAM: 28710 MB
Total Virtual: 65455.67 MB
Available Virtual: 61457.55 MB

==================== Drives ================================

Drive c: (Root Drive Covenant) (Fixed) (Total:223.35 GB) (Free:55.64 GB) NTFS
Drive d: (BAA_BAA_BLACK_SHEEP) (CDROM) (Total:7.83 GB) (Free:0 GB) UDF
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:1071.34 GB) (Free:750.81 GB) NTFS
Drive g: (G2) (Fixed) (Total:976.56 GB) (Free:855.53 GB) NTFS
Drive h: (Covenant) (Fixed) (Total:934.79 GB) (Free:415.54 GB) NTFS
Drive i: (Auxilary_I) (Fixed) (Total:488.55 GB) (Free:112.65 GB) NTFS
Drive j: (Auxilary_J) (Fixed) (Total:439.45 GB) (Free:211.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 6A4C6368)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1071.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: F9160188)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 99152B25)

Partition: GPT.

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-10-2017
Ran by Covenant (administrator) on COVENANT-PC (22-10-2017 19:24:20)
Running from C:\Users\Covenant\Downloads
Loaded Profiles: Covenant (Available Profiles: Covenant)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Foxit Software Inc.) G:\FOXIT READER\FoxitConnectedPDFService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Thrustmaster®) G:\thrustmaster\drivers\amd64\tmHInstall.exe
(Copyright 2017.) C:\Users\Covenant\Desktop\Zemana AntiMalware\ZAM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Copyright 2017.) C:\Users\Covenant\Desktop\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [ZAM] => C:\Users\Covenant\Desktop\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596664 2017-08-30] (Razer Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2014-07-30] (CANON INC.)
HKU\S-1-5-21-3109899598-285666356-3721746433-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-3109899598-285666356-3721746433-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-08-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3109899598-285666356-3721746433-1000\...\MountPoints2: {7726d048-e8c2-11e5-a6b7-806e6f6e6963} - D:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Fast Start.lnk [2017-04-19]
ShortcutTarget: SOLIDWORKS 2016 Fast Start.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{28FB02FD-3EC6-4600-A957-9253ED4834E1}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{65F9C8BA-9C9D-40AA-9DC9-3D065792DFAA}: [DhcpNameServer] 162.150.8.37 162.150.21.37 162.150.21.37
Tcpip\..\Interfaces\{89971881-4E57-4164-8B81-665D89B4D716}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{A5D1997E-8CDD-4714-976F-62EC9767C87F}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{A5D1997E-8CDD-4714-976F-62EC9767C87F}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3109899598-285666356-3721746433-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-19] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-19] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 81a4b5sf.default
FF ProfilePath: C:\Users\Covenant\AppData\Roaming\Mozilla\Firefox\Profiles\81a4b5sf.default [2017-10-22]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\81a4b5sf.default -> SafeSearch
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\81a4b5sf.default -> SafeSearch
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\81a4b5sf.default -> SafeSearch
FF Homepage: Mozilla\Firefox\Profiles\81a4b5sf.default -> about:home
FF Keyword.URL: Mozilla\Firefox\Profiles\81a4b5sf.default -> hxxp://www.safesear.ch/web/?type=ss-ff-kw&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-16] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> G:\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> G:\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> G:\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> G:\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3109899598-285666356-3721746433-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Covenant\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-10] (Unity Technologies ApS)

Chrome: 
=======
CHR NewTab: Default ->  Not-active:"chrome-extension://bmimlgceipnlnhclgiehpljbanpibbpi/newtab/newtab.html"
CHR Profile: C:\Users\Covenant\AppData\Local\Google\Chrome\User Data\Default [2017-10-22]
CHR Extension: (Adobe Acrobat) - C:\Users\Covenant\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Grammarly for Chrome) - C:\Users\Covenant\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-10-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Covenant\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-29]
CHR Extension: (Chrome Media Router) - C:\Users\Covenant\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-28]
CHR HKU\S-1-5-21-3109899598-285666356-3721746433-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gdfjhiclilbjdpeejgcgebmmihkkofji] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-05-06] (Advanced Micro Devices, Inc.) [File not signed]
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-05-10] (BitRaider, LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-07-31] (EasyAntiCheat Ltd)
R2 FoxitReaderService; G:\FOXIT READER\FoxitConnectedPDFService.exe [1659592 2016-12-29] (Foxit Software Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2014-05-15] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-03] (Razer Inc)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-04-19] (SolidWorks) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 tmHInstall; G:\thrustmaster\drivers\amd64\tmHInstall.exe [48288 2015-12-10] (Thrustmaster®)
S3 VSStandardCollectorService140; G:\Visual Studio 2015\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Users\Covenant\Desktop\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
S2 MBAMScheduler; "\" [X]
S2 Routine run; "H:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\DedicatedServer64\SpaceEngineersDedicated.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2017-03-19] (BitRaider)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
S3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-28] (Broadcom Corporation)
R0 MBAMChameleon; C:\Windows\System32\drivers\MBAMChameleon.sys [192960 2017-09-02] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [101824 2017-10-22] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-10-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [253888 2017-10-22] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-10-22] (Malwarebytes)
S3 MWAC; C:\Windows\system32\drivers\ [0 ] () <==== ATTENTION (zero byte File/Folder)
S3 MWAC; C:\Windows\SysWOW64\drivers\ [0 ] () <==== ATTENTION (zero byte File/Folder)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50384 2015-10-26] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [43256 2017-07-18] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137208 2017-07-16] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-10-22] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-10-22] (Zemana Ltd.)
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
S3 RTL85n64; system32\DRIVERS\RTL85n64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-22 19:24 - 2017-10-22 19:24 - 000015676 _____ C:\Users\Covenant\Downloads\FRST.txt
2017-10-22 19:23 - 2017-10-22 19:24 - 000000000 ____D C:\FRST
2017-10-22 19:22 - 2017-10-22 19:22 - 002402816 _____ (Farbar) C:\Users\Covenant\Downloads\FRST64.exe
2017-10-22 19:16 - 2017-10-22 19:18 - 000000000 ____D C:\AdwCleaner
2017-10-22 19:15 - 2017-10-22 19:15 - 008250832 _____ (Malwarebytes) C:\Users\Covenant\Downloads\adwcleaner_7.0.3.1.exe
2017-10-22 19:13 - 2017-10-22 19:13 - 000001793 _____ C:\Users\Covenant\Desktop\2017.10.22-19.04.46-i0-t92-d2.txt
2017-10-22 19:04 - 2017-10-22 19:24 - 000091465 _____ C:\Windows\ZAM.krnl.trace
2017-10-22 19:04 - 2017-10-22 19:24 - 000018476 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-10-22 19:04 - 2017-10-22 19:04 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2017-10-22 19:04 - 2017-10-22 19:04 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-10-22 19:04 - 2017-10-22 19:04 - 000001618 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-10-22 19:04 - 2017-10-22 19:04 - 000000000 ____D C:\Users\Covenant\Desktop\Zemana AntiMalware
2017-10-22 19:04 - 2017-10-22 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-10-22 19:03 - 2017-10-22 19:03 - 006625600 _____ (Zemana Ltd. ) C:\Users\Covenant\Downloads\Zemana.AntiMalware.Setup (1).exe
2017-10-22 19:03 - 2017-10-22 19:03 - 000000000 ____D C:\Users\Covenant\AppData\Local\Zemana
2017-10-22 19:02 - 2017-10-22 19:03 - 006625600 _____ (Zemana Ltd. ) C:\Users\Covenant\Downloads\Zemana.AntiMalware.Setup.exe
2017-10-19 19:29 - 2017-10-19 19:29 - 000000000 ____D C:\Users\Covenant\AppData\LocalLow\ScienceInteractive
2017-10-18 18:09 - 2017-10-18 18:09 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-18 18:05 - 2017-09-13 11:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-10-18 18:05 - 2017-09-13 11:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-18 18:05 - 2017-09-13 11:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-10-18 18:05 - 2017-09-13 11:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-18 18:05 - 2017-09-13 11:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-18 18:05 - 2017-09-13 11:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-10-18 18:05 - 2017-09-13 11:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-10-18 18:05 - 2017-09-13 11:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-10-18 18:05 - 2017-09-13 11:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-10-18 18:05 - 2017-09-13 11:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 11:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-18 18:05 - 2017-09-13 11:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-18 18:05 - 2017-09-13 11:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-18 18:05 - 2017-09-13 11:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-18 18:05 - 2017-09-13 11:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-18 18:05 - 2017-09-13 10:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-10-18 18:05 - 2017-09-13 10:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-18 18:05 - 2017-09-13 10:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-18 18:05 - 2017-09-13 10:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-18 18:05 - 2017-09-13 10:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-18 18:05 - 2017-09-13 10:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-18 18:05 - 2017-09-13 10:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-18 18:05 - 2017-09-13 10:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-10-18 18:05 - 2017-09-13 10:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-10-18 18:05 - 2017-09-13 10:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-10-18 18:05 - 2017-09-13 10:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-10-18 18:05 - 2017-09-13 10:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-10-18 18:05 - 2017-09-13 10:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 10:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 10:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 10:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-18 18:05 - 2017-09-13 10:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-10-18 18:05 - 2017-09-08 20:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-18 18:05 - 2017-09-08 19:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-10-18 18:05 - 2017-09-08 11:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-18 18:05 - 2017-09-08 11:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-18 18:05 - 2017-09-08 11:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-18 18:05 - 2017-09-08 11:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-18 18:05 - 2017-09-08 11:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-18 18:05 - 2017-09-08 11:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-18 18:05 - 2017-09-08 11:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-18 18:05 - 2017-09-08 11:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-18 18:05 - 2017-09-08 11:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-18 18:05 - 2017-09-08 11:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-18 18:05 - 2017-09-08 11:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-18 18:05 - 2017-09-08 11:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-18 18:05 - 2017-09-08 11:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-18 18:05 - 2017-09-08 11:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-18 18:05 - 2017-09-08 11:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-18 18:05 - 2017-09-08 11:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-18 18:05 - 2017-09-08 11:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-18 18:05 - 2017-09-08 11:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-10-18 18:05 - 2017-09-08 11:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-10-18 18:05 - 2017-09-08 11:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-18 18:05 - 2017-09-08 11:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-18 18:05 - 2017-09-08 11:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-10-18 18:05 - 2017-09-08 11:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-10-18 18:05 - 2017-09-08 11:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-10-18 18:05 - 2017-09-08 11:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-10-18 18:05 - 2017-09-08 11:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-10-18 18:05 - 2017-09-08 11:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-10-18 18:05 - 2017-09-08 11:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-18 18:05 - 2017-09-08 11:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-18 18:05 - 2017-09-08 11:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-18 18:05 - 2017-09-08 10:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-10-18 18:05 - 2017-09-08 10:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-10-18 18:05 - 2017-09-08 10:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-18 18:05 - 2017-09-08 10:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-18 18:05 - 2017-09-08 10:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-18 18:05 - 2017-09-07 17:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-18 18:05 - 2017-09-07 17:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-18 18:05 - 2017-09-07 17:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-18 18:05 - 2017-09-07 17:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-18 18:05 - 2017-09-07 17:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-18 18:05 - 2017-09-07 17:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-18 18:05 - 2017-09-07 17:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-18 18:05 - 2017-09-07 17:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-18 18:05 - 2017-09-07 17:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-18 18:05 - 2017-09-07 17:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-18 18:05 - 2017-09-07 17:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-18 18:05 - 2017-09-07 17:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-18 18:05 - 2017-09-07 17:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-18 18:05 - 2017-09-07 17:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-18 18:05 - 2017-09-07 17:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-18 18:05 - 2017-09-07 17:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-18 18:05 - 2017-09-07 16:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-18 18:05 - 2017-09-07 16:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-18 18:05 - 2017-09-07 16:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-18 18:05 - 2017-09-07 16:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-18 18:05 - 2017-09-07 16:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-18 18:05 - 2017-09-07 16:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-18 18:05 - 2017-09-07 16:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-18 18:05 - 2017-09-07 16:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-18 18:05 - 2017-09-07 16:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-18 18:05 - 2017-09-07 16:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-18 18:05 - 2017-09-07 16:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-18 18:05 - 2017-09-07 16:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-18 18:05 - 2017-09-07 16:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-18 18:05 - 2017-09-07 16:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-18 18:05 - 2017-09-07 16:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-18 18:05 - 2017-09-07 15:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-18 18:05 - 2017-09-07 15:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-18 18:05 - 2017-09-07 15:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-10-18 18:05 - 2017-09-07 15:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-18 18:05 - 2017-09-07 15:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-18 18:05 - 2017-09-07 15:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-10-18 18:05 - 2017-09-07 15:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-10-18 18:05 - 2017-09-07 15:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-10-18 18:05 - 2017-09-07 15:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-10-18 18:05 - 2017-09-07 15:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-10-18 18:05 - 2017-09-07 15:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-18 18:05 - 2017-09-07 15:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-10-18 18:05 - 2017-09-07 15:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-10-18 18:05 - 2017-09-07 15:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-10-18 18:05 - 2017-09-07 14:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-10-18 18:05 - 2017-09-07 14:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-18 18:05 - 2017-09-07 14:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-10-18 18:05 - 2017-09-07 14:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-10-18 18:05 - 2017-09-07 14:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-10-18 18:05 - 2017-09-07 14:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-10-18 18:05 - 2017-09-07 14:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-10-18 18:05 - 2017-09-07 14:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-10-18 18:05 - 2017-09-07 14:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-10-18 18:05 - 2017-09-07 14:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-10-18 18:05 - 2017-09-07 14:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-10-18 18:05 - 2017-09-07 14:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-10-18 18:05 - 2017-09-07 14:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-18 18:05 - 2017-09-07 14:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-10-18 18:05 - 2017-09-07 14:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-10-18 18:05 - 2017-09-07 14:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-10-18 18:05 - 2017-09-07 14:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-10-18 18:05 - 2017-09-07 14:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-18 18:05 - 2017-09-07 14:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-18 18:05 - 2017-09-07 13:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-18 18:05 - 2017-09-07 13:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-10-18 18:05 - 2017-09-07 11:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-18 18:05 - 2017-09-07 11:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-10-18 18:05 - 2017-09-07 10:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-18 18:05 - 2017-09-07 10:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-18 18:05 - 2017-09-07 10:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-18 18:05 - 2017-08-19 11:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-18 18:05 - 2017-08-19 11:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-18 18:05 - 2017-08-19 11:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-18 18:05 - 2017-08-19 11:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-10-18 18:05 - 2017-08-19 11:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-10-18 18:05 - 2017-08-19 11:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-10-18 18:05 - 2017-08-19 11:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-18 18:05 - 2017-08-19 11:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-18 18:05 - 2017-08-19 10:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-10-18 18:05 - 2017-08-19 10:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-10-18 18:05 - 2017-08-14 13:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-18 18:05 - 2017-08-14 13:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-10-18 18:05 - 2017-08-14 13:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-18 18:05 - 2017-08-13 17:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-15 19:52 - 2017-10-15 20:27 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\endless-sky
2017-10-14 08:15 - 2017-10-14 08:15 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\EasyAntiCheat
2017-10-11 19:15 - 2017-10-11 19:22 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-10-11 19:15 - 2017-10-11 19:15 - 000000000 ____D C:\ProgramData\Canon IJ Network Tool
2017-10-11 19:15 - 2014-08-18 08:59 - 000092928 _____ C:\Windows\SysWOW64\CNC1787D.TBL
2017-10-11 19:15 - 2014-07-08 11:09 - 000353792 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_CKL.dll
2017-10-11 19:15 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2017-10-11 19:14 - 2017-10-22 12:19 - 000000000 ____D C:\Windows\system32\STRING
2017-10-11 19:14 - 2017-10-22 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-10-11 19:14 - 2017-10-11 19:14 - 000000000 ___HD C:\Program Files\CanonBJ
2017-10-11 19:14 - 2017-10-11 19:14 - 000000000 ____D C:\ProgramData\CanonIJWSpt
2017-10-11 19:14 - 2017-10-11 19:14 - 000000000 ____D C:\Program Files\Canon
2017-10-11 19:14 - 2014-08-06 13:25 - 000380928 _____ (CANON INC.) C:\Windows\SysWOW64\CNMNPPM.DLL
2017-10-11 19:14 - 2014-08-06 13:25 - 000375296 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2017-10-11 19:14 - 2014-08-06 13:25 - 000039424 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2017-10-11 19:10 - 2017-10-22 12:19 - 000000000 ____D C:\Program Files (x86)\Canon
2017-10-11 19:09 - 2017-10-11 19:09 - 052629160 _____ C:\Users\Covenant\Downloads\win-mx490-1_1-mcd.exe
2017-10-11 18:43 - 2017-10-11 18:43 - 000292947 _____ C:\Users\Covenant\Downloads\snoopy.pdf
2017-10-09 22:17 - 2017-10-09 22:17 - 000000822 _____ C:\Users\Covenant\AppData\Local\recently-used.xbel
2017-10-09 21:20 - 2017-10-09 21:20 - 005312793 _____ C:\Users\Covenant\Downloads\pairing_utility_1.00.009.zip
2017-10-08 15:33 - 2017-10-09 22:07 - 000000000 ____D C:\Users\Covenant\AppData\Local\Epzudbun
2017-10-08 15:06 - 2017-10-08 15:06 - 000000000 ____D C:\Users\Covenant\AppData\Local\Qxinakuspi
2017-09-30 20:45 - 2017-09-30 22:40 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\CDE
2017-09-30 19:59 - 2017-10-22 00:30 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\Heat_Signature
2017-09-30 19:50 - 2017-09-30 19:50 - 000000000 ____D C:\Users\Covenant\CHILDREN
2017-09-28 19:10 - 2017-09-28 19:12 - 000000000 ____D C:\Users\Covenant\AppData\Local\ftblauncher
2017-09-28 19:10 - 2017-09-28 19:11 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\ftblauncher
2017-09-27 18:28 - 2017-09-27 18:28 - 000000882 _____ C:\Users\Covenant\Desktop\PID_.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-22 19:24 - 2016-05-10 01:37 - 000000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2017-10-22 19:20 - 2017-03-07 03:04 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-10-22 19:19 - 2017-03-07 03:04 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-10-22 19:19 - 2017-03-07 03:04 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-10-22 19:19 - 2016-03-12 23:43 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-10-22 19:19 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-22 19:18 - 2016-08-07 11:53 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2017-10-22 19:18 - 2009-07-14 00:45 - 000022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-22 19:18 - 2009-07-14 00:45 - 000022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-22 19:17 - 2009-07-14 01:13 - 000786380 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-22 19:17 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2017-10-22 19:08 - 2016-08-24 11:22 - 000001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Google Chrome.lnk
2017-10-22 19:04 - 2016-03-12 22:28 - 000000000 ____D C:\Users\Covenant
2017-10-22 17:38 - 2016-05-28 21:28 - 000000000 ____D C:\Users\Covenant\Documents\From The Depths
2017-10-22 13:28 - 2017-03-12 12:36 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-10-22 13:03 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\rescache
2017-10-22 12:19 - 2017-09-04 15:19 - 000000000 ____D C:\Program Files (x86)\Garmin
2017-10-22 12:19 - 2017-04-19 20:17 - 000000000 ____D C:\ProgramData\FLEXnet
2017-10-22 12:19 - 2017-02-04 22:01 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\Avorion
2017-10-22 12:19 - 2016-07-31 14:37 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\FreeCAD
2017-10-22 12:19 - 2016-05-10 00:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2017-10-22 12:19 - 2016-03-23 18:48 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-22 12:19 - 2016-03-20 00:27 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\vlc
2017-10-22 12:19 - 2016-03-18 00:44 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\Mozilla
2017-10-22 12:19 - 2016-03-13 04:06 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\SpaceEngineers
2017-10-22 12:19 - 2016-03-12 23:16 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-22 12:19 - 2009-07-13 23:20 - 000000000 __RSD C:\Windows\Media
2017-10-22 12:19 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\registration
2017-10-22 12:19 - 2009-07-13 23:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-10-20 21:29 - 2016-03-27 22:20 - 000000000 ____D C:\Users\Covenant\Documents\Larian Studios
2017-10-18 18:30 - 2016-03-12 22:28 - 000000000 ____D C:\Users\Covenant\AppData\Local\VirtualStore
2017-10-18 18:14 - 2009-07-14 00:45 - 000435984 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-18 18:12 - 2016-06-01 12:16 - 000000000 ____D C:\Windows\system32\MRT
2017-10-18 18:09 - 2016-06-01 12:16 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-18 18:07 - 2016-03-12 23:17 - 000778502 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-10-16 15:41 - 2017-07-13 19:02 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-16 15:41 - 2016-03-23 18:48 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-16 15:41 - 2016-03-23 18:48 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-16 15:41 - 2016-03-23 18:48 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-10 08:52 - 2009-07-14 01:08 - 000032648 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-10-09 22:24 - 2017-09-04 15:19 - 000003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2017-10-09 22:17 - 2016-10-29 23:28 - 000000000 ____D C:\Users\Covenant\.gimp-2.8
2017-10-08 22:16 - 2016-03-13 03:21 - 000007655 _____ C:\Users\Covenant\AppData\Local\Resmon.ResmonCfg
2017-10-08 22:12 - 2016-12-02 03:09 - 000000000 ____D C:\Users\Covenant\AppData\LocalLow\Mozilla
2017-10-08 20:39 - 2016-06-24 12:07 - 000000000 ____D C:\Users\Covenant\AppData\Local\ElevatedDiagnostics
2017-10-08 20:29 - 2009-07-13 23:20 - 000000000 ____D C:\PerfLogs
2017-10-08 11:24 - 2016-09-15 00:42 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\.minecraft
2017-10-03 18:05 - 2017-02-04 22:01 - 000000000 _____ C:\Users\Covenant\AppData\Roaming\avoriontestfile
2017-09-24 10:42 - 2017-04-19 18:39 - 000000000 ____D C:\Users\Covenant\AppData\Roaming\SOLIDWORKS

==================== Files in the root of some directories =======

2017-02-04 22:01 - 2017-10-03 18:05 - 000000000 _____ () C:\Users\Covenant\AppData\Roaming\avoriontestfile
2017-10-09 22:17 - 2017-10-09 22:17 - 000000822 _____ () C:\Users\Covenant\AppData\Local\recently-used.xbel
2016-03-13 03:21 - 2017-10-08 22:16 - 000007655 _____ () C:\Users\Covenant\AppData\Local\Resmon.ResmonCfg
2017-05-23 13:24 - 2017-05-23 13:24 - 000000000 _____ () C:\Users\Covenant\AppData\Local\Temptable.xml
2017-03-25 22:25 - 2017-09-19 00:54 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

Some files in TEMP:
====================
2017-07-31 19:42 - 2017-07-31 19:42 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Covenant\AppData\Local\Temp\jansi-64-1268533398477060563.dll
2017-08-01 17:27 - 2017-08-01 17:27 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Covenant\AppData\Local\Temp\jansi-64-3255977114475393418.dll
2017-07-30 22:38 - 2017-07-30 22:38 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Covenant\AppData\Local\Temp\jansi-64-4154330135062690654.dll
2017-08-03 17:23 - 2017-08-03 17:23 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Covenant\AppData\Local\Temp\jansi-64-4871226256988058759.dll
2017-07-30 13:54 - 2017-07-30 13:54 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Covenant\AppData\Local\Temp\jansi-64-5101992391752774345.dll
2017-07-30 01:52 - 2017-07-30 01:52 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Covenant\AppData\Local\Temp\jansi-64-5124618861307153511.dll
2017-08-01 15:11 - 2017-08-01 15:11 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Covenant\AppData\Local\Temp\jansi-64-6274129516840007448.dll
2017-08-01 17:02 - 2017-08-01 17:02 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Covenant\AppData\Local\Temp\jansi-64-6469831055741629372.dll
2017-08-01 17:23 - 2017-08-01 17:23 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Covenant\AppData\Local\Temp\jansi-64-6715986250634738703.dll
2017-07-31 18:06 - 2017-07-31 18:06 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Covenant\AppData\Local\Temp\jansi-64-8754784417015021614.dll
2017-07-30 22:29 - 2017-07-30 22:29 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Covenant\AppData\Local\Temp\jansi-64-9088929244658776205.dll
2017-10-11 19:10 - 2015-09-29 11:13 - 001131040 ____N (CANON INC.) C:\Users\Covenant\AppData\Local\Temp\MSETUP4.EXE

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-22 12:56

==================== End of FRST.txt ============================

Link to post
Share on other sites

Thanks for those logs, continue as follows:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

user posted imageEmsisoft Emergency Kit
  • Click Here to download Emsisoft Emergency Kit. The download will automatically start after a moment.
  • Save EmsisoftEmergencyKit.exe to your Desktop.
  • Double click on EmsisoftEmergencyKit.exe (Windows Vista/7/8/10 users: Accept UAC warning if it is enabled). A screen like this will appear:
    user posted image
     
  • Leave everything as it is, then click Extract. This maybe listed as Install This will unpack or install Emsisoft Emergency Kit to the EEK folder located in the root drive (usually C:\).
  • Once the extraction or installation is done, an icon will appear on your Desktop. Double click it to start Emsisoft Emergency Kit.
    user posted image
     
  • Wait for Emsisoft Emergency Kit to finish loading signatures. A screen like this should appear:
    user posted image
     
  • Choose Yes, then wait for EEK to finish updating.
  • Choose Malware Scan under the Scan button. When EEK asks to activate PUP detection, choose Yes.
  • Wait for the scan to finish.
    user posted image
     
  • If EEK detects something, all detected items will be displayed. Place a checkmark before everything, then choose Quarantine Selected.
  • If Emsisoft Emergency Kit asks to reboot, please do so immediately.
  • The scan log is located in Logs -> Scan Logs. Click on the entry of the latest scan, choose Export and save the report on your Desktop.
    user posted image
     
  • Please Copy and Paste the contents of the scan log in your next reply.

Let me see those logs, also let me know if the issue has cleared...

Thank you,

Kevin...

 

fixlist.txt

Edited by kevinf80
Link to post
Share on other sites

 

Emsisoft Emergency Kit - Version 2017.8
Forensics log

Date    Component    Action    Details    
10/23/2017 10:15:40 AM    Scanner    Scan finished    Scanned 79708 objects and found nothing.    
10/23/2017 10:14:56 AM    User COVENANT-PC\Covenant    Scan started    Malware Scan    
10/23/2017 10:14:20 AM    User COVENANT-PC\Covenant    Setting modified    "Detect PUPs" has been changed to "Enabled".    
10/23/2017 10:13:51 AM    User    Update    Downloaded and installed 51 files (10794 kb) (34 sec.).    
10/23/2017 10:13:17 AM    Core    Notification    "Recommended Reading:New in 2017.9: Making things simpler and easier".    
10/23/2017 10:13:12 AM    User    Update    Failed with error "Server returned error" (0 sec.).    
 

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------

I am not certain that everything is fixed... I will run the machine a while and keep you informed. Thank you for all of your assistance.

Timothy C. L. Hyser

Fixlog.txt

Link to post
Share on other sites

Has the blocks ceased.... The following IP that was on your system is a known spammer and will cause untold misery;

Tcpip\..\Interfaces\{A5D1997E-8CDD-4714-976F-62EC9767C87F}: [NameServer] 8.8.8.8

Have a read here: https://cleantalk.org/blacklists?record=8.8.8.8

We shifted that with FRST, let me know how your system performs, also if any remaining issues or concerns...

Thank you,

Kevin

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.