Jump to content

Infected with Malware, "WinDef" Hijacked


lunartik

Recommended Posts

Hi, today i bought a Win10 key, and couldn't activate it. Months ago i noticed that my cmd crashed when i launched it, i found out that creating another user account made it work, i found it very weird but didn't think much of it. Later i noticed that my Windows Defender is completely blank, when i go to windows update & security and go to Windows Security, the page is completely blank. Today i found out when searching Windows Forums for a fix to the key problem that my "WinDef" was hijacked, probably by some malware. I scanned my pc with AdwCleaner and ESET scanner and detected infections. I also plan to do an in-place upgrade repair with my Windows. Big thanks to anyone that helps!

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-09-2020
Ran by elite (ATTENTION: The user is not administrator) on DESKTOP-NEKOJFV (19-09-2020 15:05:58)
Running from C:\Users\elite\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Loaded Profiles: diogo & elite
Platform: Windows 10 Home Version 1909 18363.535 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Corsair Memory, Inc. -> Corsair Memory, Inc.) D:\Programs\Corsair\CORSAIR iCUE Software\iCUE.exe
(ESET, spol. s r.o. -> ESET spol. s r.o.) C:\Users\elite\Downloads\esetonlinescanner.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\elite\Downloads\adwcleaner_8.0.7.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Skype) C:\Program Files\WindowsApps\microsoft.skypeapp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\microsoft.skypeapp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Skype) C:\Program Files\WindowsApps\microsoft.skypeapp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
Failed to access process -> atkexComSvc.exe
Failed to access process -> conhost.exe
Failed to access process -> conhost.exe
Failed to access process -> Corsair.Service.CpuIdRemote64.exe
Failed to access process -> Corsair.Service.DisplayAdapter.exe
Failed to access process -> Corsair.Service.exe
Failed to access process -> CorsairGamingAudioCfgService64.exe
Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> CueLLAccessService.exe
Failed to access process -> dasHost.exe
Failed to access process -> dllhost.exe
Failed to access process -> dwm.exe
Failed to access process -> esif_uf.exe
Failed to access process -> fontdrvhost.exe
Failed to access process -> fontdrvhost.exe
Failed to access process -> hamachi-2.exe
Failed to access process -> ICEsoundService64.exe
Failed to access process -> igfxCUIService.exe
Failed to access process -> LightingService.exe
Failed to access process -> LMIGuardianSvc.exe
Failed to access process -> lsass.exe
Failed to access process -> nvcontainer.exe
Failed to access process -> NVDisplay.Container.exe
Failed to access process -> NVDisplay.Container.exe
Failed to access process -> PnkBstrA.exe
Failed to access process -> PresentationFontCache.exe
Failed to access process -> pservice.exe
Failed to access process -> QMEmulatorService.exe
Failed to access process -> RtkAudUService64.exe
Failed to access process -> ScpService.exe
Failed to access process -> SearchFilterHost.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> services.exe
Failed to access process -> SgrmBroker.exe
Failed to access process -> smss.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> wininit.exe
Failed to access process -> winlogon.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> zerotier-one_x64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [876536 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programs\Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => D:\Programs\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1868716592-2335926720-3886777892-1002\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1915752 2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [62552 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-12-17]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2020-02-07]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> D:\Programs\SCP\ScpTrayApp.exe (Scarlet.Crush Productions) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{21fd8dce-7760-4fb1-935c-e4273b3d7309}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{498975a7-509e-4407-873d-aedf0a2c8428}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6d4eeaa2-f22f-4247-9c37-54c0525c4136}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe [440368 2019-06-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8686928 2020-09-10] (BattlEye Innovations e.K. -> )
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [605096 2020-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; D:\Programs\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; D:\Programs\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-08-31] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 Ds3Service; D:\Programs\SCP\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed] [File is in use]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2020-09-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\FileSyncHelper.exe [2165608 2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2019-11-19] (GOG Sp. z o.o. -> GOG.com)
R2 Hamachi2Svc; D:\Programs\Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806352 2019-12-12] (ICEpower a/s -> ICEpower)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [2109376 2019-07-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 lmhosts; C:\WINDOWS\System32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NlaSvc; C:\WINDOWS\System32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 nsi; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\OneDriveUpdaterService.exe [2529128 2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [364048 2020-05-19] (Parsec Cloud, Inc. -> Parsec)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2020-03-18] (Even Balance, Inc. -> )
R2 QMEmulatorService; D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [198736 2020-08-15] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 Rockstar Service; D:\Programs\Launcher\RockstarService.exe [1711232 2020-06-29] (Rockstar Games, Inc. -> Rockstar Games)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Uncheater\ucldr_battlegrounds_gl.exe [6995800 2020-06-05] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 updater; D:\Programs\SCP\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-01-15] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroTierOneService; C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe [1788400 2019-09-04] (ZeroTier, Inc. -> )
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aow_drv; D:\Program Files\TxGameAssistant\UI\3.21.1282.100\aow_drv_x64_ev.sys [916544 2020-08-18] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33832 2019-06-21] (ASUSTeK Computer Inc. -> )
S3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [124928 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.)
R3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudio64.sys [60328 2020-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess0702199A43FBE17505B62EA2788F23301D669E62; D:\Programs\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [33592 2020-03-17] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [229432 2020-03-17] (DEV47 APPS -> Dev47Apps)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-04-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-04-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneIo; C:\WINDOWS\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-12-12] (Martin Malik - REALiX -> REALiX(tm))
S3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2020-02-07] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [812208 2020-06-18] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 UniSafe; C:\WINDOWS\system32\drivers\UniSafe.sys [581912 2020-09-13] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237304 2020-01-15] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247216 2020-01-15] (Oracle Corporation -> Oracle Corporation)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2020-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2740480 2020-06-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 zttap300; C:\WINDOWS\System32\drivers\zttap300.sys [30488 2018-03-16] (ZeroTier Networks LLC -> ZeroTier Networks LLC)
R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys <==== ATTENTION (Access Denied)
S3 MSIO; \??\C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-19 15:05 - 2020-09-19 15:06 - 000000000 ____D C:\FRST
2020-09-19 15:04 - 2020-09-19 15:04 - 002298880 _____ (Farbar) C:\Users\elite\Downloads\FRST64.exe
2020-09-19 14:57 - 2020-09-19 14:57 - 000001266 _____ C:\Users\diogo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-09-19 14:57 - 2020-09-19 14:57 - 000001138 _____ C:\Users\diogo\Desktop\ESET Online Scanner.lnk
2020-09-19 14:57 - 2020-09-19 14:57 - 000000000 ____D C:\Users\diogo\AppData\Local\ESET
2020-09-19 14:56 - 2020-09-19 14:56 - 014860896 _____ (ESET spol. s r.o.) C:\Users\elite\Downloads\esetonlinescanner.exe
2020-09-19 14:56 - 2020-09-19 14:56 - 000000780 _____ C:\Users\elite\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-09-19 14:56 - 2020-09-19 14:56 - 000000000 ____D C:\Users\elite\AppData\Local\ESET
2020-09-19 14:54 - 2020-09-19 14:56 - 000000000 ____D C:\AdwCleaner
2020-09-19 14:54 - 2020-09-19 14:54 - 008414384 _____ (Malwarebytes) C:\Users\elite\Downloads\adwcleaner_8.0.7.exe
2020-09-19 14:44 - 2020-09-19 14:44 - 000000000 ____D C:\Users\elite\AppData\Local\D3DSCache
2020-09-19 10:39 - 2020-09-19 10:39 - 000000000 ____D C:\ProgramData\Socialclub
2020-09-19 10:16 - 2020-09-19 10:16 - 000000483 _____ C:\Users\Public\Desktop\Max Payne 3.lnk
2020-09-19 10:14 - 2020-09-19 10:16 - 000000000 ____D C:\Users\diogo\AppData\LocalLow\BitTorrent
2020-09-18 23:53 - 2020-09-18 23:53 - 000077726 _____ C:\Users\diogo\Downloads\Max.Payne.3.Complete.Edition-RELOADED-[rarbg.to].torrent
2020-09-18 15:14 - 2020-09-18 15:14 - 000244959 _____ C:\Users\diogo\Downloads\Declaração_Matrícula_Sub23.pdf
2020-09-17 18:58 - 2020-09-17 18:58 - 000426074 _____ C:\Users\diogo\Downloads\Harmony.zip
2020-09-17 18:57 - 2020-09-17 18:57 - 000147436 _____ C:\Users\diogo\Downloads\MapWideTradeBeacon 1.1-307-1-1-1597957902.zip
2020-09-17 18:06 - 2020-09-17 18:06 - 000016296 _____ C:\Users\diogo\Downloads\More Trade Ships for 1.0.2059-116-1-0-2059-1540365380.rar
2020-09-16 18:26 - 2020-09-16 18:26 - 000046641 _____ C:\Users\diogo\Downloads\video-1600211470.mp4
2020-09-14 17:48 - 2020-09-14 17:48 - 000000000 ____D C:\Users\diogo\AppData\Roaming\EasyAntiCheat
2020-09-14 11:10 - 2020-09-14 11:10 - 000984303 _____ C:\Users\diogo\Downloads\EdBPrepareCarefully-1.2.1.zip
2020-09-14 11:02 - 2020-09-14 11:02 - 000000786 _____ C:\Users\diogo\Desktop\RimWorld Royalty.lnk
2020-09-14 10:58 - 2020-09-14 10:58 - 000020010 _____ C:\Users\diogo\Downloads\RimWorld.Royalty-PLAZA-[rarbg.to].torrent
2020-09-13 23:45 - 2020-09-13 23:46 - 055837972 _____ C:\Users\diogo\Downloads\Stephen Kotkin_ Stalin's rise to Power & Faked Testament of Lenin.mp4
2020-09-13 20:12 - 2020-09-13 20:12 - 000020028 _____ C:\Users\diogo\Downloads\Joker.2019.1080p.BluRay.x265-RARBG-[rarbg.to].torrent
2020-09-10 23:17 - 2020-09-10 23:17 - 000000265 _____ C:\Users\diogo\Desktop\Borderlands 3.url
2020-09-09 19:27 - 2020-09-09 19:28 - 000000000 ____D C:\Users\diogo\AppData\Local\DeadByDaylight
2020-09-09 17:15 - 2020-09-09 17:15 - 000809234 _____ C:\Users\diogo\Downloads\null_CE5uAfVFU7T1TvyoIrS_H2TMylxp73QOiRRKi40MP4.mp4
2020-09-04 16:13 - 2020-09-04 16:13 - 000000233 _____ C:\Users\diogo\Desktop\Tom Clancy's Rainbow Six Siege - Vulkan.url
2020-09-04 00:40 - 2020-09-04 00:40 - 000002492 _____ C:\Users\diogo\Downloads\Deep.Rock.Galactic.Update.v1.30.40190.0-CODEX-[rarbg.to].torrent
2020-09-04 00:29 - 2020-09-04 00:29 - 000003774 _____ C:\Users\diogo\Downloads\Deep.Rock.Galactic.Update.v1.31.41035.0-CODEX-[rarbg.to].torrent
2020-09-04 00:29 - 2020-09-04 00:29 - 000003054 _____ C:\Users\diogo\Downloads\Deep.Rock.Galactic.Update.v1.30.40345.0-CODEX-[rarbg.to].torrent
2020-09-04 00:29 - 2020-09-04 00:29 - 000002693 _____ C:\Users\diogo\Downloads\Deep.Rock.Galactic.Update.v1.31.41183.0-CODEX-[rarbg.to].torrent
2020-09-03 21:58 - 2020-09-03 21:58 - 000000000 ____D C:\Users\diogo\AppData\Roaming\.atlauncher
2020-09-03 17:11 - 2020-09-03 17:11 - 000050242 _____ C:\Users\diogo\Downloads\Girassol.pdf
2020-09-03 17:06 - 2020-09-03 17:06 - 000872270 _____ C:\Users\diogo\Downloads\PasseSub23.pdf
2020-09-03 17:04 - 2020-09-03 17:04 - 000102626 _____ C:\Users\diogo\Downloads\Paraíso (1).pdf
2020-08-31 18:16 - 2020-08-31 18:16 - 000000000 ____D C:\Users\diogo\AppData\LocalLow\Smartly Dressed Games
2020-08-30 17:39 - 2020-08-30 17:40 - 126923150 _____ C:\Users\diogo\Downloads\clonehero-win64.7z
2020-08-26 12:12 - 2020-08-26 12:12 - 000016689 _____ C:\Users\diogo\Downloads\Jump Start Base 0.18 by Nilaus - FACTORIO MASTER CLASS.txt
2020-08-25 23:56 - 2020-08-25 23:56 - 000000000 __SHD C:\ProgramData\SecuROM
2020-08-25 23:56 - 2020-08-25 23:56 - 000000000 ____D C:\ProgramData\XLive
2020-08-25 23:48 - 2020-08-25 23:48 - 000000990 _____ C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
2020-08-25 23:48 - 2020-08-25 23:48 - 000000866 _____ C:\Users\Public\Desktop\Grand Theft Auto - Episodes from Liberty City.lnk
2020-08-25 23:48 - 2020-08-25 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-08-25 22:53 - 2020-08-25 22:53 - 000101311 _____ C:\Users\diogo\Downloads\Grand.Theft.Auto.IV.Complete.Edition-PROPHET-[rarbg.to].torrent
2020-08-25 22:40 - 2020-08-25 22:40 - 000018940 _____ C:\Users\diogo\Downloads\The.Secret.Life.of.Walter.Mitty.2013.1080p.BluRay.x265-RARBG-[rarbg.to].torrent
2020-08-23 10:00 - 2020-08-23 10:00 - 000000000 ____D C:\Users\diogo\ansel
2020-08-22 17:30 - 2020-08-31 19:36 - 000000000 ____D C:\Users\diogo\AppData\Roaming\Factorio
2020-08-22 17:22 - 2020-08-22 17:22 - 000000985 _____ C:\Users\Public\Desktop\Factorio.lnk
2020-08-22 17:22 - 2020-08-22 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Factorio [GOG.com]
2020-08-22 17:07 - 2020-08-22 17:08 - 1487764032 _____ (GOG.com ) C:\Users\diogo\Downloads\setup_factorio_1.0.0_(40475).exe
2020-08-22 15:20 - 2020-08-22 15:20 - 002652395 _____ C:\Users\diogo\Downloads\spy_overhaulv121_2.rar
2020-08-22 15:20 - 2020-08-22 15:20 - 001259124 _____ C:\Users\diogo\Downloads\sniperfpoverhaulv4.zip
2020-08-22 15:19 - 2020-08-22 15:19 - 002055449 _____ C:\Users\diogo\Downloads\engineer-fp-ovhl-3-1.zip
2020-08-22 15:19 - 2020-08-22 15:19 - 001773332 _____ C:\Users\diogo\Downloads\heavyfpoverhaulv3-1-1_8a3e9.zip
2020-08-22 15:19 - 2020-08-22 15:19 - 001526796 _____ C:\Users\diogo\Downloads\demo_fp_anims.zip
2020-08-22 15:19 - 2020-08-22 15:19 - 001047691 _____ C:\Users\diogo\Downloads\scoutoverhaulv3_34f0b.zip
2020-08-22 15:19 - 2020-08-22 15:19 - 000743355 _____ C:\Users\diogo\Downloads\soldieranimsremade-v-1-5-0.rar
2020-08-22 15:19 - 2020-08-22 15:19 - 000452363 _____ C:\Users\diogo\Downloads\medicoverhaul-v-1-01.rar
2020-08-22 15:14 - 2020-08-22 15:14 - 000109277 _____ C:\Users\diogo\Downloads\aligned_and_improved_medi_beams_v21.rar
2020-08-22 14:46 - 2020-08-22 14:47 - 000998985 _____ C:\Users\diogo\Downloads\toon_muzzle_flashes_v12.rar
2020-08-22 14:46 - 2020-08-22 14:46 - 001737911 _____ C:\Users\diogo\Downloads\toon_rocket_trails_v10.rar
2020-08-22 14:46 - 2020-08-22 14:46 - 000937076 _____ C:\Users\diogo\Downloads\toonhud__11-1.zip
2020-08-22 14:46 - 2020-08-22 14:46 - 000713281 _____ C:\Users\diogo\Downloads\toon_explosions_v11.rar
2020-08-22 11:21 - 2020-08-22 11:21 - 000000000 ____D C:\Users\elite\AppData\Local\Comms
2020-08-22 11:06 - 2020-08-22 11:06 - 000000000 ___HD C:\Users\elite\MicrosoftEdgeBackups
2020-08-22 11:05 - 2020-09-19 14:50 - 000000000 ____D C:\Users\elite\AppData\Local\CrashDumps
2020-08-22 11:05 - 2020-08-22 11:05 - 000000000 ___HD C:\OneDriveTemp
2020-08-22 11:04 - 2020-08-22 11:05 - 000000000 ____D C:\Users\elite\AppData\Local\MicrosoftEdge
2020-08-22 11:04 - 2020-08-22 11:04 - 000001450 _____ C:\Users\elite\Desktop\Microsoft Edge.lnk
2020-08-22 11:04 - 2020-08-22 11:04 - 000000000 ____D C:\Users\elite\AppData\Roaming\Corsair
2020-08-22 11:04 - 2020-08-22 11:04 - 000000000 ____D C:\Users\elite\AppData\Local\Corsair
2020-08-22 11:03 - 2020-08-22 11:03 - 000000000 ____D C:\Users\elite\AppData\Local\Publishers
2020-08-22 11:03 - 2020-08-22 11:03 - 000000000 ____D C:\Users\elite\AppData\Local\CEF
2020-08-22 11:02 - 2020-09-19 14:19 - 000000000 ___RD C:\Users\elite\OneDrive
2020-08-22 11:02 - 2020-09-19 14:17 - 000000000 ____D C:\Users\elite\AppData\Local\ConnectedDevicesPlatform
2020-08-22 11:02 - 2020-08-22 11:26 - 000000000 ____D C:\Users\elite\AppData\Local\Packages
2020-08-22 11:02 - 2020-08-22 11:06 - 000000000 ____D C:\Users\elite
2020-08-22 11:02 - 2020-08-22 11:04 - 000000000 ____D C:\Users\elite\AppData\Local\NVIDIA Corporation
2020-08-22 11:02 - 2020-08-22 11:02 - 000002338 _____ C:\Users\elite\Desktop\Google Chrome.lnk
2020-08-22 11:02 - 2020-08-22 11:02 - 000000020 ___SH C:\Users\elite\ntuser.ini
2020-08-22 11:02 - 2020-08-22 11:02 - 000000000 ___RD C:\Users\elite\3D Objects
2020-08-22 11:02 - 2020-08-22 11:02 - 000000000 ____D C:\Users\elite\AppData\Roaming\Adobe
2020-08-22 11:02 - 2020-08-22 11:02 - 000000000 ____D C:\Users\elite\AppData\Local\VirtualStore
2020-08-22 11:02 - 2020-08-22 11:02 - 000000000 ____D C:\Users\elite\AppData\Local\NVIDIA
2020-08-22 11:02 - 2020-08-22 11:02 - 000000000 ____D C:\Users\elite\AppData\Local\Google
2020-08-22 11:02 - 2020-08-22 11:02 - 000000000 ____D C:\Users\elite\ansel
2020-08-20 19:23 - 2020-08-20 19:23 - 000010563 _____ C:\Users\diogo\Downloads\Autosave 1.1-5-1-1-1544647133.zip
2020-08-20 19:22 - 2020-08-20 19:22 - 000530518 _____ C:\Users\diogo\Downloads\Console Commands 3.0 WIP 7.6-2-3-0-76-1544645653.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-19 15:05 - 2019-11-02 22:57 - 000000000 ____D C:\Users\diogo\AppData\Roaming\BitTorrent
2020-09-19 15:04 - 2019-10-22 05:13 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-19 14:46 - 2019-10-22 05:13 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-19 14:45 - 2019-12-13 16:15 - 000000000 ____D C:\Users\diogo\AppData\Local\CrashDumps
2020-09-19 14:45 - 2019-10-22 04:45 - 000000000 ____D C:\ProgramData\NVIDIA
2020-09-19 14:17 - 2019-10-22 04:46 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-09-19 14:01 - 2019-12-12 21:13 - 000026528 _____ C:\CosairDram.txt
2020-09-19 14:01 - 2019-10-22 04:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-19 14:01 - 2019-10-22 04:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-19 13:12 - 2019-10-22 05:13 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-09-19 13:12 - 2019-10-21 21:15 - 000000000 ____D C:\Users\diogo
2020-09-19 13:10 - 2020-01-04 12:47 - 000000000 ____D C:\WINDOWS\Minidump
2020-09-19 13:10 - 2019-04-09 20:40 - 000628548 ____N C:\WINDOWS\Minidump\091920-39437-01.dmp
2020-09-19 12:43 - 2019-10-21 21:55 - 000000000 ____D C:\Program Files (x86)\Steam
2020-09-19 12:39 - 2019-10-21 21:30 - 000000000 ____D C:\Users\diogo\AppData\Roaming\Discord
2020-09-19 10:39 - 2019-12-20 18:16 - 000000000 ____D C:\Users\diogo\Documents\Rockstar Games
2020-09-19 01:02 - 2020-02-22 20:25 - 000000000 ____D C:\Users\diogo\AppData\Local\Ubisoft Game Launcher
2020-09-18 19:14 - 2019-10-23 19:18 - 000000000 ____D C:\Users\diogo\AppData\Local\Spotify
2020-09-18 19:13 - 2019-10-23 19:17 - 000000000 ____D C:\Users\diogo\AppData\Roaming\Spotify
2020-09-16 01:01 - 2019-04-09 20:40 - 000485934 ____N C:\WINDOWS\Minidump\091620-36156-01.dmp
2020-09-15 19:17 - 2019-04-09 20:40 - 000533746 ____N C:\WINDOWS\Minidump\091520-38468-01.dmp
2020-09-14 23:48 - 2019-10-21 22:54 - 000000000 ____D C:\Users\diogo\AppData\Local\D3DSCache
2020-09-14 12:34 - 2019-10-21 21:18 - 000000000 ____D C:\Users\diogo\AppData\Local\Packages
2020-09-13 21:40 - 2020-06-18 22:53 - 000581912 _____ (TENCENT) C:\WINDOWS\system32\Drivers\UniSafe.sys
2020-09-13 11:03 - 2019-10-21 21:25 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-09-13 00:35 - 2020-04-08 22:11 - 000000034 _____ C:\ProgramData\droidcam-settings
2020-09-12 10:44 - 2019-10-21 21:26 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-12 10:44 - 2019-10-21 21:24 - 000000000 ___RD C:\Users\diogo\OneDrive
2020-09-11 10:04 - 2020-01-06 20:24 - 000000000 ____D C:\WINDOWS\LastGood
2020-09-11 10:04 - 2019-10-22 05:11 - 000000000 ____D C:\WINDOWS\INF
2020-09-10 23:18 - 2019-12-04 16:20 - 000000000 ____D C:\Users\diogo\AppData\Local\EpicGamesLauncher
2020-09-10 22:36 - 2019-10-22 20:43 - 000000000 ____D C:\ProgramData\Package Cache
2020-09-10 22:31 - 2019-10-29 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2020-09-10 20:17 - 2019-10-21 21:29 - 000000000 ____D C:\Users\diogo\AppData\Local\Discord
2020-09-10 10:27 - 2020-08-18 22:50 - 000000000 ____D C:\Users\diogo\AppData\Local\LogMeIn Hamachi
2020-09-09 19:27 - 2019-12-04 16:20 - 000000000 ____D C:\Users\diogo\AppData\Local\UnrealEngine
2020-09-08 20:41 - 2019-10-21 21:22 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-04 23:40 - 2019-11-02 23:21 - 000000000 ____D C:\Users\diogo\AppData\Roaming\vlc
2020-09-04 00:32 - 2020-05-29 12:40 - 000000911 _____ C:\Users\diogo\Desktop\Deep Rock Galactic.lnk
2020-09-03 22:06 - 2019-11-09 23:55 - 000000000 ____D C:\Users\diogo\AppData\Roaming\.minecraft
2020-08-31 18:16 - 2020-01-23 22:23 - 000000000 ____D C:\Users\diogo\AppData\Local\BattlEye
2020-08-29 21:46 - 2020-06-18 22:46 - 000000883 _____ C:\Users\diogo\Desktop\Gameloop.lnk
2020-08-25 23:57 - 2019-12-20 18:16 - 000000000 ____D C:\Users\diogo\AppData\Local\Rockstar Games
2020-08-22 11:32 - 2019-10-22 05:13 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-22 11:28 - 2019-11-09 15:18 - 000000000 ____D C:\Users\diogo\Documents\My Games
2020-08-22 11:02 - 2019-10-21 21:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-22 10:28 - 2020-08-18 22:56 - 000000000 ____D C:\Users\diogo\Zomboid
==================== FLock ==============================
2020-09-11 10:04 C:\Config.Msi
2017-10-20 14:38 C:\MSOCache
2019-10-22 05:13 C:\PerfLogs
2020-09-15 16:11 C:\WINDOWS\system32\config
2019-10-22 05:13 C:\WINDOWS\system32\Configuration
2019-10-22 05:13 C:\WINDOWS\system32\DriverState
2019-10-21 20:57 C:\WINDOWS\system32\FxsTmp
2019-10-22 05:13 C:\WINDOWS\system32\ias
2019-10-22 05:14 C:\WINDOWS\system32\MsDtc
2019-10-22 05:13 C:\WINDOWS\system32\networklist
2020-09-19 14:01 C:\WINDOWS\system32\SleepStudy
2020-09-19 15:04 C:\WINDOWS\system32\sru
2020-09-12 10:44 C:\WINDOWS\system32\Tasks
2019-11-03 17:16 C:\WINDOWS\system32\WDI
2020-01-01 17:44 C:\Program Files\WindowsApps
2020-09-19 13:12 C:\WINDOWS\LiveKernelReports
2019-10-22 05:13 C:\WINDOWS\ModemLogs
2020-09-19 15:05 C:\WINDOWS\prefetch
2019-10-21 21:37 C:\WINDOWS\ServiceState
2020-09-19 14:46 C:\WINDOWS\Temp
2019-10-22 05:13 C:\WINDOWS\SysWOW64\config
2019-10-22 05:13 C:\WINDOWS\SysWOW64\Configuration
2019-10-22 05:13 C:\WINDOWS\SysWOW64\FxsTmp
2019-10-22 05:13 C:\WINDOWS\SysWOW64\Msdtc
2019-10-22 05:13 C:\WINDOWS\SysWOW64\networklist
2019-10-22 05:13 C:\WINDOWS\SysWOW64\sru
2019-10-22 05:13 C:\WINDOWS\SysWOW64\Tasks
2019-10-22 05:13 C:\WINDOWS\system32\Drivers\DriverData
2019-12-15 16:58 C:\WINDOWS\Tasks\ImCleanDisabled
2020-09-15 19:17 C:\WINDOWS\Minidump\091520-38468-01.dmp
2020-09-16 01:01 C:\WINDOWS\Minidump\091620-36156-01.dmp
2020-09-19 13:10 C:\WINDOWS\Minidump\091920-39437-01.dmp
2019-10-21 21:50 C:\ProgramData\Packages
2019-10-22 05:13 C:\ProgramData\WindowsHolographicDevices
2020-01-19 16:46 C:\Users\diogo\AppData\Local\ElevatedDiagnostics
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
 
ATTENTION: ==> Could not access BCD. The user is not administrator -> The boot configuration data store could not be opened.
Access is denied.
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-09-2020
Ran by elite (19-09-2020 15:08:39)
Running from C:\Users\elite\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Home Version 1909 18363.535 (X64) (2019-10-21 19:56:47)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-1868716592-2335926720-3886777892-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1868716592-2335926720-3886777892-503 - Limited - Disabled)
diogo (S-1-5-21-1868716592-2335926720-3886777892-1001 - Administrator - Enabled) => C:\Users\diogo
elite (S-1-5-21-1868716592-2335926720-3886777892-1002 - Limited - Enabled) => C:\Users\elite
Guest (S-1-5-21-1868716592-2335926720-3886777892-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1868716592-2335926720-3886777892-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.1.0.1424 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.22 - Advanced Micro Devices, Inc.)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.3.4.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{e8758547-b06a-4534-a291-d9062d2a6bf6}) (Version: 2.3.4.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{e46f527f-1e64-4554-abc1-115f3429c25c}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{7f23d3ea-a821-4293-b7f7-34383bf06437}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.50 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{12b6811a-dcdb-43c1-b3e4-80aef31134c5}) (Version: 1.0.50 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{277875e0-972c-4705-b09c-ca5acf5b2f7c}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.38 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.2.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{55c3ae30-56f9-48ea-a96d-1fad2739e1a2}) (Version: 0.0.2.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.37 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{ae71a627-f426-4c18-afc9-b379b0e88f97}) (Version: 1.0.37 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.39 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{d25743f5-a12e-4fa8-a426-6ee9c7b2ef9c}) (Version: 1.0.39 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.1.1 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{3fb92594-5d14-44b6-aa83-5e9823daa7e8}) (Version: 1.0.1.1 - ASUSTek COMPUTER INC.) Hidden
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.07.71 - ASUSTeK Computer Inc.)
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.30 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{e6f373bb-3881-463c-bd1a-3c948b067041}) (Version: 1.0.30 - ASUS) Hidden
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.03.56 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{fae81274-d8ce-4fcf-a8c8-2c1d949df742}) (Version: 3.03.56 - ASUSTeK Computer Inc.)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.205.0.1006 - BlueStack Systems, Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.12 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{7f2fddab-1f7d-4301-b534-6723e6315fe1}) (Version: 1.0.12 - CORSAIR COMPONENTS INC.) Hidden
CORSAIR iCUE Software (HKLM-x32\...\{229E0F5D-0FE7-4468-B856-DDF1B089345F}) (Version: 3.33.246 - Corsair)
Deep Rock Galactic (HKLM-x32\...\Deep Rock Galactic_is1) (Version:  - )
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_NS_LP_DocCD (HKLM-x32\...\{C5C00116-FFD7-465e-8316-6055F320E7E5}) (Version: 90.0.222.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (HKLM-x32\...\{D7CDAC3E-0962-41D6-829D-6AB524120B43}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (HKLM-x32\...\{F2C4B91A-250C-4A68-94EB-9643151F892B}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (HKLM-x32\...\{EED759C0-F201-4422-86FA-264075B882ED}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{de9f7705-d509-49a2-90f2-29a80ff3b785}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
F2100 (HKLM-x32\...\{3B5B7199-3880-4F64-84ED-DC13DBB10A72}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
F2100_Help (HKLM-x32\...\{C1920D73-7374-49d9-8C37-58A6E49078A5}) (Version: 90.0.222.000 - Hewlett-Packard) Hidden
Factorio (HKLM-x32\...\1238653230_is1) (Version: 1.0.0 - GOG.com)
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV - Complete Edition (HKLM-x32\...\Grand Theft Auto IV - Complete Edition_is1) (Version:  - )
Hearts of Iron IV Allied Armor (HKLM-x32\...\Hearts of Iron IV Allied Armor_is1) (Version:  - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet All-In-One Software (HKLM\...\{2CB8566A-8EA6-417A-BAB1-1B10A88C79BB}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.15 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{83d4c398-3b93-4ab0-95f0-6091b0a2f601}) (Version: 1.0.15 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Max Payne 3 Complete Edition (HKLM\...\bWF4cGF5bmUz_is1) (Version: 1 - )
Metal Gear Solid V: The Phantom Pain (HKLM-x32\...\{48397BFF-7C01-4B64-8F1A-0D468DDE5D73}_is1) (Version:  - Kojima Productions)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{810F1419-7760-402E-8772-B4054FAA2B72}) (Version: 1.0.0.0 - Mojang)
Neon Abyss – The Lovable Rogues Pack (HKLM-x32\...\2064492751_is1) (Version: 1.1.13.12_4 - GOG.com)
Neon Abyss (HKLM-x32\...\1743370862_is1) (Version: 1.1.13.12_4 - GOG.com)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.5 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Graphics Driver 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.38.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.38.831.832 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 6.1.2 (HKLM\...\{216BFD11-B076-4E88-8526-65CC9F94483C}) (Version: 6.1.2 - Oracle Corporation)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Parsec (HKLM-x32\...\Parsec) (Version: 150-36 - Parsec Cloud Inc.)
Project Zomboid (HKLM-x32\...\1453298883_is1) (Version: 40.43 - GOG.com)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Quick CPU (HKLM-x32\...\{41F4C8EE-903D-4EB5-B6EB-75413BF496DE}) (Version: 3.0.1.0 - CoderBag)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21288 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8702.1 - Realtek Semiconductor Corp.)
RimWorld Royalty (HKLM-x32\...\RimWorld Royalty_is1) (Version:  - )
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.25.260 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 1.4.5.433754439 - GOG.com)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 97.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wise Memory Optimizer 3.6.7 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 3.6.7 - WiseCleaner.com, Inc.)
WizTree v3.30 (HKLM\...\WizTree_is1) (Version: 3.30 - Antibody Software)
ZeroTier One (HKLM-x32\...\{80CEE5C9-4DF0-43F5-B232-484D6455978E}) (Version: 1.4.6 - ZeroTier, Inc.) Hidden
ZeroTier One (HKLM-x32\...\ZeroTier One 1.4.6) (Version: 1.4.6 - ZeroTier, Inc.)
ZeroTier One Virtual Network Port (HKLM\...\{4AFE4740-C680-40FE-B6B0-0C15EB0176F1}) (Version: 1.0.0 - ZeroTier) Hidden
Packages:
=========
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.3.3143.0_x86__8wekyb3d8bbwe [0000-00-00] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.179.0_x64__dt26b99r8h8gj [0000-00-00] (Realtek Semiconductor Corp)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c [0000-00-00] (Skype)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-03-04] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.143.0716.0003\amd64\FileSyncShell64.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2010-08-03] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-06-19 10:43 - 2019-06-19 10:43 - 000207872 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\AacHal_x86.dll
2018-03-20 15:34 - 2018-03-20 15:34 - 000265728 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\SB_SMBUS_SDK.dll
2019-06-28 11:51 - 2019-06-28 11:51 - 000184832 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_M2_HAL\AacHal_x86.dll
2020-08-31 20:30 - 2020-08-31 20:30 - 000351744 _____ () [File not signed] D:\Programs\Corsair\CORSAIR iCUE Software\ActionsConverters.dll
2020-08-31 19:56 - 2020-08-31 19:56 - 000759296 _____ () [File not signed] D:\Programs\Corsair\CORSAIR iCUE Software\LegacyCommands.dll
2020-08-31 19:57 - 2020-08-31 19:57 - 000743424 _____ () [File not signed] D:\Programs\Corsair\CORSAIR iCUE Software\LegacyNotifications.dll
2020-08-31 19:55 - 2020-08-31 19:55 - 000530944 _____ () [File not signed] D:\Programs\Corsair\CORSAIR iCUE Software\MobileProto.dll
2020-08-31 19:56 - 2020-08-31 19:56 - 000200704 _____ () [File not signed] D:\Programs\Corsair\CORSAIR iCUE Software\ModelHelpers.dll
2020-08-31 19:55 - 2020-08-31 19:55 - 000209408 _____ () [File not signed] D:\Programs\Corsair\CORSAIR iCUE Software\quazip.dll
2020-08-31 19:55 - 2020-08-31 19:55 - 000101376 _____ () [File not signed] D:\Programs\Corsair\CORSAIR iCUE Software\zlib.dll
2020-07-29 23:51 - 2020-07-29 23:51 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] D:\Programs\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2020-07-29 23:51 - 2020-07-29 23:51 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] D:\Programs\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2019-06-28 17:23 - 2019-06-28 17:23 - 000428544 _____ (TODO: <Company name>) [File not signed] C:\Program Files\ASUS\Aac_Keyboard\AacKbHal_x86.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\System32:tdsrset_i.gfc [5846]
AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\Users\diogo:Heroes & Generals [38]
AlternateDataStreams: C:\Users\diogo\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\diogo\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\diogo\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\diogo\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
URLSearchHook: [S-1-5-21-1868716592-2335926720-3886777892-1001] ATTENTION => Default URLSearchHook is missing
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-07-17] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-10-22 05:13 - 2019-10-22 05:11 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\ZeroTier\One\
HKU\S-1-5-21-1868716592-2335926720-3886777892-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Hamachi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
ZeroTier One [e5cd7a9e1c0ba6c6]: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
ZeroTier One [9bee8941b54fc18f]: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
ZeroTier One [159924d630e3f3bc]: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1E2C962A-0F97-4B2B-B523-21B2B2EFF1BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CB99B1F2-A4F8-4FBC-A3CB-26832A0E7A0C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9F395577-7C8C-4629-8942-F1AC62A80C0C}] => (Allow) D:\SteamLibrary\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{E6D8D8A0-6C19-4790-9B77-5F07C1DE3C07}] => (Allow) D:\SteamLibrary\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [TCP Query User{000B24C4-08DA-4ACA-AEB5-63426231E933}C:\users\diogo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\diogo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{21282163-9AC5-46C9-8216-0DDDFE80C18C}C:\users\diogo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\diogo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7B8D0A3-1B0B-4ED4-96F8-09A6A3FC0559}] => (Allow) D:\SteamLibrary\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{996DB127-2FD5-4478-A947-1E1383CFC849}] => (Allow) D:\SteamLibrary\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{69EAC8E5-1E19-4BC7-85D8-98AAED88B6C1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7D55CF68-A751-4F90-9C86-D29E23A32131}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B75F6318-0FA8-4EFF-8E25-DF4C970993FF}] => (Allow) C:\Users\diogo\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{CC844D5F-9A9C-4940-879A-DB05E856769B}] => (Allow) C:\Users\diogo\AppData\Roaming\BitTorrent\BitTorrent.exe => No File
FirewallRules: [{1FAEF953-F35C-43E8-8927-0A3ADCD375CA}] => (Allow) D:\SteamLibrary\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{15DF9B57-3255-4AD1-BE09-01EF16C8C9CB}] => (Allow) D:\SteamLibrary\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{426B9988-2BFF-4923-953D-259A2BACA1B8}] => (Allow) D:\SteamLibrary\steamapps\common\hotline_miami\HotlineMiami.exe (Devolver) [File not signed]
FirewallRules: [{0B37345F-D382-43C2-9190-62CA157BFD19}] => (Allow) D:\SteamLibrary\steamapps\common\hotline_miami\HotlineMiami.exe (Devolver) [File not signed]
FirewallRules: [TCP Query User{B7510358-B5DB-4E77-8AEF-7BC71B532463}D:\jogos\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\jogos\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{B16CBD3B-079B-465F-B713-4219D6A41685}D:\jogos\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\jogos\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{65221636-C07E-41FF-A350-7B42C06AA387}] => (Allow) D:\SteamLibrary\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{A518A6A6-3C66-44F6-B0AB-7197F76FA120}] => (Allow) D:\SteamLibrary\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{46EA87FB-64C7-49C5-B06A-8A11AF83BE77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D050BEF9-92C1-4270-8ED4-D02526FBA152}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{712887FD-7389-48B8-BAD3-D1E308C89129}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{85DC0E93-8051-4501-8907-C07CAA883E1A}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{E53C1C58-26BE-4D8F-8B20-5631AEB10C1A}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{B869272E-9B09-48CC-B1C4-47B174AC29CC}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{76BDAC81-0F2B-4633-9C4C-3916876B22AF}] => (Allow) LPort=9993
FirewallRules: [{69CFC440-5050-4600-A74B-AF5257C46C29}] => (Allow) LPort=9993
FirewallRules: [{3522BFC0-1A4B-4A32-BDAE-C2B052CE0953}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )
FirewallRules: [TCP Query User{67207259-DF91-4524-A3D5-3790D59BD825}D:\jogos\clonehero-win64\clone hero.exe] => (Allow) D:\jogos\clonehero-win64\clone hero.exe () [File not signed]
FirewallRules: [UDP Query User{A6FA4591-FDA0-4648-BCA2-083063297856}D:\jogos\clonehero-win64\clone hero.exe] => (Allow) D:\jogos\clonehero-win64\clone hero.exe () [File not signed]
FirewallRules: [{C2003615-AC48-4BE2-A420-83887B20817F}] => (Block) D:\jogos\clonehero-win64\clone hero.exe () [File not signed]
FirewallRules: [{58E23DDE-A732-48BD-B40D-C2F9DDA71EB6}] => (Block) D:\jogos\clonehero-win64\clone hero.exe () [File not signed]
FirewallRules: [TCP Query User{106523A7-001D-4B38-9669-4B6732F1FA2C}E:\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) E:\tom clancy's rainbow six siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{0BBF9CC5-D7FD-4AB1-8D87-140326FD4090}E:\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) E:\tom clancy's rainbow six siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{BB310CB1-DC04-400B-BCBD-86D2F7907A6E}] => (Block) E:\tom clancy's rainbow six siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{402EBBFF-EFD6-491C-A584-5DA090262845}] => (Block) E:\tom clancy's rainbow six siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F9A0A552-E8B1-49C2-9FB7-A1C45608927B}] => (Allow) C:\Users\diogo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FDD39ACE-48C2-4E9E-AB5E-CD041BB48E91}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{9127AD01-2BC8-4693-83E7-44A3272989C1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{6C60E017-767F-4FDA-BF79-C19D4321A0E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{16252CA0-7C2C-4EF2-9EF6-D87EBC57CB2C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{6878BCB0-B13C-4A18-9E3E-71CA9CC01198}D:\instalacoes\stardew valley\stardew valley.exe] => (Allow) D:\instalacoes\stardew valley\stardew valley.exe (ConcernedApe) [File not signed]
FirewallRules: [UDP Query User{66F87FD4-27C8-48AC-9379-B89672BC6AB1}D:\instalacoes\stardew valley\stardew valley.exe] => (Allow) D:\instalacoes\stardew valley\stardew valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{3E26778F-24B4-4573-9D8A-1579C290A393}] => (Block) D:\instalacoes\stardew valley\stardew valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{3A2C0E74-F316-4496-A42F-DA57350486A3}] => (Block) D:\instalacoes\stardew valley\stardew valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{1B243CC8-CF7E-44EA-AE59-37E91891B1E6}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{73F4176B-294B-48AB-BD62-D2F6F804A240}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [TCP Query User{8B67A2E9-7029-4101-B3E8-6E0B00DB8697}D:\instalacoes\stardew valley\stardewmoddingapi.exe] => (Allow) D:\instalacoes\stardew valley\stardewmoddingapi.exe (StardewModdingAPI) [File not signed]
FirewallRules: [UDP Query User{DFA70DAE-BBDA-459D-902F-DAC2555C4B62}D:\instalacoes\stardew valley\stardewmoddingapi.exe] => (Allow) D:\instalacoes\stardew valley\stardewmoddingapi.exe (StardewModdingAPI) [File not signed]
FirewallRules: [{08A0E788-7583-4E67-A38A-C62ACED060FD}] => (Block) D:\instalacoes\stardew valley\stardewmoddingapi.exe (StardewModdingAPI) [File not signed]
FirewallRules: [{AF1E918C-E779-439D-B02E-EE626411F15A}] => (Block) D:\instalacoes\stardew valley\stardewmoddingapi.exe (StardewModdingAPI) [File not signed]
FirewallRules: [TCP Query User{CB8CE29D-2FD3-4E58-B278-2CC8C1654304}E:\games\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\games\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{E66C44B4-6822-4433-89E1-65D5151B0444}E:\games\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\games\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{59CD3CC2-D546-45E0-B249-24B54A45B4D2}] => (Block) E:\games\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{B7D41DCD-1044-470E-B4A9-980F87CDD4CA}] => (Block) E:\games\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{E92D4DA1-CEFF-442A-B443-34614B9C702C}] => (Allow) D:\SteamLibrary\steamapps\common\tModLoader\tModLoader.exe (Re-Logic) [File not signed]
FirewallRules: [{C285E982-1BC7-43D4-AF7B-945A8CC1A1D2}] => (Allow) D:\SteamLibrary\steamapps\common\tModLoader\tModLoader.exe (Re-Logic) [File not signed]
FirewallRules: [{7C87AE76-57C3-4C68-8333-AF0868B8FC74}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{8782A2EC-5D50-40F6-A936-9FFDDB8B1806}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [TCP Query User{469EBD0B-E253-4B11-99BF-9EFA1F458D96}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [UDP Query User{6571A5D3-D53E-46E4-9A8D-183D58B913E2}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [{E80BE2F8-BDA4-481F-BD5A-AAB87CE86807}] => (Block) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [{81FEBB1E-8FAD-4F26-9836-D0AEA4424272}] => (Block) C:\program files\java\jre1.8.0_251\bin\javaw.exe => No File
FirewallRules: [TCP Query User{531B797E-20D5-4171-B2A8-047DA234832E}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{A9039C05-BBAA-4ADB-AD0C-077B89E55BC7}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{20DF03A7-B435-425A-979D-716D8A6F364C}] => (Block) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{DBE64618-2338-46A1-9663-D37B7E7CFCFA}] => (Block) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [TCP Query User{40B79540-D9C7-482B-B834-588F9B8E1C90}D:\instalacoes\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\instalacoes\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [UDP Query User{5347E9DF-93AE-4EDE-B894-210C3CE9F9EA}D:\instalacoes\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\instalacoes\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [{4C7D45A3-DB4E-42DC-803C-B2DA19059B64}] => (Block) D:\instalacoes\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [{22DF1B21-D031-4556-9838-18C5A68564DA}] => (Block) D:\instalacoes\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [TCP Query User{37650984-ED8C-4FD8-8486-FB07E4AA0F59}E:\games\steamapps\common\cities_skylines\cities.exe] => (Allow) E:\games\steamapps\common\cities_skylines\cities.exe => No File
FirewallRules: [UDP Query User{A77925DD-9BB5-4AD9-A471-4E998120AE5A}E:\games\steamapps\common\cities_skylines\cities.exe] => (Allow) E:\games\steamapps\common\cities_skylines\cities.exe => No File
FirewallRules: [{368E5DA2-7471-427F-AD6A-7FA2BAC41A01}] => (Block) E:\games\steamapps\common\cities_skylines\cities.exe => No File
FirewallRules: [{A2358D4E-125C-4D84-9F3F-3163629F537A}] => (Block) E:\games\steamapps\common\cities_skylines\cities.exe => No File
FirewallRules: [{C373F22D-B669-4422-9A4F-A827CDA1E9EA}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec)
FirewallRules: [{871CEFF2-690F-4791-9EF3-DA9196AC5623}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{DD97148B-AD31-495E-A496-A0680EB8652C}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{0A1D1586-9368-45EA-A356-8E5E5B11321C}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{2CE77519-F7E6-47F3-880F-5C58053E4DE6}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{94FE4429-D3DD-4B38-9611-B81031957DCC}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{99F772CF-D941-468F-9786-4E12A0BF7F7A}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{E6171CB9-CD13-4763-96E9-19EBAFA8DC2E}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{99ECBE77-03A6-431E-89EE-2AF6A5F0EEBA}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{754D9B8E-EAF2-4B59-95E4-4A8BD707D61F}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{898A320B-B6E2-4713-8C18-F5C770B2E9AE}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{9DA36698-A032-4436-9F61-F800F3A4F9A4}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{11145CB2-919C-497A-A334-1D5BA935E32C}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{B50F41BE-738E-49DD-9738-5A039FFDFDBC}] => (Allow) C:\Users\diogo\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{4E949D26-4AB7-441B-A51B-25F692FB6490}] => (Allow) C:\Users\diogo\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{BC6AE702-5D1C-4BEE-A1AB-9BCB842A8F59}] => (Allow) C:\Users\diogo\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{936F5E30-74A7-40DD-95EA-6C8477B635B8}] => (Allow) C:\Users\diogo\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{CE42CE7C-CFB7-432A-A7B0-42102B41425E}] => (Allow) C:\Users\diogo\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{03C6D3AC-8CAE-4279-B1E6-A4DEFDFD1753}] => (Allow) C:\Users\diogo\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{6629EA23-4C68-4667-B30D-5BBD1F712935}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{107C82CF-F6CA-4239-8A90-100F74565E6A}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [TCP Query User{BC57D6EA-20AD-4F9A-9D1B-6A3622036217}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [UDP Query User{B7BA41D0-61D7-40B6-8668-015402ED92F8}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [{432C98D6-F578-410C-8592-10E854FCADB6}] => (Block) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [{FEF86382-AA82-46EB-8F3F-290B95322422}] => (Block) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [{B3A89E03-855D-48F1-930B-564AD0E5090E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8086AB71-170B-4791-A61F-1FA1519EC1E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82271DB9-4632-4A8B-B26D-2F476E03909D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{85C400F8-3C6E-4854-AC4F-C03F10BD17E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{37BAF894-894A-4D56-8F73-89520E9DC067}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{ED98CA5F-6198-458A-8689-4791CBAAF472}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{7A430BC0-7687-400B-AA77-044638C7A9B1}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{BF3F965E-813C-4C5D-92D2-0065F6A6C047}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{17904F98-C5EA-4A29-9AEE-571D8678548E}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{794E9C74-33C8-4916-AC69-77BFA4A61477}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{FF1CD156-F8AF-4C48-8BE1-D901747DF073}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{F3C56C0F-8167-4467-B8DC-79E59A12A264}C:\users\diogo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\diogo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{995A7C98-246F-454B-97BF-19C0CB97FF6B}C:\users\diogo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\diogo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{18EBD1EC-5314-4335-A6BA-2CCC13FB86E7}E:\games\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe] => (Allow) E:\games\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe => No File
FirewallRules: [UDP Query User{4193A8C8-7B22-49E5-8271-3B0D386E00BA}E:\games\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe] => (Allow) E:\games\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe => No File
FirewallRules: [TCP Query User{19A9760E-1C36-4873-8569-168043312C0C}E:\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) E:\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [UDP Query User{5171A896-E888-4327-BE34-3DD18B3937A1}E:\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) E:\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{41AED242-27B8-4A02-9F8C-2EEA0DA23CF0}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{86EAE8E1-03B8-4CF3-9EBF-D83FB07AEC1E}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{94BD7DFF-D8FB-4DC2-9179-2ACD4E0EF33B}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{74EA2FD7-166B-4757-BDDD-63EAA57D1459}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{DEB9B051-4FFB-42D2-9C47-66D35A5CE9F9}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{6BB6EA75-9EB5-455A-A60E-CE1A30D47E59}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{379688D4-64F8-4011-842B-BE5DEADB926A}] => (Allow) D:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{0C3BB006-801F-47C5-AFFB-F3FFA4D46A6B}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{1D2F584E-5272-4C66-872A-7CB2605503EB}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{EA87F488-56A5-4EC5-9C5B-77D36BE02311}] => (Allow) E:\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{1F111216-6EBA-40EB-A4C4-28170FB3E1F8}] => (Allow) E:\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{BBFB5855-6569-4F4B-ACDE-A7780902E55F}] => (Allow) E:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{016CAB52-3913-4238-8EDF-B7767B74DDE3}] => (Allow) E:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{195E2B01-853F-459F-AB29-A44DE8CC4140}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F85B87B0-1AF5-4BA2-A299-06135049B2E0}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{CC8F7562-04A7-472D-ACF3-1399CB1850B5}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{F805648D-D91B-430D-B043-C24BD7E4A310}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{85CA2F9E-0F79-4A71-A1B4-C2767DF33DB0}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{D957936B-B540-4511-B5A7-3A8195B2CCF5}E:\hearts of iron iv allied armor\hoi4.exe] => (Allow) E:\hearts of iron iv allied armor\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [UDP Query User{92B2FD72-0D84-47D8-AC4E-EE6025356F80}E:\hearts of iron iv allied armor\hoi4.exe] => (Allow) E:\hearts of iron iv allied armor\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [TCP Query User{80F364FD-97F3-46BA-ABF7-375C87CF803E}E:\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) E:\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [UDP Query User{11FC1822-7806-449F-BDF5-02E264EFFD88}E:\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) E:\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [TCP Query User{2949748A-BA10-456D-8FB8-0C5AB0AC9078}E:\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{6FF6CE29-705E-48FD-B447-4AF342085BE3}E:\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [{6180FA41-BD73-472C-8246-EC966B98CCF9}] => (Block) E:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [{1FE6BBC4-775B-4003-BE80-F59FA3FC311B}] => (Block) E:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{7C126D58-5FE4-4FA5-A2F4-C4E37FD395D0}D:\instalacoes\project zomboid\projectzomboid64.exe] => (Allow) D:\instalacoes\project zomboid\projectzomboid64.exe () [File not signed]
FirewallRules: [UDP Query User{EB50FC4A-2D61-41EA-9786-9F03500A6D69}D:\instalacoes\project zomboid\projectzomboid64.exe] => (Allow) D:\instalacoes\project zomboid\projectzomboid64.exe () [File not signed]
FirewallRules: [{C299E1FA-B94B-4894-83F7-E8DAE3E960D2}] => (Block) D:\instalacoes\project zomboid\projectzomboid64.exe () [File not signed]
FirewallRules: [{28EC3C7A-45F0-4D54-8D0C-B3C5B67BB047}] => (Block) D:\instalacoes\project zomboid\projectzomboid64.exe () [File not signed]
FirewallRules: [TCP Query User{598B3C3C-C1DC-4555-BC55-C2083800BFE7}D:\instalacoes\factorio\bin\x64\factorio.exe] => (Allow) D:\instalacoes\factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [UDP Query User{C62FCBC0-515A-42CB-9525-F69AA4A6CA45}D:\instalacoes\factorio\bin\x64\factorio.exe] => (Allow) D:\instalacoes\factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{A98CBCD8-1F39-40FE-B03C-27ADFC9E9340}] => (Block) D:\instalacoes\factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{2DBD8F5B-96C5-4071-A12B-754E80885979}] => (Block) D:\instalacoes\factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{50045131-7F4E-4F6D-81BB-B8F4DF397E1B}] => (Allow) d:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A62F80DF-5979-411A-95E4-C04DEA505640}] => (Allow) d:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{9F8F618D-2A24-4CF5-9264-0B9240BB2C74}] => (Allow) d:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{D7F784C4-FFB6-444C-AF05-73E2F4ADDD80}] => (Allow) d:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{B2BC2E58-DBEB-48D6-8545-B1D419F79477}] => (Allow) d:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{9604C8AD-77E2-4C30-8377-E91D5EEFFE6C}] => (Allow) d:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EA216191-943D-4C5E-9D71-EFBCAE5F8E60}] => (Allow) d:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{01B7CD58-56DD-4D7F-BB0C-D36C957DA6A7}] => (Allow) d:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{26FD20CA-8BA9-4605-9D29-C90BA842584D}] => (Allow) d:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{D05060C8-3F7A-4626-84D2-4E2730FAA152}] => (Allow) d:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{1E1BD136-0A10-4144-8557-AA2EDD61E2B1}] => (Allow) d:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{3A6C4EE7-65F7-4BB5-A8DF-5C35FCDA680A}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{90DAF87C-271C-4414-9C17-13B0EC224BA7}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{3FCDEBD5-2482-4708-A28A-E202C7AA5F4C}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{3F113FA8-B4B5-4B02-9CFE-E2FBC57CD9AA}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{48D1B09B-685D-4383-8A8B-3E7D975E05C9}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{FA4CFAE5-F1E5-42A7-8262-221994C9F892}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [TCP Query User{55989E34-4F68-477B-86C1-1563A373F152}E:\games\steamapps\common\7 days to die\7daystodie.exe] => (Allow) E:\games\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [UDP Query User{E77FFC15-2C6C-4C38-923F-59C237759341}E:\games\steamapps\common\7 days to die\7daystodie.exe] => (Allow) E:\games\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [{834B0830-5635-4AB4-8554-E9F20A2977A4}] => (Block) E:\games\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [{D6FE6ED1-B5F5-428E-98DC-0F02BE960EFB}] => (Block) E:\games\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [TCP Query User{8BAE96C7-97CC-4574-9705-0CFCE2B1BA9A}C:\program files\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_261\bin\javaw.exe
FirewallRules: [UDP Query User{1EAD417C-4DF4-4E1F-8E90-D8389116F18C}C:\program files\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_261\bin\javaw.exe
FirewallRules: [{3132DD97-4398-4A09-900C-A5A04C401774}] => (Block) C:\program files\java\jre1.8.0_261\bin\javaw.exe
FirewallRules: [{C0088481-1740-43C5-A8F6-149B4065A4D9}] => (Block) C:\program files\java\jre1.8.0_261\bin\javaw.exe
FirewallRules: [{22832E95-F792-48CF-BE3A-75FCA2A6C655}] => (Allow) E:\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{6FF58F50-7517-43BC-A007-595022628504}] => (Allow) E:\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{1355DFA9-8833-4863-9D9A-C51CA5331EB2}] => (Allow) E:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{923996DC-AAF6-40C5-9F19-85692E1680D9}] => (Allow) E:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{955747D4-F895-4614-B903-18BB832EC9A8}] => (Allow) E:\Games\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{668BE3B8-D281-4C5A-A679-366C48208929}] => (Allow) E:\Games\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{1EDD9C6A-FC2B-46F5-9896-5461E14B5AF4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{587F5B34-CEA2-4689-AA34-844ACBA5EC02}] => (Allow) E:\Games\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe => No File
FirewallRules: [{8B196D2A-7337-43C2-B9B5-B88D4C16C02A}] => (Allow) E:\Games\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe => No File
FirewallRules: [{42427805-24C1-4CA5-940F-E9E72BAE602C}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{72DEF6FA-0C4C-41CD-B665-2E37CAE9E3A4}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [TCP Query User{B15DD694-5623-4F7F-92FE-3EA0DCB3D24E}E:\max payne 3\max payne 3\maxpayne3.exe] => (Allow) E:\max payne 3\max payne 3\maxpayne3.exe (Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{17019402-A9B1-45FE-8431-96501F1E24B7}E:\max payne 3\max payne 3\maxpayne3.exe] => (Allow) E:\max payne 3\max payne 3\maxpayne3.exe (Rockstar Games) [File not signed]
FirewallRules: [{F5C75962-1CE4-4248-B020-D9C257D70EC7}] => (Block) E:\max payne 3\max payne 3\maxpayne3.exe (Rockstar Games) [File not signed]
FirewallRules: [{10CF18D2-E6CE-4BAF-A350-F07414DC2F7B}] => (Block) E:\max payne 3\max payne 3\maxpayne3.exe (Rockstar Games) [File not signed]
FirewallRules: [{E70A79F8-B5FC-4563-B9D4-4DA78FDA1B37}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )
FirewallRules: [{A495003C-6B9C-41D0-B769-236E9465F1D6}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe (ZeroTier, Inc. -> )
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:279.45 GB) (Free:207.74 GB) (74%)
Check "VSS" service

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================
Application errors:
==================
Error: (09/19/2020 02:50:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchUI.exe, version: 10.0.18362.418, time stamp: 0x5d995690
Faulting module name: ucrtbase.dll, version: 10.0.18362.387, time stamp: 0x4361b720
Exception code: 0xc0000409
Fault offset: 0x000000000006db8e
Faulting process id: 0x2f90
Faulting application start time: 0x01d68e8742b594b1
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 1876f857-2e1d-402b-a34f-38cde3854ba9
Faulting package full name: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (09/19/2020 02:45:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.18362.1, time stamp: 0x4539d5a0
Faulting module name: SettingsEnvironment.Desktop.dll, version: 10.0.18362.387, time stamp: 0x10b406e4
Exception code: 0xc0000005
Fault offset: 0x000000000002b605
Faulting process id: 0x1c70
Faulting application start time: 0x01d68e855e225540
Faulting application path: C:\Windows\System32\RuntimeBroker.exe
Faulting module path: C:\WINDOWS\SYSTEM32\SettingsEnvironment.Desktop.dll
Report Id: 2304f3d3-d921-4793-9109-fbcd4124e6ad
Faulting package full name: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: runtimebroker07f4358a809ac99a64a67c1
Error: (09/19/2020 02:44:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RuntimeBroker.exe, version: 10.0.18362.1, time stamp: 0x4539d5a0
Faulting module name: SettingsEnvironment.Desktop.dll, version: 10.0.18362.387, time stamp: 0x10b406e4
Exception code: 0xc0000005
Fault offset: 0x000000000002b605
Faulting process id: 0x31ac
Faulting application start time: 0x01d68e8744c88a5e
Faulting application path: C:\Windows\System32\RuntimeBroker.exe
Faulting module path: C:\WINDOWS\SYSTEM32\SettingsEnvironment.Desktop.dll
Report Id: c4f32d75-60ca-40b7-acb1-42299682fee3
Faulting package full name: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: runtimebroker07f4358a809ac99a64a67c1
Error: (09/19/2020 02:32:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SecHealthUI.exe, version: 10.0.18362.387, time stamp: 0x5d8990a3
Faulting module name: SecHealthUIViewModels.dll, version: 10.0.18362.387, time stamp: 0x5d8990d6
Exception code: 0xc000041d
Fault offset: 0x00000000000088d8
Faulting process id: 0x38c8
Faulting application start time: 0x01d68e893a5e3cf6
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Faulting module path: C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
Report Id: 39e73594-c191-4029-a44b-e77e9c6029d1
Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy
Faulting package-relative application ID: SecHealthUI
Error: (09/19/2020 02:32:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SecHealthUI.exe, version: 10.0.18362.387, time stamp: 0x5d8990a3
Faulting module name: SecHealthUIViewModels.dll, version: 10.0.18362.387, time stamp: 0x5d8990d6
Exception code: 0xc0000005
Fault offset: 0x00000000000088d8
Faulting process id: 0x38c8
Faulting application start time: 0x01d68e893a5e3cf6
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Faulting module path: C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
Report Id: bb608159-3206-4798-98ea-b5e25b447132
Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy
Faulting package-relative application ID: SecHealthUI
Error: (09/19/2020 02:19:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ScpTrayApp.exe, version: 1.6.233.16006, time stamp: 0x568d9fdb
Faulting module name: KERNELBASE.dll, version: 10.0.18362.535, time stamp: 0x50cc8d5a
Exception code: 0xe0434352
Fault offset: 0x000000000003a839
Faulting process id: 0x33d8
Faulting application start time: 0x01d68e877c32e482
Faulting application path: D:\Programs\SCP\ScpTrayApp.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 375623f4-5d62-4842-88f6-068fccbaedef
Faulting package full name:
Faulting package-relative application ID:
Error: (09/19/2020 02:19:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ScpTrayApp.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.Remoting.RemotingException
   at System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(System.Runtime.Remoting.Activation.RemotingXmlConfigFileData, Boolean)
   at System.Runtime.Remoting.RemotingConfigHandler.DoConfiguration(System.String, Boolean)
   at System.Runtime.Remoting.RemotingConfiguration.Configure(System.String, Boolean)
   at ScpTrayApp.MainWindow..ctor()
Exception Info: System.Windows.Markup.XamlParseException
   at System.Windows.Markup.XamlReader.RewrapException(System.Exception, System.Xaml.IXamlLineInfo, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
   at System.Windows.Application.DoStartup()
   at System.Windows.Application.<.ctor>b__1_0(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at ScpTrayApp.App.Main()
Error: (09/19/2020 02:18:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800705B4
Command-line arguments:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

System errors:
=============
Error: (09/19/2020 03:09:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (09/19/2020 03:09:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (09/19/2020 03:07:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (09/19/2020 03:07:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (09/19/2020 03:05:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (09/19/2020 03:05:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (09/19/2020 03:03:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (09/19/2020 03:03:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Windows Defender:
===================================
Date: 2019-12-19 21:00:59.170
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {CED3E6AB-B27E-46B9-A973-09D624DF0D15}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-16 18:20:07.887
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7DC4A53C-350A-43DB-928C-D7570627355D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-15 18:17:37.004
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {FF54702A-7FF4-4E38-B6CB-2B6577585DEB}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-15 15:25:25.266
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D8F00F26-24AC-4819-945C-B4488612BDEE}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-15 11:01:55.220
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {FC2FEE83-9619-4E1C-A92C-05452E78DD9F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-20 00:16:21.991
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2019-12-14 17:35:42.739
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.460.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2020-07-02 12:41:54.068
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Users\diogo\AppData\Roaming\Discord\0.0.306\modules\discord_hook\4d35b5f44b\DiscordHook64.dll that did not meet the Store signing level requirements.
Date: 2020-05-07 20:12:00.030
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-07 20:12:00.024
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-07 20:11:59.773
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-07 20:11:59.766
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-07 20:11:59.718
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-07 20:11:59.711
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-07 20:11:55.302
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1823 10/15/2019
Motherboard: ASUSTeK COMPUTER INC. PRIME B450M-A
Processor: AMD Ryzen 7 2700X Eight-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 16315.19 MB
Available physical RAM: 11730.68 MB
Total Virtual: 29115.19 MB
Available Virtual: 22711.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:207.74 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:398.07 GB) (Free:240.12 GB) NTFS
Drive e: (Disk) (Fixed) (Total:298.09 GB) (Free:27.89 GB) NTFS
\\?\Volume{e810cd58-a5eb-4e85-9420-d4a81ae56f90}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.54 GB) NTFS
\\?\Volume{5e0fa865-7152-4b55-bfe2-e2343b70a06b}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.53 GB) NTFS
\\?\Volume{39db10a8-edff-411f-9e3d-346eb698d539}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
 
 

 

ADWcleaner.PNG

WinDefBlank.PNG

WinDefHijacked.PNG

WinDefServices.PNG

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.