[SOLVED] Need help in ruling out malware as the source of severe system slowdown during downloads

[AlucardSX]

Hi,
as described in this thread over in the Windows 10 forum, I have a problem where Windows 10 all but goes into cardiac arrest every time I try to download after the system has been running for a couple of hours. So after trying a few solutions with no success, the mod helping me asked me to turn to you guys to see if the problem might be malware-related.
Here's the data from the FRST logs:

FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Ran by aluca (administrator) on DESKTOP-4F0VDIR (04-09-2023 21:47:22)
Running from C:\Users\aluca\Desktop\FRST64.exe
Loaded Profiles: aluca & _ashbackuppb_
Platform: Microsoft Windows 10 Home Version 22H2 19045.3324 (X64) Language: German (Germany) -> English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\backupService-abpb.exe ->) () [File not signed] C:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\oxHelper.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\AlwaysOnTop\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\ColorPicker\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\PowerOCR\PowerToys.PowerOCR.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2309.1001.3.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(explorer.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\aluca\AppData\Local\Programs\signal-desktop\Signal.exe <4>
(explorer.exe ->) (Voyetra Turtle Beach, Inc. -> ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\ROCCAT_Swarm_Monitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(MosArt) [File not signed] C:\TECKNET wireless gaming mouse\TECKNET wireless gaming mouse.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\backupService-abpb.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) D:\Origin\OriginWebHelperService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(services.exe ->) (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(services.exe ->) (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3828c822366e497\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12a8d6d742c436e2\RtkAudUService64.exe
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) D:\Emulatoren\Android\MEmu\MemuService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (GameplayCrush) [File not signed] C:\Users\aluca\Downloads\WindowedBorderlessGaming_2.1.0.1\WindowedBorderlessGaming.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.51922.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2309.1001.3.0_x64__8wekyb3d8bbwe\XboxPcApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_4.6.2.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.14326.21452.0_x64__8wekyb3d8bbwe\onenoteim.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Voyetra Turtle Beach, Inc. -> ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\ROCCAT_dev_service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12a8d6d742c436e2\RtkAudUService64.exe [1211184 2020-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [144696 2017-02-14] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [598200 2018-09-28] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [TECKNET wireless gaming mouse] => C:\TECKNET wireless gaming mouse\TECKNET wireless gaming mouse.exe [3845632 2018-06-25] (MosArt) [File not signed]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Run: [] => [X]
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\aluca\AppData\Local\Programs\signal-desktop\Signal.exe [163621088 2023-08-09] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [280952 2022-02-18] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Run: [Humble Bundle] => C:\Users\aluca\AppData\Local\Programs\Humble App\Humble App.exe [151919352 2023-04-07] (Humble Bundle Inc. -> Humble Bundle)
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2637928 2023-08-28] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Run: [ASRock A-Tuning] => [X]
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Run: [GoogleChromeAutoLaunch_DC6ADF56C95D4F38FCEEDC413012C68B] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3219744 2023-08-26] (Google LLC -> Google LLC)
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\MountPoints2: {cbb4c2c2-e06f-11e6-8363-806e6f6e6963} - "I:\LaunchU3.exe" -a
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5307536 2023-08-10] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [680448 2023-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\Windows\system32\hpinkstsB111LM.dll [328552 2012-01-11] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\116.0.5845.141\Installer\chrmstp.exe [2023-09-01] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2023-07-13]
ShortcutTarget: ROCCAT Swarm Monitor.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\ROCCAT_Swarm_Monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT)
Startup: C:\Users\aluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\QTTabBar Desktop Extension StartUp.QTTabGroup [2022-04-10] () [File not signed]
Startup: C:\Users\aluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Razer Synapse.lnk [2019-01-20]
ShortcutTarget: Razer Synapse.lnk -> C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd. -> Razer Inc.)
GroupPolicy-Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {C83D7EEC-CF0F-496B-ADD1-8DDF6C8E4E70} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CA01A975-9253-4F8F-B6E6-C87559BFC2E8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {09F575CF-37C7-4F0C-996F-EA2BF7FF278D} - System32\Tasks\Avira_Antivirus_Systray => "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min (No File)
Task: {EC5E8D14-E52D-4004-A84B-20D546213EAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-22] (Google Inc -> Google Inc.)
Task: {94C011EA-2384-4955-9D38-449068CC1792} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-22] (Google Inc -> Google Inc.)
Task: {689E3C95-59C0-4F8F-B6A3-F8D5DE2EC95C} - System32\Tasks\GSM_ao1jk-fcd33-67bde-vpwqd-s75md => D:\GameSave Manager\gs_mngr_3.exe [2696704 2021-09-29] (InsaneMatt) [File not signed]
Task: {685A4C3E-D289-46FB-BCA0-7C3BB9C2BFA5} - System32\Tasks\GSM_idnda-nwhy8-xbl73-7zqwz-ifk2j => F:\Game Save Manager\gs_mngr_3.exe [2719232 2022-10-05] (InsaneMatt) [File not signed]
Task: {F9E652F1-4BC0-4FE9-A5CD-A07B9C9E3191} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => %ProgramFiles%\rempl\remsh.exe /RunUsoScanOnly (No File)
Task: {B2F3FA69-F65C-4FC7-8EF2-8DA67FA21947} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F3225AE4-7FBA-4F07-9DD7-BF8095F29DAD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB213597-08DF-4CBA-8A39-E07585A422EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {05FD2621-3B5D-4233-9ADE-EE705C48355C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94B414E2-92D6-486D-993C-951E3FC571CA} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {647CA575-AC0B-4C42-8168-CCEC90CD205D} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [File not signed]
Task: {64D1A739-5CF7-42DD-B98B-2C3EB94E523C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2023-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B4C819D7-6FD8-468F-86A6-07364802F689} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-03-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E4FA52EF-018E-4AF1-9A5F-3C03228E5967} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {732F2E43-AF41-415D-AFC9-5E92D723A69F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CDC679C3-63DF-42B1-AA46-C19E5B5290E4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {29DEA42D-43EA-4840-934B-B0D2EE8CCBCB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9D30AEA-8B9F-46A3-899D-D88C4BECE4F8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4CEB2DF4-2A77-49D7-88CE-6D7209135101} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D3601D3-73F2-497C-A247-F3B611BDD81E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5E27FF97-A730-42F5-BE88-127508A2D6DA} - System32\Tasks\PowerToys\Autorun for aluca => C:\Program Files\PowerToys\PowerToys.exe [1105344 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E48E8A7-4F4F-48E2-A71D-14CD219A323B} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [15732968 2018-06-18] (London Trust Media Inc -> ) [File not signed]
Task: {78C78A37-53AA-4E4D-A390-0276E7B15B5B} - System32\Tasks\ROCCAT DEVICE SERVICE => C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\ROCCAT_dev_service.exe [459672 2023-07-20] (Voyetra Turtle Beach, Inc. -> ROCCAT)
Task: {708B6639-2037-464B-98F7-CEA0868C16AC} - System32\Tasks\WindowedBorderlessGaming-aluca => C:\Users\aluca\Downloads\WindowedBorderlessGaming_2.1.0.1\WindowedBorderlessGaming.exe [893952 2015-03-17] (GameplayCrush) [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{43abba81-ac26-4732-bfde-521916648fe9}: [DhcpNameServer] 192.168.233.93
Tcpip\..\Interfaces\{a0d541e1-fa30-463e-92f7-238451da0013}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fb2f4ab8-91e9-4b9d-93a1-3bca2dfa3a8c}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-04]
Edge HomePage: Default -> hxxps://www.google.at/webhp?hl=en
Edge StartupUrls: Default -> "chrome-extension://edacconmaakjimmfgnblocblbcdcpbko/main.html","hxxp://www.google.com/","hxxps://www.google.com/"
Edge Extension: (Google Translate) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-04-10]
Edge Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2023-09-04]
Edge Extension: (Google Voice Search Hotword (Beta)) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2022-03-23]
Edge Extension: (Avira Safe Shopping) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-10-31]
Edge Extension: (Pushbullet) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-04-08]
Edge Extension: (Search by Image (by Google)) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2022-03-23]
Edge Extension: (Checker Plus for Gmail™) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkjkomkbjefdadfgbgdfgnpbmhmppiaa [2023-09-04]
Edge Extension: (Augmented Steam) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dnhpnfgdlenaccegplpojghhmaamnnfp [2023-07-14]
Edge Extension: (Avira Password Manager) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-04-08]
Edge Extension: (Checker Plus for Google Calendar™) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fbongfbliechkeaegkjfehhimpenoani [2023-09-04]
Edge Extension: (Grammar Checker & Paraphraser – LanguageTool) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hfjadhjooeceemgojogkhlppanjkbobc [2023-09-02]
Edge Extension: (SteamDB) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hjknpdomhlodgaebegjopkmfafjpbblg [2023-09-04]
Edge Extension: (MyJDownloader Browser Extension) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ieapabanbplofifeaapjocpaogdhncdd [2022-03-23]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-02]
Edge Extension: (Chrome Remote Desktop) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-01-16]
Edge Extension: (Ask Historians Comment Helper) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jdkfbkogojpmdmpnkgjcgpngkkmhdfem [2022-03-23]
Edge Extension: (Reddit Enhancement Suite) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlhgedjpndhblehblebhncfmkkpngiep [2023-04-08]
Edge Extension: (Edge relevant text changes) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-02]
Edge Extension: (Chrometana - Redirect Bing Somewhere Better) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kaicbfmipfpfpjmlbpejaoaflfdnabnc [2022-03-23]
Edge Extension: (Image Viewer) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kcljlcpbfbkapegpifkodjdmdllgdlmk [2022-03-23]
Edge Extension: (h264ify) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ldjamdlpbjpcfagnckgipdjiamhdcnbd [2022-03-23]
Edge Extension: (Chrometana Pro - Redirect Cortana and Bing) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lllggmgeiphnciplalhefnbpddbadfdi [2023-01-16]
Edge Extension: (BeeLine Reader) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lnhgohblpnbhabhglnlalchebkiegcii [2022-10-31]
Edge Extension: (Bing2Google) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mgoehlfmhfafaiepckjikpphoklijedl [2022-03-23]
Edge Extension: (Plugins) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mmcblfncjaclajmegihojiekebofjcen [2023-09-04]
Edge Extension: (Video Deck for YouTube™) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mpoakikepagdiphlmfaeifpojdmbnegj [2022-03-23]
Edge Extension: (Fakespot Fake Amazon Reviews and eBay Sellers) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nakplnnackehceedgkgkokbgbmfghain [2023-09-04]
Edge Extension: (AdBlock — best ad blocker) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-09-02]
Edge Extension: (Extensions Update Notifier) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nlldbplhbaopldicmcoogopmkonpebjm [2022-03-23]
Edge Extension: (Comic Updater) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pclklbdlpfhhbigalgggdfgiegbkipne [2022-03-23]
Edge Extension: (FFBE Sync) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pjcodgpdnfndnjegedmjnlamjfkigied [2023-03-14]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: piWQYoLX.default
FF ProfilePath: C:\Users\aluca\AppData\Roaming\Zotero\Zotero\Profiles\5hrqqoqw.default [2018-05-13]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2018-05-12] [Legacy] [not signed]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2018-05-12] [Legacy] [not signed]
FF ProfilePath: C:\Users\aluca\AppData\Roaming\Mozilla\Firefox\Profiles\piWQYoLX.default [2022-09-29]
FF Extension: (Avira Browser Safety) - C:\Users\aluca\AppData\Roaming\Mozilla\Firefox\Profiles\piWQYoLX.default\Extensions\abs@avira.com.xpi [2018-12-09] [UpdateUrl:hxxps://download.avira.com/package/abs/firefox/update-webext.rdf]
FF Extension: (Video DownloadHelper) - C:\Users\aluca\AppData\Roaming\Mozilla\Firefox\Profiles\piWQYoLX.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-01-04]
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-10-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-10-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] (Apple Inc. -> )
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3615177999-3261653453-3779512466-1001: ubisoft.com/uplaypc -> G:\Die Siedler 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll [2013-02-27] (Ubisoft Massive -> Ubisoft)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default [2023-09-04]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://loginstrom.com; hxxps://messages.google.com; hxxps://new.reddit.com; hxxps://web.whatsapp.com; hxxps://www.derstandard.at; hxxps://www.mydpd.at; hxxps://www.netflix.com; hxxps://www.reddit.com
CHR HomePage: Default -> hxxps://www.google.at/webhp?hl=en
CHR StartupUrls: Default -> "chrome-extension://edacconmaakjimmfgnblocblbcdcpbko/main.html","hxxp://www.google.com","hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?name=f&hl=en&q={searchTerms}
CHR DefaultSearchKeyword: Default -> google (no country redirect)
CHR Extension: (Google Übersetzer) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-23]
CHR Extension: (h264ify) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleakchihdccplidncghkekgioiakgal [2019-09-09]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2017-05-23]
CHR Extension: (Honey: Automatische Coupons & Prämien) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-09-04]
CHR Extension: (History 2) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp [2017-01-22]
CHR Extension: (Pushbullet) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-03-26]
CHR Extension: (uBlock Origin) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-07-30]
CHR Extension: (Search by Image (by Google)) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2017-01-22]
CHR Extension: (Augmented Steam) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhpnfgdlenaccegplpojghhmaamnnfp [2023-07-08]
CHR Extension: (Reddit Masstagger) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebjdimopaogdkhiagbgmkjjhehmooheo [2019-11-17]
CHR Extension: (Session Buddy) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2023-07-26]
CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-08-25]
CHR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28]
CHR Extension: (Avira Browserschutz) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-26]
CHR Extension: (Chrome Remote Desktop) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-18]
CHR Extension: (Google Docs Offline) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-25]
CHR Extension: (AdBlock – der beste Ad-Blocker) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-08-09]
CHR Extension: (TweetDeck by Twitter) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2017-01-22]
CHR Extension: (feedly) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2017-01-22]
CHR Extension: (AirDroid) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2017-01-22]
CHR Extension: (Checker Plus for Google Calendar™) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhggnncdpfibdhinjiegagmopldibha [2023-08-22]
CHR Extension: (BeeLine Reader) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifjafammaookpiajfbedmacfldaiamgg [2023-07-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-08-29]
CHR Extension: (Forecastfox) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihffmkcfkejomlfnilnmkokcpgclhfeg [2017-01-22]
CHR Extension: (Chrome Remote Desktop) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-08]
CHR Extension: (Ask Historians Comment Helper) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdkfbkogojpmdmpnkgjcgpngkkmhdfem [2019-10-16]
CHR Extension: (Chrometana - Redirect Bing Somewhere Better) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaicbfmipfpfpjmlbpejaoaflfdnabnc [2017-07-27]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2023-04-04]
CHR Extension: (Image Viewer) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcljlcpbfbkapegpifkodjdmdllgdlmk [2017-01-22]
CHR Extension: (SteamDB) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2023-08-24]
CHR Extension: (Chrometana Pro - Redirect Cortana and Bing) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lllggmgeiphnciplalhefnbpddbadfdi [2022-12-07]
CHR Extension: (AirDroid Remote Control Plugin) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2019-11-19]
CHR Extension: (Bing2Google) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgoehlfmhfafaiepckjikpphoklijedl [2017-01-22]
CHR Extension: (Plugins) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcblfncjaclajmegihojiekebofjcen [2023-09-04]
CHR Extension: (Video Deck for YouTube™) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpoakikepagdiphlmfaeifpojdmbnegj [2017-04-08]
CHR Extension: (Fakespot Fake Amazon Reviews and eBay Sellers) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nakplnnackehceedgkgkokbgbmfghain [2023-08-24]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2023-08-11]
CHR Extension: (Extensions Update Notifier) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlldbplhbaopldicmcoogopmkonpebjm [2017-01-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2023-08-21]
CHR Extension: (Grammatik- und Rechtschreibprüfung – LanguageTool) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldceeleldhonbafppcapldpdifcinji [2023-07-03]
CHR Extension: (Youtube Playlist Load All) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbclhlmcclobinpephoflilgclodhnmf [2017-01-22]
CHR Extension: (Comic Updater) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pclklbdlpfhhbigalgggdfgiegbkipne [2017-12-10]
CHR Extension: (FFBE Sync) - C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjcodgpdnfndnjegedmjnlamjfkigied [2023-02-27]
CHR Extension: (Sci-Hub) - C:\Users\aluca\Downloads\Sci-Hub [2017-02-10] [UpdateUrl:hxxp://31.184.194.81/update] <==== ATTENTION
CHR Profile: C:\Users\aluca\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-02-16]
CHR Profile: C:\Users\aluca\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [hncafdhkllgldnimopgfkgnlcijmonah]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"MBAMChameleon" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATTENTION (Rootkit!/Locked Service)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] (ASUSTeK Computer Inc. -> )
R2 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\backupService-abpb.exe [34184 2020-11-17] (Ashampoo GmbH & Co. KG -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2023-01-26] (BattlEye Innovations e.K. -> )
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2012-07-13] (Brother Industries, Ltd.) [File not signed]
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe [74520 2023-06-26] (Google LLC -> Google LLC)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [10941544 2023-08-28] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-11-24] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-09] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-11-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-05-22] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; D:\GOG Galaxy\GalaxyClientService.exe [2346464 2023-07-20] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-07-20] (GOG sp. z o.o -> GOG.com)
S4 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-11] (Hi-Rez Studios) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-08-08] (HP Inc. -> HP Inc.)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8929608 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9283096 2023-08-27] (Malwarebytes Inc. -> Malwarebytes)
R2 MEmuSVC; D:\Emulatoren\Android\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [783728 2021-12-20] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [228208 2021-12-20] (MiniTool Software Limited -> )
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [281464 2022-02-18] (nordvpn s.a. -> TEFINCOM S.A.)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2575064 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3494672 2022-03-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2018-01-18] (Even Balance, Inc. -> )
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16552248 2023-01-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4076744 2017-02-14] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-11-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
S2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [1037624 2017-02-14] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 AntivirProtectedService; "C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3828c822366e497\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3828c822366e497\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 SoundBoosterService; C:\Program Files (x86)\Letasoft Sound Booster\SoundBoosterService.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] (ASUSTeK Computer Inc. -> )
S3 AsrDrv105; C:\WINDOWS\SysWOW64\Drivers\AsrDrv105.sys [40696 2023-08-28] (ASROCK INC. -> ASRock Incorporation)
S3 atvi-randgrid; C:\ProgramData\Battle.net_components\randgridauks\randgrid.sys [2986792 2023-09-01] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 cpuz143; C:\Users\aluca\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2023-09-02] (CPUID -> CPUID) <==== ATTENTION
S3 cpuz155; C:\Windows\temp\cpuz155\cpuz155_x64.sys [41480 2023-09-02] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Power Technology -> Windows (R) Win 7 DDK provider)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MEmuDrv; C:\Windows\system32\DRIVERS\MEmuDrv.sys [319448 2019-04-15] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R3 MpKsl68cd9a67; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DA88474F-78D1-4D98-878C-3FDD304493C4}\MpKslDrv.sys [222464 2023-09-04] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl97551fff; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DA88474F-78D1-4D98-878C-3FDD304493C4}\MpKslDrv.sys [222464 2023-09-04] (Microsoft Windows -> Microsoft Corporation)
R2 NDivert; C:\Program Files\NordVPN\6.48.19.0\Drivers\NDivert.sys [131456 2022-04-05] (nordvpn s.a. -> Nordvpn S.A.)
R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2023-03-17] (Nvidia Corporation -> NVIDIA Corporation)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [80296 2023-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\Windows\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [52872 2020-05-22] (Tomasz Moń -> USBPcap)
R3 VirtualHID; C:\Windows\System32\drivers\VirtualHID.sys [26768 2022-08-15] (Voyetra Turtle Beach, Inc. -> TurtleBeach)
R1 Vsdatant; C:\Windows\system32\DRIVERS\vsdatant.sys [461240 2017-03-16] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55872 2023-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [574872 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [42688 2016-07-16] (Microsoft Corporation -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Users\aluca\Downloads\RealTemp_370\WinRing0x64.sys [14544 2008-07-26] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2022-04-10] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221376 2016-07-16] (Microsoft Corporation -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-09-10] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
S3 ALSysIO; \??\C:\Users\aluca\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 HWiNFO_174; \??\C:\Users\aluca\AppData\Local\Temp\HWiNFO64A_174.SYS [X] <==== ATTENTION
U3 iswSvc; no ImagePath
U4 npcap_wifi; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-09-04 21:47 - 2023-09-04 21:48 - 000049909 _____ C:\Users\aluca\Desktop\FRST.txt
2023-09-04 21:46 - 2023-09-04 20:21 - 002382336 _____ (Farbar) C:\Users\aluca\Desktop\FRST64.exe
2023-09-04 20:51 - 2023-09-04 20:57 - 000230480 _____ C:\Users\aluca\Downloads\Addition.txt
2023-09-04 20:49 - 2023-09-04 20:57 - 000072892 _____ C:\Users\aluca\Downloads\FRST.txt
2023-09-04 20:21 - 2023-09-04 21:47 - 000000000 ____D C:\FRST
2023-09-04 20:21 - 2023-09-04 20:21 - 002382336 _____ (Farbar) C:\Users\aluca\Downloads\FRST64.exe
2023-09-03 20:12 - 2023-09-03 20:12 - 000000000 ____D C:\Windows\LastGood.Tmp
2023-09-03 20:07 - 2023-08-16 12:15 - 000849088 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-09-03 20:07 - 2023-08-16 12:15 - 000849088 _____ C:\Windows\system32\vulkaninfo.exe
2023-09-03 20:07 - 2023-08-16 12:15 - 000713912 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-09-03 20:07 - 2023-08-16 12:15 - 000713912 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-09-03 20:07 - 2023-08-16 12:15 - 000653504 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-09-03 20:07 - 2023-08-16 12:15 - 000653504 _____ C:\Windows\system32\vulkan-1.dll
2023-09-03 20:07 - 2023-08-16 12:15 - 000637112 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-09-03 20:07 - 2023-08-16 12:15 - 000637112 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-09-03 20:07 - 2023-08-16 12:14 - 001487376 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-09-03 20:07 - 2023-08-16 12:14 - 001227296 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-09-03 20:07 - 2023-08-16 12:11 - 000669320 _____ C:\Windows\system32\nvofapi64.dll
2023-09-03 20:07 - 2023-08-16 12:10 - 001537544 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2023-09-03 20:07 - 2023-08-16 12:10 - 001195016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2023-09-03 20:07 - 2023-08-16 12:10 - 000938608 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2023-09-03 20:07 - 2023-08-16 12:10 - 000504456 _____ C:\Windows\SysWOW64\nvofapi.dll
2023-09-03 20:07 - 2023-08-16 12:09 - 002168456 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2023-09-03 20:07 - 2023-08-16 12:09 - 001622152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2023-09-03 20:07 - 2023-08-16 12:09 - 000992368 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2023-09-03 20:07 - 2023-08-16 12:09 - 000777760 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2023-09-03 20:07 - 2023-08-16 12:09 - 000768648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2023-09-03 20:07 - 2023-08-16 12:08 - 014520968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2023-09-03 20:07 - 2023-08-16 12:08 - 012066320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2023-09-03 20:07 - 2023-08-16 12:08 - 003483168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2023-09-03 20:07 - 2023-08-16 12:08 - 000459912 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2023-09-03 20:07 - 2023-08-16 12:07 - 006190088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2023-09-03 20:07 - 2023-08-16 12:07 - 005845640 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2023-09-03 20:07 - 2023-08-16 12:07 - 005550728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2023-09-03 20:07 - 2023-08-16 12:07 - 000853104 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2023-09-03 20:07 - 2023-08-15 06:23 - 000108122 _____ C:\Windows\system32\nvinfo.pb
2023-09-03 20:05 - 2023-09-03 20:05 - 000000000 ____D C:\Users\aluca\AppData\Roaming\ArmoredCore6
2023-09-02 23:57 - 2023-09-02 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Armored Core 6 - Fires of Rubicon
2023-09-02 17:02 - 2023-09-02 17:02 - 001316932 _____ C:\Windows\Minidump\090223-21562-01.dmp
2023-09-02 15:57 - 2023-09-02 23:57 - 000000969 _____ C:\Users\Public\Desktop\Armored Core 6 - Bonus.lnk
2023-09-02 15:57 - 2023-09-02 23:57 - 000000793 _____ C:\Users\Public\Desktop\Armored Core 6 - Fires of Rubicon.lnk
2023-09-01 17:46 - 2023-09-01 17:46 - 017708338 _____ C:\Users\aluca\Documents\SysnativeFileCollectionApp.zip
2023-09-01 17:00 - 2023-09-01 17:00 - 035503819 _____ C:\Users\aluca\Desktop\trace.zip
2023-09-01 16:42 - 2023-09-01 16:55 - 161808384 _____ C:\Users\aluca\Desktop\trace.etl
2023-09-01 16:37 - 2023-09-01 16:55 - 152174592 _____ C:\kernel.etl
2023-08-31 23:15 - 2023-08-31 23:15 - 001975756 _____ C:\Windows\Minidump\083123-40046-01.dmp
2023-08-31 22:29 - 2023-08-31 22:40 - 000000000 ____D C:\Users\aluca\Documents\Latency Mon
2023-08-31 19:19 - 2023-08-31 19:19 - 000001465 _____ C:\Users\aluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Procmon.lnk
2023-08-31 19:19 - 2023-08-31 19:19 - 000000000 ____D C:\Users\aluca\Downloads\ProcessMonitor
2023-08-31 19:17 - 2023-08-31 19:17 - 003456915 _____ C:\Users\aluca\Downloads\ProcessMonitor.zip
2023-08-31 19:17 - 2023-08-31 19:17 - 000001490 _____ C:\Users\aluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DriverView.lnk
2023-08-31 15:44 - 2023-08-31 23:10 - 000000000 ____D C:\Users\aluca\Downloads\driverview-x64
2023-08-31 15:44 - 2023-08-31 15:44 - 000060809 _____ C:\Users\aluca\Downloads\driverview-x64.zip
2023-08-31 15:31 - 2023-08-31 15:31 - 000000000 ____D C:\Users\aluca\AppData\Roaming\Wireshark
2023-08-31 15:25 - 2023-08-31 15:25 - 000001827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2023-08-31 15:25 - 2023-08-31 15:25 - 000000000 ____D C:\Program Files\USBPcap
2023-08-31 15:24 - 2023-08-31 15:24 - 000003460 _____ C:\Windows\system32\Tasks\npcapwatchdog
2023-08-31 15:24 - 2023-08-31 15:24 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2023-08-31 15:24 - 2023-08-31 15:24 - 000000000 ____D C:\Windows\system32\Npcap
2023-08-31 15:24 - 2023-08-31 15:24 - 000000000 ____D C:\Program Files\Npcap
2023-08-31 15:22 - 2023-08-31 15:25 - 000000000 ____D C:\Program Files\Wireshark
2023-08-31 15:20 - 2023-08-31 15:21 - 079164216 _____ (Wireshark development team) C:\Users\aluca\Downloads\Wireshark-win64-4.0.8.exe
2023-08-31 12:48 - 2023-08-31 20:17 - 000000000 ____D C:\Users\aluca\AppData\Local\DeadIsland
2023-08-31 12:48 - 2023-08-31 12:48 - 000000000 ____D C:\Users\Public\Documents\EMPRESS
2023-08-30 19:58 - 2023-08-30 20:25 - 000000000 ____D C:\ESD
2023-08-30 19:56 - 2023-08-30 20:04 - 000000000 ____D C:\Users\aluca\AppData\Roaming\U3
2023-08-30 19:54 - 2023-08-30 19:54 - 000000000 ___HD C:\$Windows.~WS
2023-08-30 19:54 - 2023-08-30 19:54 - 000000000 ____D C:\$WINDOWS.~BT
2023-08-29 21:12 - 2023-08-29 21:12 - 000000000 ____D C:\Program Files (x86)\Intel Driver
2023-08-29 21:10 - 2023-08-29 21:10 - 009822245 _____ C:\Users\aluca\Downloads\Realtek_LAN(v1125.1.714.2021).zip
2023-08-29 21:10 - 2023-08-29 21:10 - 001600291 _____ C:\Users\aluca\Downloads\Intel_LAN(v12.19.1.37b_v2).zip
2023-08-29 18:27 - 2023-08-29 18:27 - 000001519 _____ C:\Users\aluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Speccy64.lnk
2023-08-29 18:26 - 2023-08-29 18:26 - 002781052 _____ C:\Users\aluca\Downloads\Speccy x64 portable.zip
2023-08-29 18:26 - 2023-08-29 18:26 - 000000000 ____D C:\Users\aluca\Downloads\Speccy x64 portable
2023-08-29 18:21 - 2023-09-01 17:45 - 000000000 ____D C:\Users\aluca\Documents\SysnativeFileCollectionApp
2023-08-29 18:20 - 2023-08-29 18:20 - 000175952 _____ (Sysnative) C:\Users\aluca\Downloads\SysnativeBSODCollectionApp.exe
2023-08-28 22:59 - 2023-08-28 22:59 - 002552364 _____ C:\Windows\Minidump\082823-12328-01.dmp
2023-08-28 22:50 - 2023-08-28 22:50 - 000000000 ____D C:\Program Files\Intel
2023-08-28 22:49 - 2023-08-28 22:49 - 003947286 _____ C:\Users\aluca\Downloads\INF(v10.1.18634.8254_Public).zip
2023-08-28 22:45 - 2023-08-29 21:18 - 000000000 ____D C:\Program Files (x86)\Realtek
2023-08-28 22:45 - 2023-08-28 22:51 - 000000000 ___HD C:\Program Files (x86)\Temp
2023-08-28 22:45 - 2020-12-09 18:06 - 005989992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2023-08-28 22:45 - 2020-12-09 18:05 - 000276736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2023-08-28 22:45 - 2020-12-09 18:05 - 000231664 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2023-08-28 22:45 - 2019-12-19 09:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2023-08-28 22:44 - 2023-08-28 22:44 - 036578316 _____ C:\Users\aluca\Downloads\Realtek_Audio(v9079.1_UAD_WHQL_Nahimic).zip
2023-08-28 22:41 - 2023-08-28 22:41 - 000040696 _____ (ASRock Incorporation) C:\Windows\SysWOW64\Drivers\AsrDrv105.sys
2023-08-28 22:41 - 2023-08-28 22:41 - 000001344 _____ C:\Users\Public\Desktop\A-Tuning.lnk
2023-08-28 22:41 - 2023-08-28 22:41 - 000000000 ____D C:\Windows\ASRock
2023-08-28 22:41 - 2023-08-28 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2023-08-28 22:41 - 2023-08-28 22:41 - 000000000 ____D C:\Program Files (x86)\ASRock Utility
2023-08-28 22:40 - 2023-08-28 22:40 - 062145883 _____ C:\Users\aluca\Downloads\MotherboardUtility(v3.0.425).zip
2023-08-28 20:54 - 2023-08-28 20:54 - 000000000 ____D C:\SymCache
2023-08-28 20:53 - 2023-08-28 22:17 - 000000000 ____D C:\Users\aluca\Documents\WPR Files
2023-08-28 20:53 - 2023-08-28 22:17 - 000000000 ____D C:\Users\aluca\AppData\Local\Windows Performance Analyzer
2023-08-28 20:53 - 2023-08-28 20:53 - 000000000 ____D C:\Users\aluca\Documents\WPA Files
2023-08-28 20:29 - 2023-08-28 20:29 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2023-08-28 19:52 - 2023-08-28 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2023-08-28 11:14 - 2023-08-28 11:14 - 002633636 _____ C:\Windows\Minidump\082823-15265-01.dmp
2023-08-26 15:24 - 2023-08-26 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Island 2
2023-08-23 11:05 - 2023-08-23 11:05 - 004653724 _____ C:\Windows\Minidump\082323-22625-01.dmp
2023-08-15 12:43 - 2023-08-22 14:39 - 000001326 _____ C:\Users\aluca\Desktop\Fire Toolbox V32.1.lnk
2023-08-14 11:04 - 2023-08-22 14:39 - 000001334 _____ C:\Users\aluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fire Toolbox V32.1.lnk
2023-08-14 08:09 - 2023-08-15 11:14 - 000000000 ____D C:\Users\aluca\AppData\LocalLow\IGDump
2023-08-13 12:34 - 2023-08-16 12:05 - 006737504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2023-08-10 20:38 - 2023-08-10 20:38 - 000000000 ___HD C:\$WinREAgent
2023-08-09 16:02 - 2023-08-09 16:02 - 000315416 _____ C:\Users\aluca\Documents\Wien_Energie_Rechnung_005107849736.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-09-04 21:46 - 2021-04-08 14:04 - 000000000 ____D C:\Users\aluca\AppData\Local\Ashampoo Backup PB
2023-09-04 21:44 - 2021-12-17 01:26 - 000000000 ____D C:\Windows\SystemTemp
2023-09-04 21:44 - 2017-01-22 14:17 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-04 21:43 - 2023-05-12 22:51 - 000000000 ____D C:\Users\aluca\AppData\Local\Malwarebytes
2023-09-04 21:43 - 2022-03-15 16:21 - 000000000 ____D C:\Users\aluca\AppData\Roaming\Signal
2023-09-04 21:43 - 2017-05-13 17:16 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-04 21:43 - 2017-01-25 12:32 - 000000000 ____D C:\Users\aluca\Documents\Assassin's Creed Unity
2023-09-04 21:42 - 2022-11-08 13:23 - 000000000 ____D C:\Windows\system32\Tasks\PowerToys
2023-09-04 21:42 - 2022-07-09 12:39 - 000000000 ____D C:\Program Files\TeamViewer
2023-09-04 21:42 - 2021-03-15 17:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-04 21:42 - 2021-03-15 16:50 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-04 21:42 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-04 21:42 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-09-04 21:40 - 2021-07-28 15:43 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2023-09-04 21:38 - 2018-07-10 14:13 - 000000000 ____D C:\Windows\pss
2023-09-04 21:38 - 2017-11-17 14:22 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2023-09-04 21:30 - 2017-01-22 20:55 - 000000000 ____D C:\Users\aluca\AppData\Local\CrashDumps
2023-09-04 21:25 - 2017-06-28 17:09 - 000000000 ____D C:\Users\aluca\AppData\Local\Battle.net
2023-09-04 21:03 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-04 21:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-09-04 21:02 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-09-04 12:34 - 2022-03-18 14:50 - 000000000 ____D C:\XboxGames
2023-09-04 12:34 - 2018-02-02 12:15 - 000000000 ____D C:\Users\aluca\AppData\Local\Packages
2023-09-04 12:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Registration
2023-09-04 11:13 - 2021-03-15 16:51 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-09-04 00:32 - 2021-06-01 13:04 - 000004168 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{AB636331-6FD2-446F-9E32-00CA4DC5C76B}
2023-09-03 23:07 - 2021-03-15 17:04 - 002333492 _____ C:\Windows\system32\PerfStringBackup.INI
2023-09-03 23:07 - 2021-03-15 15:12 - 000477628 _____ C:\Windows\system32\perfh011.dat
2023-09-03 23:07 - 2021-03-15 15:12 - 000132506 _____ C:\Windows\system32\perfc011.dat
2023-09-03 23:07 - 2019-12-07 16:50 - 000743546 _____ C:\Windows\system32\perfh007.dat
2023-09-03 23:07 - 2019-12-07 16:50 - 000149968 _____ C:\Windows\system32\perfc007.dat
2023-09-03 22:58 - 2021-06-09 16:54 - 000000000 ____D C:\SteamLibrary
2023-09-03 22:38 - 2020-01-14 13:35 - 000000000 ____D C:\Users\aluca\AppData\Roaming\Goldberg SteamEmu Saves
2023-09-03 20:12 - 2018-07-11 21:29 - 000000000 ____D C:\Users\aluca\AppData\Local\NVIDIA
2023-09-03 20:08 - 2017-05-13 17:16 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-09-03 20:05 - 2018-05-30 19:05 - 000000000 ____D C:\Users\aluca\AppData\Local\D3DSCache
2023-09-03 19:50 - 2017-01-23 21:26 - 000000000 ____D C:\Users\aluca\AppData\Roaming\XnViewMP
2023-09-02 23:50 - 2021-03-15 16:03 - 000000000 ____D C:\Users\aluca
2023-09-02 17:02 - 2022-03-18 14:53 - 000000000 ____D C:\Windows\Minidump
2023-09-02 17:02 - 2020-07-02 19:12 - 1833298942 _____ C:\Windows\MEMORY.DMP
2023-09-01 17:18 - 2020-06-07 20:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-01 17:18 - 2020-06-07 20:36 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-01 03:06 - 2022-02-16 15:06 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-01 03:06 - 2022-02-16 15:06 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-31 23:31 - 2022-10-21 21:03 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-08-31 23:31 - 2022-10-21 21:03 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-08-31 23:31 - 2021-11-21 12:11 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-08-31 23:31 - 2020-05-01 10:54 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-08-31 23:31 - 2019-12-13 12:23 - 000493056 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-08-31 23:31 - 2019-12-04 11:14 - 002807296 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-08-31 23:31 - 2019-12-04 11:14 - 000247288 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2023-08-31 23:31 - 2019-12-04 11:14 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-08-31 22:48 - 2022-09-27 12:17 - 000000000 ____D C:\Users\aluca\AppData\Roaming\qBittorrent
2023-08-31 17:23 - 2017-01-26 22:24 - 000000000 ____D C:\Users\aluca\AppData\Local\JDownloader v2.0
2023-08-31 16:15 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-08-31 15:24 - 2017-01-22 17:37 - 000000000 ____D C:\ProgramData\Package Cache
2023-08-31 11:10 - 2021-12-11 12:53 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3615177999-3261653453-3779512466-1001
2023-08-31 11:10 - 2021-03-15 17:21 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3615177999-3261653453-3779512466-1001
2023-08-31 11:10 - 2021-03-15 16:03 - 000002383 _____ C:\Users\aluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-30 23:14 - 2022-05-04 13:09 - 000000000 ____D C:\Users\aluca\AppData\Roaming\Humble App
2023-08-30 20:25 - 2021-03-15 11:30 - 000000000 ___DC C:\Windows\Panther
2023-08-30 17:46 - 2019-12-07 11:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2023-08-30 17:26 - 2017-03-01 18:37 - 000000000 ____D C:\Users\aluca\AppData\Roaming\Microsoft\Excel
2023-08-30 17:06 - 2017-01-22 20:21 - 000000000 ____D C:\ProgramData\Zoom Player
2023-08-30 16:58 - 2018-03-31 12:56 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-08-29 21:18 - 2017-08-13 16:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-08-29 16:34 - 2017-01-22 19:55 - 000000000 ____D C:\Program Files (x86)\Avira
2023-08-29 16:33 - 2021-04-16 11:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2023-08-29 16:33 - 2017-01-22 19:55 - 000000000 ____D C:\ProgramData\Avira
2023-08-29 16:32 - 2023-02-15 16:33 - 003893768 _____ C:\Windows\system32\rtp.db
2023-08-29 16:32 - 2022-06-06 12:10 - 000000000 ____D C:\Program Files\Avira
2023-08-29 16:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-08-29 15:17 - 2021-06-04 10:49 - 000000000 ____D C:\Games
2023-08-29 15:01 - 2018-02-16 12:03 - 000000000 ____D C:\Epic Games
2023-08-29 14:59 - 2018-02-16 12:03 - 000002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-08-29 14:59 - 2018-02-16 12:03 - 000002123 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2023-08-29 13:26 - 2017-01-23 20:03 - 000000000 ____D C:\Users\aluca\AppData\Local\Steam
2023-08-28 22:59 - 2021-03-15 16:51 - 000404152 _____ C:\Windows\system32\FNTCACHE.DAT
2023-08-28 11:18 - 2017-01-22 09:54 - 000918960 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2023-08-25 10:30 - 2022-04-10 19:24 - 000000000 ____D C:\Program Files\NordUpdater
2023-08-24 21:22 - 2022-10-13 18:33 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-08-23 00:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-08-22 14:39 - 2021-06-26 12:31 - 000001344 _____ C:\Users\aluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Toolbox Updater.lnk
2023-08-22 14:39 - 2021-06-26 12:31 - 000001336 _____ C:\Users\aluca\Desktop\Toolbox Updater.lnk
2023-08-22 11:23 - 2020-03-22 19:44 - 000000000 ____D C:\Users\aluca\AppData\Local\Apps\2.0
2023-08-18 15:34 - 2018-09-13 16:10 - 000000347 _____ C:\Windows\BRRBCOM.INI
2023-08-16 12:06 - 2023-04-08 15:15 - 007858112 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2023-08-15 06:23 - 2023-04-08 15:15 - 000121880 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2023-08-13 12:35 - 2017-05-13 17:16 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-08-10 23:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-08-10 23:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-08-10 23:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-08-10 23:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2023-08-10 23:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-08-10 23:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-08-10 23:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-08-10 23:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat
2023-08-10 20:44 - 2021-03-15 16:54 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-08-10 20:38 - 2017-01-22 09:54 - 000000000 ____D C:\Windows\system32\MRT
2023-08-10 20:34 - 2017-01-22 09:53 - 175983240 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-08-10 10:34 - 2020-09-03 11:19 - 000000000 ____D C:\Users\Public\Security Sessions
2023-08-10 00:01 - 2017-09-29 16:49 - 000000000 ____D C:\Users\aluca\AppData\Roaming\Microsoft\Word
2023-08-09 10:50 - 2022-11-08 13:22 - 000000000 ____D C:\Program Files\dotnet
2023-08-08 11:15 - 2021-05-12 13:21 - 000000000 ____D C:\Windows\system32\Tasks\HP
2023-08-08 11:15 - 2021-05-12 13:21 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
==================== Files in the root of some directories ========
2019-04-15 22:43 - 2019-04-16 23:46 - 000000002 _____ () C:\Users\aluca\AppData\Roaming\ceville_console_history.txt
2022-05-31 17:20 - 2022-05-31 17:20 - 000004870 _____ () C:\Users\aluca\AppData\Local\2758054585
2022-12-04 14:46 - 2022-12-04 14:46 - 000003998 _____ () C:\Users\aluca\AppData\Local\2830118318
2022-12-08 13:03 - 2022-12-25 13:08 - 000003998 _____ () C:\Users\aluca\AppData\Local\3206298627
2023-03-07 12:27 - 2023-03-07 12:27 - 000005358 _____ () C:\Users\aluca\AppData\Local\92443903807
2023-06-08 21:27 - 2023-06-08 21:27 - 000005990 _____ () C:\Users\aluca\AppData\Local\93205666527
2023-06-02 22:47 - 2023-06-02 22:47 - 000005990 _____ () C:\Users\aluca\AppData\Local\9618647855
2023-05-21 10:59 - 2023-05-21 10:59 - 000005990 _____ () C:\Users\aluca\AppData\Local\9980246772
2020-03-21 15:40 - 2023-05-15 20:09 - 000007601 _____ () C:\Users\aluca\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================

Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2023
Ran by aluca (04-09-2023 21:49:15)
Running from C:\Users\aluca\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3324 (X64) (2021-03-15 15:21:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3615177999-3261653453-3779512466-500 - Administrator - Disabled)
aluca (S-1-5-21-3615177999-3261653453-3779512466-1001 - Administrator - Enabled) => C:\Users\aluca
DefaultAccount (S-1-5-21-3615177999-3261653453-3779512466-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3615177999-3261653453-3779512466-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3615177999-3261653453-3779512466-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3615177999-3261653453-3779512466-504 - Limited - Disabled)
_ashbackuppb_ (S-1-5-21-3615177999-3261653453-3779512466-1002 - Administrator - Enabled) => C:\Users\_ashbackuppb_

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {C622D33D-B035-6463-E471-9D92B9517CA1}
FW: Avira Security (Enabled) {BE55A40C-05CA-1096-36EB-CCA92DEAF539}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
FW: Avira Security (Enabled) {877B141C-E73B-9A54-223E-108CC963426A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM\...\{1F3F2DD9-EE3C-4803-A287-49C9FFB0E7EB}) (Version: 2.5.5029.0 - UL) Hidden
3DMark (HKLM-x32\...\{21e80113-175b-4eb9-8f9e-49fdc5e68235}) (Version: 2.5.5029.0 - UL)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 23.003.20284 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Games (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.3.8425.2 - Amazon.com Services, Inc.)
Amazon Kindle (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Amazon Kindle) (Version: 1.17.1.44183 - Amazon)
Anthem™ (HKLM-x32\...\{57b4eaa0-f1f5-407e-afbd-2db397381ad8}) (Version: 1.0.64.28115 - Electronic Arts)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{06A333EA-4E9D-4848-865F-FE5A1E12AB30}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Armored Core 6: Fires of Rubicon (HKLM-x32\...\Armored Core 6: Fires of Rubicon_is1) (Version: - )
Ashampoo Backup Pro 15 (HKLM\...\{DF972766-B348-CB30-5EB9-9171F37E9745}_is1) (Version: 15.03 - Ashampoo GmbH & Co. KG)
Assassin Creed Syndicate version 1.5 (HKLM-x32\...\Assassin Creed Syndicate_is1) (Version: 1.5 - KNIGHT)
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version: - Ubisoft)
Assassins Creed Origins The Curse of the Pharaohs (HKLM-x32\...\Assassins Creed Origins The Curse of the Pharaohs_is1) (Version: - )
Assessments on Client (HKLM-x32\...\{F8288793-51B6-47EF-2F93-D37767663FC5}) (Version: 10.1.14393.0 - Microsoft) Hidden
Atelier: Dusk Trilogy (HKLM-x32\...\Atelier: Dusk Trilogy_is1) (Version: - )
A-Tuning v3.0.425 (HKLM-x32\...\A-Tuning_is1) (Version: 3.0.425 - ASRock Inc.)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
AVStoDVD 2.8.6 (HKLM-x32\...\AVStoDVD) (Version: 2.8.6 - MrC)
Baldur's Gate: Enhanced Edition (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\AmazonGames/Baldur's Gate - Enhanced Edition) (Version: - Aspyr)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 2042 (HKLM-x32\...\{45e281f3-1414-47ea-bb64-4f50d50121f3}) (Version: 1.0.76.5661 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.60.9722 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BCUninstaller (HKLM\...\{f4fef76c-1aa9-441c-af7e-d27f58d898d1}_is1) (Version: 5.1.0.0 - Marcin Szeniak)
Beholder 2 (HKLM-x32\...\Beholder 2_is1) (Version: - )
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blood and Wine (HKLM-x32\...\1441620909_is1) (Version: 1.32 - GOG.com)
Bloodstained: IGA's Back Pack (HKLM-x32\...\2089941670_is1) (Version: 1.05 - GOG.com)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{25BA606B-AB60-4404-96DB-C839543BD535}) (Version: 3.2.1 - Kovid Goyal)
Call of Duty (HKLM-x32\...\Call of Duty) (Version: - Blizzard Entertainment)
Call of Duty Black Ops 4 (HKLM-x32\...\Call of Duty Black Ops 4) (Version: - Blizzard Entertainment)
Call of Duty Black Ops Cold War (HKLM-x32\...\Call of Duty Black Ops Cold War) (Version: - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Chrome Remote Desktop Host (HKLM-x32\...\{C17C2857-FF33-4EA0-8220-14A17DF82668}) (Version: 116.0.5845.9 - Google LLC)
Cloudpunk (HKLM-x32\...\Cloudpunk_is1) (Version: - )
CodeTwo QR Code Desktop Reader & Generator (HKLM-x32\...\{AF7E31D6-980C-4788-B80C-47F1837CF44C}) (Version: 1.1.2.4 - CodeTwo)
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
CPUID CPU-Z 2.03 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.03 - CPUID, Inc.)
Crying Suns (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Humble App cryingsuns_windows) (Version: - )
Cuphead (HKLM-x32\...\1963513391_is1) (Version: hotfix_1.1.4 - GOG.com)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1_61 - GOG.com)
Cyberpunk 2077 REDmod (HKLM-x32\...\1597316373_is1) (Version: 1_61 - GOG.com)
Dashboard (HKLM-x32\...\Western Digital SSD Dashboard) (Version: 3.2.2.9 - Western Digital Corporation)
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - )
Dead Island 2 (HKLM-x32\...\Dead Island 2_is1) (Version: 0.0.0 - DODI-Repacks)
Deadpool (HKLM-x32\...\Deadpool_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Devil May Cry 4 Special Edition (HKLM-x32\...\Devil May Cry 4 Special Edition_is1) (Version: - )
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - )
Disco Elysium (HKLM-x32\...\1771589310_is1) (Version: bbe2afa0 - GOG.com)
Discord (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Disneyland Adventures (HKLM-x32\...\Disneyland Adventures_is1) (Version: - )
Divinity.Original.Sin.2.v3.0.151.229.REPACK-KaOs Uninstaller v3.0 (HKLM-x32\...\Divinity.Original.Sin.2.v3.0.151.229.REPACK-KaOs_is1) (Version: 3.0 - KaOsKrew)
Dragon Quest Builders 2 (HKLM-x32\...\Dragon Quest Builders 2_is1) (Version: - )
Dying Light (HKLM-x32\...\1448452156_is1) (Version: 1.16.0 - GOG.com)
Dying Light: Gun Psycho Bundle (HKLM-x32\...\1460996021_is1) (Version: 1.16.0 - GOG.com)
Dying Light: Harran Military Rifle (HKLM-x32\...\1182281905_is1) (Version: 1.16.0 - GOG.com)
Dying Light: Harran Ranger Bundle (HKLM-x32\...\1460996196_is1) (Version: 1.16.0 - GOG.com)
Dying Light: Volatile Hunter Bundle (HKLM-x32\...\1460996282_is1) (Version: 1.16.0 - GOG.com)
Dynasty Warriors 8 Xtreme Legends (HKLM-x32\...\Dynasty Warriors 8 Xtreme Legends_is1) (Version: - )
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.8.0.5521 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{547c1c17-118e-4cb9-bace-9bd738530ffc}) (Version: 13.8.0.5521 - Electronic Arts)
EasyBCD 2.4 (HKLM-x32\...\EasyBCD) (Version: 2.4 - NeoSmart Technologies)
EdgeDeflector (HKLM-x32\...\EdgeDeflector) (Version: - )
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{FE3CD7B8-14D4-46E9-A206-2C8F2C0E6F1F}) (Version: 1.1.139.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{A1EB595F-651D-4A04-99B0-A7065538B33C}) (Version: 2.0.38.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVERSPACE - Encounters (HKLM-x32\...\1165094689_is1) (Version: 1.3.5.36556 - GOG.com)
EVERSPACE (HKLM-x32\...\1513949567_is1) (Version: 1.3.5.36556 - GOG.com)
Far Cry 3 Blood Dragon (HKLM-x32\...\Uplay Install 205) (Version: - Ubisoft)
Far Cry 5 (HKLM-x32\...\Far Cry 5_is1) (Version: - )
FFMPEG Core Files (remove only) (HKLM-x32\...\FFMPEG Core Files) (Version: - )
FIFA 21 (HKLM-x32\...\{A918ACE7-A83B-41F4-8746-AEF8DC821879}) (Version: 1.0.70.18952 - Electronic Arts)
Final Fantasy XII The Zodiac Age MULTi9 - ElAmigos version 1.0 (HKLM-x32\...\{87E52C4C-549B-4639-AFCB-78D3BC1B457F}_is1) (Version: 1.0 - Square Enix)
FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Fire Toolbox version (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\{879EB178-B5C2-4785-B5D4-704DBC011B2A}_is1) (Version: - Datastream33)
Folder Size Explorer (HKLM-x32\...\{CD453A88-D560-47A2-9D4D-414134F5A73D}) (Version: 2.0.0 - Bazwise)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free DLC program (16 DLC) (HKLM-x32\...\1430743168_is1) (Version: 1.32 - GOG.com)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Futuremark SystemInfo (HKLM-x32\...\{66E02F22-FA88-453D-9DE7-60F54E951FAF}) (Version: 5.10.676.0 - Futuremark)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.8.4.0 - miHoYo Co.,Ltd)
Gods Trigger (HKLM-x32\...\Gods Trigger_is1) (Version: - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.67.2 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.141 - Google LLC)
Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hearts of Iron IV Field Marshal Edition MULTi7 - ElAmigos version 1.5.2 (HKLM-x32\...\{9240BFB5-B3DE-4505-8351-5605EE8D4F84}_is1) (Version: 1.5.2 - Paradox Interactive)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HL-3142CW (HKLM-x32\...\{C6580DE1-F539-4700-ADD2-3185121E51A8}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Humble App 1.1.8+411 (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\2f793df2-2969-529d-b0c0-7960ed40d70e) (Version: 1.1.8+411 - Humble Bundle)
HWiNFO64 Version 7.36 (HKLM\...\HWiNFO64_is1) (Version: 7.36 - Martin Malik - REALiX)
Imaging And Configuration Designer (HKLM-x32\...\{05935793-A34C-4272-3361-7AF9AEEE5649}) (Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Designer (HKLM-x32\...\{FB54F620-9555-3A11-26CB-B027C4DDF260}) (Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Tools Support (HKLM-x32\...\{C30A729A-E9BA-37F8-3C58-64AD9F1D4694}) (Version: 10.1.14393.0 - Microsoft) Hidden
Immortals Fenyx Rising (HKLM-x32\...\Uplay Install 5405) (Version: - Ubisoft)
Intel(R) Chipset Device Software (HKLM\...\{06D713D6-9845-436D-B857-5BF2596B4554}) (Version: 10.1.18634.8254 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{99926fb7-5da9-4101-b79f-eec3674ca64b}) (Version: 10.1.18634.8254 - Intel(R) Corporation)
Into the Breach (HKLM-x32\...\2004253604_is1) (Version: 1.0.20 - GOG.com)
iTunes (HKLM\...\{8A99C2B8-2B40-46B2-B900-621DC8E177CF}) (Version: 12.2.1.16 - Apple Inc.)
JA2 Stracciatella (HKLM-x32\...\JA2 Stracciatella) (Version: 0.19.1-git+6ad1b6f - Humanity)
Jagged Alliance 2 (HKLM-x32\...\1207658696_is1) (Version: 1.12 - GOG.com)
James Bond 007 Blood Stone MULTi8 - ElAmigos version 76654 (HKLM-x32\...\{54D77124-93E2-4D58-8E20-C1CFA218927A}_is1) (Version: 76654 - Activision Blizzard)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
John Wick Hex (HKLM-x32\...\John Wick Hex_is1) (Version: - )
Kingdom Come Deliverance - Royal Ed. (HKLM\...\Kingdom Come Deliverance - Royal Ed.) (Version: - )
Kits Configuration Installer (HKLM-x32\...\{C661B45B-1D2A-AF7C-27D0-B4FFD670A4FE}) (Version: 10.1.14393.0 - Microsoft) Hidden
K-Lite Codec Pack 14.1.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.0 - KLCP)
Knockout City (HKLM-x32\...\{C75F8E76-29EF-44D0-9762-4F6D65BF0111}) (Version: 1.1.0.0 - Electronic Arts, Inc.)
LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
Layers of Fear - Inheritance (HKLM-x32\...\1256894029_is1) (Version: 2.2.0.5 - GOG.com)
Layers of Fear (HKLM-x32\...\1455107123_is1) (Version: 2.3.0.7 - GOG.com)
Letasoft Sound Booster 1.11.0.514 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.11.0.514 - Letasoft LLC)
Macrium Reflect Free Edition (HKLM\...\{3323C7F6-9CAD-4203-A264-79B834D82C53}) (Version: 7.3.5854 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.3 - Paramount Software (UK) Ltd.)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - )
Malwarebytes version 4.6.0.277 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.0.277 - Malwarebytes)
Marvels Avengers (HKLM-x32\...\Marvels Avengers_is1) (Version: 0.0.0 - DODI-Repacks)
Media Preview (HKLM\...\{52AFC3E1-0FAA-4C05-88FF-373911EA68F5}) (Version: 1.4.3.429 - BabelSoft)
MediathekView 13.9.1 (HKLM\...\1927-5045-2127-3394) (Version: 13.9.1 - MediathekView Team)
MEmu (HKLM-x32\...\MEmu) (Version: 6.2.7.0 - Microvirt)
Microsoft .NET Host - 6.0.21 (x64) (HKLM\...\{26FF35F7-ADBB-4C9F-97DA-79120DB80EC6}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.21 (x64) (HKLM\...\{D937EF87-F11D-4778-973C-B71E178F95D0}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.21 (x64) (HKLM\...\{8D2EC92E-5903-4B25-9406-182B8EFA834F}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 116.0.1938.69 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 116.0.1938.69 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (HKLM\...\{90140000-002A-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\OneDriveSetup.exe) (Version: 23.169.0813.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.11.63.5026 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM\...\{AF6BF7DD-2B12-40C5-919C-2EC99054BBE1}) (Version: 48.87.64723 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM-x32\...\{0f39db03-9030-48f3-82ef-5384bed81d85}) (Version: 6.0.21.32717 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 12.6 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.6 - MiniTool Software Limited)
MiniTool ShadowMaker PW Edition (HKLM-x32\...\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1) (Version: 3.6 - MiniTool Software Limited)
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Monster Hunter World: Iceborne (HKLM-x32\...\Monster Hunter World: Iceborne_is1) (Version: - )
Mozilla Firefox 72.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 72.0.2 (x64 en-US)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
Mutant Year Zero - Road To Eden (HKLM-x32\...\{4DF4741F-8465-4AA8-9ABA-4B081F05FCAA}_is1) (Version: - The Bearded Ladies)
Need for Speed™ Heat (HKLM-x32\...\{8DA46384-7F54-4265-B90F-69BBC08DC3A1}) (Version: 1.0.60.7040 - Electronic Arts)
No Mans Sky (HKLM\...\No Mans Sky_is1) (Version: 3.05 - SE7EN Solutions)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.0.132 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.48.19.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.3.0.7 - Duodian Technology Co. Ltd.)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.71 - Nmap Project)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Graphics Driver 537.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 537.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Observer (HKLM-x32\...\1449856523_is1) (Version: 1.0 - GOG.com)
One Piece Pirate Warriors 3: GOLD Edition (HKLM-x32\...\One Piece Pirate Warriors 3: GOLD Edition_is1) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ori and The Blind Forest - Definitive Edition (HKLM-x32\...\1384944984_is1) (Version: 2.0.0.2 - GOG.com)
Origin (HKLM-x32\...\Origin) (Version: 10.5.112.50486 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{af79dd32-90cb-4e63-ae56-a4d22f33921d}) (Version: latest - ppy Pty Ltd)
Overlay (HKLM-x32\...\1430742867_is1) (Version: 1.32 - GOG.com)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Owlboy (HKLM-x32\...\1159880091_is1) (Version: 1.3.6570.26602 - GOG.com)
Paradox Launcher v2 (HKLM\...\{A92DB5D9-A24D-4678-9F91-B4FA6D895718}) (Version: 2.0.4.0 - Paradox Interactive)
Photo Pos Pro 3 (HKLM\...\Photo Pos Pro 3) (Version: 3.30 - PowerOfSoftware Ltd.)
PlayStation Plus (HKLM-x32\...\{F86E19EB-C781-4A23-B764-6B397BC18BA1}) (Version: 12.2.0 - Sony Interactive Entertainment Inc.)
PowerToys (Preview) (HKLM\...\{06F18418-D1F4-4C41-A45A-DA86079A9823}) (Version: 0.64.0 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{5aed9284-1ef0-4dbe-86f4-64b4731b508c}) (Version: 0.64.0 - Microsoft Corporation)
Private Internet Access v81 (HKLM-x32\...\{148169C2-5558-4C3E-B38A-7B1813A264CA}_is1) (Version: 81 - London Trust Media, Inc.)
Project Highrise MULTi6 - ElAmigos version 1.5.9.2 (HKLM-x32\...\{383D8816-459E-43F5-B788-98C32D3B99F4}_is1) (Version: 1.5.9.2 - Kasedo Games)
Project Hospital (HKLM-x32\...\1660194629_is1) (Version: 1.0.14224 RC4 - GOG.com)
PS Remote Play (HKLM-x32\...\{3A3A09F0-36EC-4CDD-BAA5-98BC05815E3C}) (Version: 5.5.0.08250 - Sony Interactive Entertainment Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QTTabBar ver 2048 (HKLM\...\{13016E80-C7E5-4610-B149-FA8381CEE008}) (Version: 0.9.0 - Quizo)
Quantum Break (HKLM-x32\...\Quantum Break_is1) (Version: - )
Rayman Legends (HKLM-x32\...\Uplay Install 410) (Version: - Ubisoft)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.21.1 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9079.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0037 - Realtek)
Rebel Galaxy Outlaw MULTi5 - ElAmigos version 1.17 (HKLM-x32\...\{E69E45AE-023B-4271-99D4-9EB93DA86644}_is1) (Version: 1.17 - Double Damage Games)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Regiments (HKLM-x32\...\Regiments_is1) (Version: - )
Resident Evil 2 (HKLM-x32\...\Resident Evil 2_is1) (Version: - )
RetroArch (HKLM-x32\...\RetroArch) (Version: 1.15.0.0 - Libretro)
ROCCAT SWARM (HKLM-x32\...\{E9CA669A-8FB1-4F3D-A771-2E0767D20F89}) (Version: 1.94.430 - ROCCAT GmbH) Hidden
ROCCAT SWARM (HKLM-x32\...\InstallShield_{E9CA669A-8FB1-4F3D-A771-2E0767D20F89}) (Version: 1.94.430 - ROCCAT GmbH)
ScummVM 2.0.0 (HKLM-x32\...\ScummVM_is1) (Version: 2.0.0 - The ScummVM Team)
Sekiro Shadows Die Twice MULTi13 - ElAmigos version 1.02 (HKLM-x32\...\{93A98F06-2B86-4F97-AAF2-A44AEB1E2C29}_is1) (Version: 1.02 - FromSoftware)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{97099817-53F1-4CA1-ACEA-DA6D74371689}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{996096F8-956B-41C9-A7E3-9BA1E801014F}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{D505EC85-885F-4BE3-8A89-3EFE4F855692}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3}) (Version: - Microsoft) Hidden
Shadow Tactics (HKLM-x32\...\Shadow Tactics_is1) (Version: - )
Shantae Half Genie Hero Ultimate Edition (HKLM-x32\...\Shantae Half Genie Hero Ultimate Edition_is1) (Version: - )
Shovel Knight: Treasure Trove (HKLM-x32\...\1207664823_is1) (Version: 4.0A - GOG.com)
Signal 6.28.0 (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.28.0 - Signal Messenger, LLC)
Snake Pass MULTi5 - ElAmigos version 1.4 (HKLM-x32\...\{853FF7F2-9B65-4570-92E7-79386CB935B0}_is1) (Version: 1.4 - Sumo Digital)
SoundWire Server version 2.1.2 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 2.1.2 - GeorgieLabs)
Star Control: Origins (HKLM-x32\...\1893867643_is1) (Version: 1.00.52584 - GOG.com)
STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.10.0 - Electronic Arts, Inc.)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.22040 - Electronic Arts)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Stardew Valley - ElAmigos version 1.2.33 (HKLM-x32\...\{B798256B-8466-4DB5-A6A9-6A2C80B40D25}_is1) (Version: 1.2.33 - Chucklefish)
Starsector by Fractal Softworks LLC (HKLM-x32\...\Starsector) (Version: - )
Streets of Rage 4 (HKLM\...\Streets of Rage 4_is1) (Version: Build 10731343 - )
Summer in Mara (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Summer in Mara) (Version: - HOODLUM)
Sundered Eldritch Edition (HKLM-x32\...\Sundered Eldritch Edition_is1) (Version: - )
Sunset Overdrive (HKLM-x32\...\Sunset Overdrive_is1) (Version: - )
System Shock: Remake (HKLM-x32\...\System Shock: Remake_is1) (Version: - )
TeamViewer (HKLM\...\TeamViewer) (Version: 15.38.3 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.52.0 - TechPowerUp)
TECKNET wireless gaming mouse version 1.0.0.7 (HKLM-x32\...\TECKNET wireless gaming mouse_is1) (Version: - )
The Binding of Isaac Rebirth MULTi3 - ElAmigos version 30.04.2018 (HKLM-x32\...\{16FA778B-E5D3-43A3-80A4-D043BCF67090}_is1) (Version: 30.04.2018 - Nicalis, Inc.)
The Crew 2 (HKLM-x32\...\Uplay Install 2855) (Version: - Ubisoft)
The Hong Kong Massacre (HKLM-x32\...\The Hong Kong Massacre_is1) (Version: - )
The Legend of Zelda: BotW (HKLM-x32\...\The Legend of Zelda: BotW_is1) (Version: - )
The Lord of the Rings Online™ v2305.0061.1867.4359 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 2305.0061.1867.4359 - Standing Stone Games, LLC)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
The Ultimate DOOM (HKLM-x32\...\1435827232_is1) (Version: 2.0.0.3 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.32 - GOG.com)
Titanfall™ 2 (HKLM-x32\...\{4BD80373-FEE7-45B6-8249-6E8E98717405}) (Version: 1.0.1.3 - Electronic Arts, Inc.)
Tom Clancy Ghost Recon Wildlands (HKLM-x32\...\Tom Clancy Ghost Recon Wildlands_is1) (Version: 1.6.0 - THE KNIGHT)
Toolkit Documentation (HKLM-x32\...\{6143A694-5FE1-BDF6-F78E-4F7BF3E9419B}) (Version: 10.1.14393.0 - Microsoft) Hidden
Total War Three Kingdoms (HKLM-x32\...\Total War Three Kingdoms_is1) (Version: - )
Towerfall - Ascension - Dark World (HKLM-x32\...\1431078929_is1) (Version: 2.4.0.5 - GOG.com)
Towerfall - Ascension (HKLM-x32\...\1430924174_is1) (Version: 2.5.0.6 - GOG.com)
Trails from Zero (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\ED_ZERO) (Version: - )
Trilogy Save Editor version 2.2.1 (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\{6A0B979E-271B-4E50-A4C3-487C8E584070}_is1) (Version: 2.2.1 - Karlitos)
Two Point Hospital (HKLM-x32\...\Two Point Hospital_is1) (Version: - )
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 104.1 - Ubisoft)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UEV Tools on amd64 (HKLM\...\{1454FA4E-58BC-2EF1-9A19-147B0E499E03}) (Version: 10.1.14393.0 - Microsoft) Hidden
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
USBPcap 1.5.4.0 (HKLM\...\USBPcap) (Version: 1.5.4.0 - Tomasz Mon)
User State Migration Tool (HKLM-x32\...\{F7AADEDA-233A-1079-CD15-03AEB050F0C6}) (Version: 10.1.14393.0 - Microsoft) Hidden
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.8.5 - Black Tree Gaming Ltd.)
Warhammer 40000 Mechanicus (HKLM-x32\...\Warhammer 40000 Mechanicus_is1) (Version: - )
Watch Dogs 2 (HKLM-x32\...\Watch Dogs 2_is1) (Version: - )
WhoCrashed 7.00 (HKLM\...\WhoCrashed_is1) (Version: 7.00 - Resplendence Software Projects Sp.)
WhySoSlow 1.61 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
Windows Assessment Toolkit (AMD64 Architecture Specific) (HKLM-x32\...\{91361B2A-F741-E591-303B-4EF957F3BAF1}) (Version: 10.1.14393.0 - Microsoft) Hidden
Windows Assessment Toolkit (HKLM-x32\...\{F4EBF948-F00E-29EF-894C-D10A718F981D}) (Version: 10.1.14393.0 - Microsoft) Hidden
Windows Deployment Customizations (HKLM-x32\...\{9D550F66-5D52-29CA-28B5-EE0C2C0CDFBE}) (Version: 10.1.14393.0 - Microsoft) Hidden
Windows Deployment Tools (HKLM-x32\...\{52EA560E-E50F-DC8F-146D-1B631548BA29}) (Version: 10.1.14393.0 - Microsoft) Hidden
Windows PC Health Check (HKLM\...\{77ACFAF7-E5AB-410D-BA14-BBEBF89422DE}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Windows PE x86 x64 (HKLM-x32\...\{230524D3-ADB4-69CC-2A78-96D879E3221B}) (Version: 10.1.14393.0 - Microsoft) Hidden
Windows PE x86 x64 wims (HKLM-x32\...\{47AEE104-BF96-E407-D3FE-80BBD42732F4}) (Version: 10.1.14393.0 - Microsoft) Hidden
Windows Phone Common Packaging and Test Tools (NT_x86_fre) (HKLM-x32\...\{4D989432-59D7-76A0-DD51-B96422F6FF7F}) (Version: 10.1.14393.0 - Microsoft Corporation) Hidden
Windows System Image Manager on amd64 (HKLM-x32\...\{363D76EC-B5B9-5D7B-0F59-C193FF6F03FC}) (Version: 10.1.14393.0 - Microsoft) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wireshark 4.0.8 64-bit (HKLM-x32\...\Wireshark) (Version: 4.0.8 - The Wireshark developer community, hxxps://www.wireshark.org)
Wolfenstein: The Old Blood (HKLM-x32\...\Wolfenstein: The Old Blood_is1) (Version: - )
WORLD OF FINAL FANTASY MAXIMA (HKLM-x32\...\WORLD OF FINAL FANTASY MAXIMA_is1) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
WPT Redistributables (HKLM-x32\...\{549DAD2D-2505-204C-EC58-59807FE6E037}) (Version: 10.1.14393.0 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{97B6FAD9-6F14-CC46-3165-F1785ECCE255}) (Version: 10.1.14393.0 - Microsoft) Hidden
XnViewMP 1.00.0 (HKLM\...\XnViewMP_is1) (Version: 1.00.0 - Gougelet Pierre-e)
ZeroLauncher (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\54166643f5cdc960) (Version: 1.0.1.0 - HP Inc.)
ZeroLauncher (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\d6b1847d788880db) (Version: 1.0.2.411 - Geofront)
ZoneAlarm Firewall (HKLM-x32\...\{F21C5C41-E759-472F-B5AE-501AC583B693}) (Version: 15.0.653.17211 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.0.653.17211 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{06F804D0-A69C-423A-8F77-A158EA7DF295}) (Version: 15.0.653.17211 - Check Point Software Technologies Ltd.) Hidden
Zoom (HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: - )
Zotero Standalone 4.0.29.17 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.29.17 (x86 en-US)) (Version: 4.0.29.17 - Zotero)

Packages:
=========
Amazon Alexa -> C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_3.25.1177.0_x64__22t9g3sebte08 [2023-08-03] (AMZN Mobile LLC.) [Startup Task]
art of rally -> C:\Program Files\WindowsApps\Mutable\Funselektor.artofrally_1.0.11.0_x64__43tswnvjm2gzr [2023-01-16] (Funselektor Labs Inc.)
Atomic Heart -> C:\Program Files\WindowsApps\FocusHomeInteractiveSA.579645D26CFD_1.10.1.0_x64__4hny5m903y3g0 [2023-09-02] (Focus Home Interactive SA)
Audiobooks from Audible -> C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2 [2023-02-14] (Audible Inc)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.250.400.0_x64__kgqvnymyfvs32 [2023-08-25] (king.com)
Carrion -> C:\Program Files\WindowsApps\DevolverDigital.CarrionWin10_1.0.14.0_x64__6kzv4j18v0c96 [2021-10-27] (Devolver Digital)
Children of Morta -> C:\Program Files\WindowsApps\11bitstudios.12487E5DA4D9B_1.0.17.2_x64__gwy9gn5q9j1y6 [2021-10-08] (11 bit studios)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-10] (Microsoft Corporation)
Crusader Kings III -> C:\Program Files\WindowsApps\ParadoxInteractive.ProjectTitus_1.0.526.0_x64__zfnrdv2de78ny [2023-08-31] (Paradox Interactive)
Death's Door Win10 -> C:\Program Files\WindowsApps\DevolverDigital.DeathsDoorWin10_1.0.6.0_x64__6kzv4j18v0c96 [2022-01-25] (Devolver Digital)
Death's Gambit -> C:\Program Files\WindowsApps\CartoonInteractiveGroupIn.DeathsGambit_1.0.0.0_x64__6c1aaymwt3dwm [2020-02-15] (Cartoon Interactive Group Inc.)
DEMON'S TILT -> C:\Program Files\WindowsApps\FLARBLLC.57668A550983B_1.4.30.0_x64__hvfnz2ebz1aje [2020-10-25] (FLARB LLC)
Dishonored® Definitive Edition (PC) -> C:\Program Files\WindowsApps\BethesdaSoftworks.DishonoredDE-PC_1.10.0.0_x64__3275kfvn8vcwc [2022-11-06] (Bethesda Softworks)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.57.3.0_x64__6rarf9sa4v8jt [2023-08-10] (Disney)
DJMAX RESPECT V -> C:\Program Files\WindowsApps\Neowiz.DJMAXRESPECTV_1.6872.2507.0_x64__r4z3116tdh636 [2023-06-22] (NEOWIZ)
Doom Eternal - PC -> C:\Program Files\WindowsApps\BethesdaSoftworks.DOOMEternal-PC_1.0.17.0_x64__3275kfvn8vcwc [2022-04-27] (Bethesda Softworks)
DOOM Eternal: Campaign -> C:\Program Files\WindowsApps\BethesdaSoftworks.DOOMEternalCampaignPC_1.0.1.0_x64__3275kfvn8vcwc [2020-12-08] (Bethesda Softworks)
Dropbox Lite -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_23.4.20.0_x64__xbfy0k16fey96 [2023-09-02] (Dropbox Inc.)
Eiyuden Chronicle: Rising -> C:\Program Files\WindowsApps\505GAMESS.P.A.EiyudenChronicleRising_1.0.16.0_x64__tefn33qh9azfc [2022-06-21] (505 GAMES S.P.A.)
EVERSPACE™ 2 -> C:\Program Files\WindowsApps\ROCKFISHGames.EVERSPACE2_1.0.35328.0_x64__wm11qtfe9fmzj [2023-08-30] (ROCKFISH Games)
Exo One -> C:\Program Files\WindowsApps\FutureFriendsGames.ExoOne_1.2.1.0_x64__2whsqx9fyfsdj [2022-03-31] (Future Friends Games)
Forza Horizon 3 -> C:\Program Files\WindowsApps\Microsoft.OpusPG_1.0.125.2_x64__8wekyb3d8bbwe [2020-08-18] (Microsoft Studios)
Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.477.714.2_x64__8wekyb3d8bbwe [2023-04-10] (Microsoft Studios)
Forza Horizon 5 -> C:\Program Files\WindowsApps\Microsoft.624F8B84B80_3.607.493.0_x64__8wekyb3d8bbwe [2023-08-15] (Microsoft Studios)
Gears of War 4 -> C:\Program Files\WindowsApps\Microsoft.SpartaUWP_14.4.0.2_x64__8wekyb3d8bbwe [2019-07-11] (Microsoft Studios)
GUILTY GEAR STRIVE -> C:\Program Files\WindowsApps\asw-akiyama.GUILTYGEARSTRIVE_1.0.8.0_x64__krnzms20jbb38 [2023-09-04] (ARC SYSTEM WORKS)
Halo -> C:\Program Files\WindowsApps\Microsoft.Tomp_1.0.4723.0_x64__8wekyb3d8bbwe [2023-02-14] (Microsoft Studios)
Halo Infinite -> C:\Program Files\WindowsApps\Microsoft.254428597CFE2_1.3871.53028.0_x64__8wekyb3d8bbwe [2023-08-10] (Microsoft Studios)
Halo: Spartan Assault -> C:\Program Files\WindowsApps\Microsoft.HaloSpartanAssault_1.5.0.0_x86__8wekyb3d8bbwe [2019-12-29] (Microsoft Studios)
Halo: The Master Chief Collection -> C:\Program Files\WindowsApps\Mutable\Microsoft.Chelan_1.3251.0.0_x64__8wekyb3d8bbwe [2023-07-20] (Microsoft Studios)
Hardspace: Shipbreaker -> C:\Program Files\WindowsApps\FocusHomeInteractiveSA.HardspaceShipbreaker-PCVers_1.0.35.0_x64__4hny5m903y3g0 [2022-11-18] (Focus Home Interactive SA)
Hi-Fi RUSH -> C:\Program Files\WindowsApps\BethesdaSoftworks.Hibiki_1.6.0.0_x64__3275kfvn8vcwc [2023-07-05] (Bethesda Softworks)
Hollow Knight -> C:\Program Files\WindowsApps\TeamCherry.15373CD61C66B_5.80.11835.0_x64__y4jvztpgccj42 [2022-11-09] (Team Cherry)
HOT WHEELS UNLEASHED™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSUNLEASHED-WindowsEdition_1.0.6.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone s.r.l.)
HOT WHEELS™ - AcceleRacers Bassline™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC19_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - AcceleRacers Deora™ II -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC14_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - AcceleRacers Hollowback™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC44_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - AcceleRacers Power Rage™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC29_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Aston Martin DB5 1963 -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC08_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Barbie™ Dream Camper™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC22_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Batman Expansion -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC17_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Beefed Up Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC01_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Bone Shaker™ Unleashed Edition -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC03_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Booster Slam Module -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC28_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Classic Packard -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC64_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Corvette Stingray Convertible 2014 -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC35_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Cyberpunk Customization Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC47_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Dinopult Module -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC21_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Gorilla Garage Module -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC34_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Haunted Customization Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC40_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - He-Man™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC50_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Holiday Season Customization Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC18_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Hot Rod Customization Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC61_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Jumping Towers Module -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC49_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Looney Tunes Expansion -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC54_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - McLaren 720S -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC65_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - McLaren Senna -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC36_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Monster Trucks Expansion -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC39_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Outer Space Customization Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC26_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Pink Fashion Customization Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC11_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Retro Game Customization Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC55_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Rolling Boulders Module -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC06_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Shark Jaws Module -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC42_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Skaters Customization Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC32_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Skeletor™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC58_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Spinning Tire Module -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC20_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Sportscars Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC00_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Street Beasts™ Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC02_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Street Fighter Blanka -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC12_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Street Fighter Chun-Li -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC30_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Street Fighter M. Bison -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC05_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Street Fighter Ryu -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC41_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Street Fighter Vega -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC33_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Super Dealership Module -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC63_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Superman™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC07_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Swamp Thing™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC59_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - The Jetsons™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC62_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - The Mystery Machine™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC51_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - TMNT Donatello -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC48_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - TMNT Leonardo -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC15_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - TMNT Michelangelo -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC27_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - TMNT Raphael -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC43_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - TMNT Shredder -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC56_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Tropical Wave Customization Pack -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC04_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Wonder Woman™ -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC13_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HOT WHEELS™ - Zero Gravity Checkpoint Module -> C:\Program Files\WindowsApps\MilestoneS.r.l.HOTWHEELSGDK-DLC57_1.0.0.0_x64__h6vxh15j4wapt [2023-02-07] (Milestone S.r.l.)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2023-01-17] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_148.2.1069.0_x64__v10z8vjag6ke6 [2023-08-08] (HP Inc.)
Insurgency: Sandstorm - Windows -> C:\Program Files\WindowsApps\FocusHomeInteractiveSA.3806953BAE050_1.8.3.0_x64__4hny5m903y3g0 [2023-07-12] (Focus Home Interactive SA)
Kathy Rain -> C:\Program Files\WindowsApps\RawFury.1107399377650_1.0.9.0_x86__9s0pnehqffj7t [2020-09-24] (Raw Fury)
Lonely Mountains: Downhill -> C:\Program Files\WindowsApps\Thunderful.LonelyMontainsDownhill_1.5.2.0_x64__8j53pwgd019sy [2023-03-13] (Thunderful Publishing AB)
Metal: Hellsinger -> C:\Program Files\WindowsApps\FuncomOsloAS.ProjectHammerhead_1.6.8726.0_x64__pkaskhy6cdq4g [2023-06-21] (Funcom Oslo AS)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Flight Simulator -> C:\Program Files\WindowsApps\Microsoft.FlightSimulator_1.33.8.0_x64__8wekyb3d8bbwe [2023-06-22] (Microsoft Studios)
Microsoft Flight Simulator Digital Ownership -> C:\Program Files\WindowsApps\Microsoft.DigitalOwnership_1.0.1.0_x64__8wekyb3d8bbwe [2021-06-01] (Microsoft Studios)
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.6.8211.0_x86__8wekyb3d8bbwe [2023-08-28] (Microsoft Studios)
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_4.4.7101.0_x64__8wekyb3d8bbwe [2023-07-26] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2023-02-14] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2023-02-14] (Microsoft Studios) [MS Ad]
Midnight Fight Express -> C:\Program Files\WindowsApps\HumbleBundle.MidnightFightExpress_1.1.1.0_x64__q2mcdwmzx4qja [2022-11-04] (Humble Bundle)
Mighty Goose -> C:\Program Files\WindowsApps\ActiveGamingMediaInc.MightyGoose_1.0.4.0_x64__4tj796bhrrsp0 [2021-10-02] (Active Gaming Media Inc.)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.1501.0_x64__8wekyb3d8bbwe [2023-08-17] (Microsoft Studios)
Mystery Manor: Hidden Objects -> C:\Program Files\WindowsApps\0EB8BD08.MysteryManorhiddenobjects_6.220.0.0_x86__erk4rrwmt7jyt [2023-08-30] (GAME INSIGHT UAB)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-18] (Netflix, Inc.)
Night Call -> C:\Program Files\WindowsApps\RawFury.NightCallWIN10_1.3.6.0_x64__9s0pnehqffj7t [2021-08-26] (Raw Fury)
NORCO -> C:\Program Files\WindowsApps\RawFury.NORCO_1.4.7.0_x64__9s0pnehqffj7t [2023-02-23] (Raw Fury)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-09-03] (NVIDIA Corp.)
ORF-TVthek -> C:\Program Files\WindowsApps\ORFsterreichischerRundfun.ORF-TVthek_3.5.0.0_x64__dzzx7e9x33sct [2023-02-14] (Österreichischer Rundfunk ORF)
PAC-MAN MUSEUM+ -> C:\Program Files\WindowsApps\NAMCOBANDAIGamesInc.PACMANMUSEUMPLUS_1.0.5.0_x64__gdy2aq6ez762w [2022-12-07] (BANDAI NAMCO Entertainment Inc.)
Penbook -> C:\Program Files\WindowsApps\36376UserCamp.Penbook_2.1.30.0_x64__t7afzrbtd67z0 [2023-02-14] (User Camp)
Pentiment -> C:\Program Files\WindowsApps\Microsoft.OE-Missouri_1.2.1713.0_x64__8wekyb3d8bbwe [2023-05-31] (Microsoft Studios)
Persona 5 Royal -> C:\Program Files\WindowsApps\SEGAofAmericaInc.F0cb6b3aer_1.10.27.0_x64_USEU_s751p9cej88mt [2023-01-12] (SEGA of America, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.148.0_x64__pwbj9vvecjh7j [2023-09-03] (Amazon Development Centre (London) Ltd)
Project Wingman -> C:\Program Files\WindowsApps\HumbleBundle.ProjectWingman_0.6.12.0_x64__q2mcdwmzx4qja [2022-09-15] (Humble Bundle)
QUAKE -> C:\Program Files\WindowsApps\BethesdaSoftworks.ProjectSilver_1.0.5237.0_x64__3275kfvn8vcwc [2022-09-29] (Bethesda Softworks)
Quake 3 -> C:\Program Files\WindowsApps\Mutable\BethesdaSoftworks.Quake3_1.0.0.0_x86__3275kfvn8vcwc [2021-08-23] (Bethesda Softworks)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.238.0_x64__dt26b99r8h8gj [2023-08-28] (Realtek Semiconductor Corp)
River City Girls -> C:\Program Files\WindowsApps\6151WayForward.RiverCityGirlsPC_1.0.8.2_x64__38xd6w9je1dae [2023-02-14] (WayForward)
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_9.2.2.0_x86__g0q0z3kw54rap [2023-08-10] (flaregames GmbH)
Ryza Roads -> C:\Program Files\WindowsApps\553FelipeFidelis.RyzaRoads_1.1.84.0_x64__4ganz59kg4aby [2023-02-14] (Felipe Godoy)
Serious Sam 4 -> C:\Program Files\WindowsApps\DevolverDigital.SeriousSam4Win10_1.0.8.0_x64__6kzv4j18v0c96 [2023-02-12] (Devolver Digital)
Solasta -> C:\Program Files\WindowsApps\TacticalAdventures.SolastaCOTM_1.5.94.0_x64__q0c2rn28zyrv4 [2023-07-18] (Tactical Adventures)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-09-03] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0 [2023-08-31] (Spotify AB) [Startup Task]
Teenage Mutant Ninja Turtles: Shredder's Revenge -> C:\Program Files\WindowsApps\DotEmu.TeenageMutantNinjaTurtlesShreddersRevenge_1.2307.27.0_x64__map6zyh9ym1xy [2023-09-02] (DotEmu)
Tetris® Effect: Connected -> C:\Program Files\WindowsApps\48710EnhanceIncorporated.TRIP2.0_2.0.20.0_x64__63vy8jfbpt4dt [2023-05-31] (Enhance Incorporated)
The Legend of Tianding -> C:\Program Files\WindowsApps\AnotherIndie.TheLegendofTianding_1.1.11.0_x64__zrgg4v79ydekg [2023-04-05] (Another Indie)
The Master Chief Collection: Halo 3 -> C:\Program Files\WindowsApps\Microsoft.MCCHalo3_1.12.0.0_x64__8wekyb3d8bbwe [2020-07-27] (Microsoft Studios)
The Master Chief Collection: Halo CE -> C:\Program Files\WindowsApps\Microsoft.HaloCombatEvolved_1.1367.0.0_x64__8wekyb3d8bbwe [2020-03-03] (Microsoft Studios)
The Master Chief Collection: REACH -> C:\Program Files\WindowsApps\Microsoft.TheMasterChiefCollectionREACH_1.1.0.0_x64__8wekyb3d8bbwe [2019-12-04] (Microsoft Studios)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-14] (Twitter Inc.)
Windjammers 2 -> C:\Program Files\WindowsApps\DotEmu.Windjammers2_22.3.24.0_x64__map6zyh9ym1xy [2022-03-29] (DotEmu)
Wolfenstein: The Old Blood (PC) -> C:\Program Files\WindowsApps\BethesdaSoftworks.WolfensteinTOB-PC_1.19.2.0_x64__3275kfvn8vcwc [2022-05-14] (Bethesda Softworks)
WWE Network -> C:\Program Files\WindowsApps\6FA0E4A0.WWENetwork_4.42.43.0_x64__46xvzjh8v0pjy [2020-05-13] (World Wrestling Entertainment Inc.)
Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2209.2209.14005.0_x64__8wekyb3d8bbwe [2022-09-26] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3615177999-3261653453-3779512466-1001_Classes\CLSID\{36B27788-A8BB-4698-A756-DF9F11F64F84}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3615177999-3261653453-3779512466-1001_Classes\CLSID\{3f5d0051-61b8-0f45-6166-996cfb4f914f}\localserver32 -> C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3615177999-3261653453-3779512466-1001_Classes\CLSID\{45769bcc-e8fd-42d0-947e-02beef77a1f5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3615177999-3261653453-3779512466-1001_Classes\CLSID\{8BC8AFC2-4E7C-4695-818E-8C1FFDCEA2AF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3615177999-3261653453-3779512466-1001_Classes\CLSID\{afbd5a44-2520-4ae0-9224-6cfce8fe4400}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3615177999-3261653453-3779512466-1001_Classes\CLSID\{BFEE99B4-B74D-4348-BCA5-E757029647FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3615177999-3261653453-3779512466-1001_Classes\CLSID\{ddee2b8a-6807-48a6-bb20-2338174ff779}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3615177999-3261653453-3779512466-1001_Classes\CLSID\{ec52dea8-7c9f-4130-a77b-1737d0418507}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [383488 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks-x32: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\SysWOW64\mscoree.dll [314880 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> No File
ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> No File
ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [ZPShellExt] -> {ABE00001-0123-ABED-1248-0248ADFA1909} => C:\Program Files (x86)\Zoom Player\zpshlext64.dll [2008-08-05] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3828c822366e497\nvshext.dll [2023-08-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-02-09] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\aluca\Desktop\TikTok.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc
ShortcutWithArgument: C:\Users\aluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\TikTok.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc
ShortcutWithArgument: C:\Users\aluca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ca79330482c36bc6\Checker Plus for Google Calendar™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hkhggnncdpfibdhinjiegagmopldibha

==================== Loaded Modules (Whitelisted) =============

2023-08-14 13:47 - 2023-08-09 01:46 - 004684288 _____ () [File not signed] \\?\C:\Users\aluca\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\better-sqlite3\build\Release\better_sqlite3.node
2023-08-14 13:47 - 2023-08-09 01:46 - 004961792 _____ () [File not signed] \\?\C:\Users\aluca\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\libsignal-client\prebuilds\win32-x64\node.napi.node
2023-08-14 13:47 - 2023-08-09 01:46 - 011730432 _____ () [File not signed] \\?\C:\Users\aluca\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\ringrtc\build\win32\libringrtc-x64.node
2017-05-13 17:14 - 2021-05-30 09:10 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-12-29 06:25 - 2015-12-29 00:25 - 000120334 _____ () [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\libgcc_s_dw2-1.dll
2015-12-29 06:25 - 2015-12-29 00:25 - 001540622 _____ () [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\libstdc++-6.dll
2022-08-30 19:45 - 2022-08-30 13:45 - 007523840 _____ () [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\resource.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000064512 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\ashinetutil.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000225792 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\jsoncpp.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000056320 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\lzma.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000111616 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\minizip.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000226816 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\party.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000678912 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\sqlite.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 001082368 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\webdave.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000082944 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\zdll.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000074240 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\ziputil.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000025088 _____ () [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\zlibutil.dll
2015-12-29 06:25 - 2015-12-29 00:25 - 000079360 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\libwinpthread-1.dll
2023-08-30 17:34 - 2023-08-30 17:34 - 000143360 _____ (Quizo) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\QTPluginLib\530088c70427c7078963947151f0ff77\QTPluginLib.ni.dll
2023-08-30 17:34 - 2023-08-30 17:34 - 012233216 _____ (Quizo) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\QTTabBar\9aef4ed469f2184cd163dbd1b21a17be\QTTabBar.ni.dll
2021-04-08 12:59 - 2018-06-27 09:58 - 002135040 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\ash_libcurl.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000431616 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\libcurl.dll
2015-12-29 06:52 - 2015-12-29 00:52 - 002177536 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\LIBEAY32.dll
2015-12-29 06:52 - 2015-12-29 00:52 - 000462336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\ssleay32.dll
2015-01-08 21:56 - 2020-12-15 12:04 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Origin\LIBEAY32.dll
2019-03-08 18:34 - 2020-12-15 12:04 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Origin\ssleay32.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 003423744 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\libcrypto-1_1-x64.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000684032 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\libssl-1_1-x64.dll
2016-06-11 02:15 - 2016-06-10 20:15 - 000058880 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qdds.dll
2016-06-10 15:32 - 2016-06-10 09:32 - 000033792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qgif.dll
2016-06-11 02:15 - 2016-06-10 20:15 - 000046592 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qicns.dll
2016-06-10 15:33 - 2016-06-10 09:33 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qico.dll
2016-06-10 15:32 - 2016-06-10 09:32 - 000258560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qjpeg.dll
2016-06-11 01:51 - 2016-06-10 19:51 - 000028672 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qsvg.dll
2016-06-11 02:15 - 2016-06-10 20:15 - 000028672 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qtga.dll
2016-06-11 02:15 - 2016-06-10 20:15 - 000495616 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qtiff.dll
2016-06-11 02:15 - 2016-06-10 20:15 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qwbmp.dll
2016-06-11 02:16 - 2016-06-10 20:16 - 000416768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qwebp.dll
2016-06-13 03:38 - 2016-06-12 21:38 - 000317440 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\mediaservice\dsengine.dll
2016-06-10 15:34 - 2016-06-10 09:34 - 001489920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\platforms\qwindows.dll
2020-01-13 09:29 - 2020-01-13 03:29 - 005384704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Core.dll
2016-06-10 15:23 - 2016-06-10 09:23 - 005283840 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Gui.dll
2016-06-13 03:29 - 2016-06-12 21:29 - 000853504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Multimedia.dll
2016-06-10 15:17 - 2016-06-10 09:17 - 001610240 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Network.dll
2016-06-11 01:51 - 2016-06-10 19:51 - 000348160 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Svg.dll
2016-06-13 03:27 - 2016-06-12 21:27 - 000188416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5WebSockets.dll
2016-06-10 15:29 - 2016-06-10 09:29 - 006358528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Widgets.dll
2022-06-15 11:48 - 2017-09-14 14:40 - 000884736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\MiniTool ShadowMaker\sqldrivers\qsqlite.dll
2018-11-24 15:38 - 2020-12-15 12:04 - 001611264 _____ (The Qt Company Ltd) [File not signed] D:\Origin\platforms\qwindows.dll
2022-04-20 15:57 - 2020-12-15 12:04 - 005487104 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Core.dll
2022-04-20 15:57 - 2020-12-15 12:04 - 005841920 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Gui.dll
2022-04-20 15:57 - 2020-12-15 12:04 - 001179136 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Network.dll
2022-04-20 15:57 - 2020-12-15 12:04 - 000146432 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5WebSockets.dll
2022-04-20 15:57 - 2020-12-15 12:04 - 005089792 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Widgets.dll
2022-04-20 15:57 - 2020-12-15 12:04 - 000184832 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Xml.dll
2022-08-15 17:23 - 2022-08-15 11:23 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\BASS.dll
2022-08-15 17:23 - 2022-08-15 11:23 - 000012166 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\BASSWASAPI.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000151552 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\wxbase310u_net_vc_ox.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 002172416 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\wxbase310u_vc_ox.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000165888 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\wxbase310u_xml_vc_ox.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 001376768 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\wxmsw310u_adv_vc_ox.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 004942336 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\wxmsw310u_core_vc_ox.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000642048 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\wxmsw310u_html_vc_ox.dll
2021-04-08 12:59 - 2020-10-13 11:02 - 000764416 _____ (wxWidgets development team) [File not signed] c:\Program Files\Ashampoo\Ashampoo Backup Pro 15\bin\wxmsw310u_xrc_vc_ox.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\aluca\Anwendungsdaten:c7637b1ddf4ebe3cea300c7598738ba3 [394]
AlternateDataStreams: C:\Users\aluca\AppData\Roaming:c7637b1ddf4ebe3cea300c7598738ba3 [394]
AlternateDataStreams: C:\Users\Public\AppData:CSM [452]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7586]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\.cmd: => <==== ATTENTION

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-10-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-10-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM-x32 - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM-x32 - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM-x32 - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM-x32 - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2018-07-21 12:58 - 000000872 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\
HKU\S-1-5-21-3615177999-3261653453-3779512466-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\aluca\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\love_you_message_in_a_bottle-wallpaper-3840x2160.jpg
HKU\S-1-5-21-3615177999-3261653453-3779512466-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is disabled.

Network Binding:
=============
Ethernet 5: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 5: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 4: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 4: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Bluetooth-Netzwerkverbindung 8: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Ashampoo Backup PB"
HKLM\...\StartupApproved\Run: => "MTPW"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\StartupApproved\StartupFolder: => "Razer Synapse.lnk"
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DC6ADF56C95D4F38FCEEDC413012C68B"
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\StartupApproved\Run: => "Humble Bundle"

 

[AlucardSX]

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3950C8DE-3BA6-4F4E-A34D-D8EC870CF7BD}] => (Allow) C:\Users\aluca\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{ED9B0800-2B8B-42FF-9622-C9470EB6A959}C:\program files\electronic arts\ea desktop\ea desktop\eaconnect_microsoft.exe] => (Allow) C:\program files\electronic arts\ea desktop\ea desktop\eaconnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{8832C21B-B362-41E0-8D5F-DCF9FA187EB2}C:\program files\electronic arts\ea desktop\ea desktop\eaconnect_microsoft.exe] => (Allow) C:\program files\electronic arts\ea desktop\ea desktop\eaconnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{35CBDC56-E0BF-4541-9703-45F1E80492F7}E:4\tetriseffect\binaries\wingdk\tetriseffect-wingdk-shipping.exe] => (Allow) E:4\tetriseffect\binaries\wingdk\tetriseffect-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{E84848B9-76EC-459B-A94A-ABE236102D69}E:4\tetriseffect\binaries\wingdk\tetriseffect-wingdk-shipping.exe] => (Allow) E:4\tetriseffect\binaries\wingdk\tetriseffect-wingdk-shipping.exe => No File
FirewallRules: [{C86ED20C-3CF6-4975-9342-DFCC2FE366D5}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{99851C2B-95F2-43A3-98B7-5A5BC5C87425}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{AFCE9EB2-2BCF-44B6-A4CB-B4F9B19D5781}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{19993A54-F860-4D38-A3E2-F43B111135BB}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{2DD96B1A-9F6F-4D3C-8763-8FCDE1DEC960}] => (Allow) G:\SteamLibrary\steamapps\common\Helltaker\Helltaker.exe () [File not signed]
FirewallRules: [{D6A11985-07AB-473E-AE18-EAE3F21AEE6F}] => (Allow) G:\SteamLibrary\steamapps\common\Helltaker\Helltaker.exe () [File not signed]
FirewallRules: [{713D0FA1-3676-4B66-B691-81E11A981FD2}] => (Allow) G:\SteamLibrary\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe (Arkane Studios) [File not signed]
FirewallRules: [{C13E3C21-EC11-4214-ACB1-87B3DE062312}] => (Allow) G:\SteamLibrary\steamapps\common\Prey\Binaries\Danielle\x64\Release\Prey.exe (Arkane Studios) [File not signed]
FirewallRules: [{80534638-29D4-4F94-B960-D8DF2CBE76D4}] => (Allow) G:\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{65C15775-967F-47BE-83B4-773F4E83FD1E}] => (Allow) G:\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{EBFCC66C-51CE-40F2-8D2A-47D8143B1A79}D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe (Valve Corp. -> Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{15B9EE10-9BD8-4497-AA8E-D35587FFB084}D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) D:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe (Valve Corp. -> Firaxis Games) [File not signed]
FirewallRules: [{C737FC04-D326-437C-A958-7A0F39D19CBB}] => (Allow) G:\SteamLibrary\steamapps\common\SoulcaliburVI\SoulcaliburVI\Binaries\Win64\SoulcaliburVI.exe () [File not signed]
FirewallRules: [{E9C39925-C7E9-45CF-855A-2D65A4832BFD}] => (Allow) G:\SteamLibrary\steamapps\common\SoulcaliburVI\SoulcaliburVI\Binaries\Win64\SoulcaliburVI.exe () [File not signed]
FirewallRules: [{C874CDD0-7D52-43E8-B4CF-FAFC9867DC8C}] => (Allow) G:\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{57683220-3C4F-4F28-95C3-8F8ED2E2B2B7}] => (Allow) G:\SteamLibrary\steamapps\common\HatinTime\Binaries\Win64\HatinTimeGame.exe (Gears for Breakfast ApS) [File not signed]
FirewallRules: [{2BD300D0-7746-4CFA-AF12-6AB063EFD0D6}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, LLC -> Psyonix LLC)
FirewallRules: [{AFA247DE-9927-4B95-9AD8-4F177983E9B2}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, LLC -> Psyonix LLC)
FirewallRules: [{EA43B0CD-9A7B-42CF-8F6E-2D18132DD7F8}] => (Allow) G:\SteamLibrary\steamapps\common\Citizen of Rome - Dynasty Ascendant\Citizen of Rome - Dynasty Ascendant.exe (Sathvik Software Solutions) [File not signed]
FirewallRules: [{B75F7127-5577-46FB-9010-FF4860E1B13C}] => (Allow) G:\SteamLibrary\steamapps\common\Citizen of Rome - Dynasty Ascendant\Citizen of Rome - Dynasty Ascendant.exe (Sathvik Software Solutions) [File not signed]
FirewallRules: [{EFA1A01B-628A-4978-BBBF-EBBD070C02C9}] => (Allow) G:\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{CE2BF40F-B26D-48E0-9A03-15346D49CFC4}] => (Allow) G:\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{F350B14D-BED9-4F1F-8E51-6F000F84149C}] => (Allow) G:\SteamLibrary\steamapps\common\A Bastard's Tale\a_bastards_tale.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{9400C6FF-507A-4383-A69C-1126F02EDE3A}] => (Allow) G:\SteamLibrary\steamapps\common\A Bastard's Tale\a_bastards_tale.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{1CC3BCA4-F48C-4CF6-8AB0-1EA82D1F5F7B}] => (Allow) G:\SteamLibrary\steamapps\common\Persona 4 Golden\P4G.exe (Sega of America, Inc. -> )
FirewallRules: [{C829533D-6781-470F-A619-E4D7482FBECE}] => (Allow) G:\SteamLibrary\steamapps\common\Persona 4 Golden\P4G.exe (Sega of America, Inc. -> )
FirewallRules: [{D8CB52C1-F7BF-4C3A-AE0F-1844F88F245B}] => (Allow) G:\SteamLibrary\steamapps\common\theHunterCotW\theHunterCotW_F.exe () [File not signed]
FirewallRules: [{F3BB6BFB-7EDD-4BD4-8D28-FD1A12B35A3A}] => (Allow) G:\SteamLibrary\steamapps\common\theHunterCotW\theHunterCotW_F.exe () [File not signed]
FirewallRules: [{893E6BAA-9307-4248-920C-04A5DF2F9A41}] => (Allow) D:\Steam\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe () [File not signed]
FirewallRules: [{EBFA0E19-59EE-497A-BEBE-10013444EFA8}] => (Allow) D:\Steam\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe () [File not signed]
FirewallRules: [{BC93ACFA-C43B-4C01-933D-0B800EF19323}] => (Allow) D:\Steam\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe () [File not signed]
FirewallRules: [{D4BF11BF-4D6D-4706-8B5A-FD578624DF91}] => (Allow) D:\Steam\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe () [File not signed]
FirewallRules: [UDP Query User{F554F1E9-6F02-445E-BFDC-3CE7E602761A}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{E4805002-E226-4419-A777-806146BCBA7C}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{183C8CB5-EE79-4403-B625-D0FB8B4205A7}] => (Allow) D:\Steam\steamapps\common\Azure Striker Gunvolt\exe\gv_win.exe () [File not signed]
FirewallRules: [{F3D71057-7704-4A27-B01B-6515A4D41094}] => (Allow) D:\Steam\steamapps\common\Azure Striker Gunvolt\exe\gv_win.exe () [File not signed]
FirewallRules: [{3956196F-742D-4115-BF8D-88922FE7DFF1}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{5151501D-D973-4A3C-AA46-DDC847188443}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A9FD578F-5CD3-4BAE-BD3B-9E039B9EC21F}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BE142187-488F-4DC1-9B77-743D85B16EA6}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{31616AF4-ABBF-4676-9DD7-2F652E7FCFF0}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{BD23BA23-9421-4C6B-B955-ECC56AB855A1}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{BF783425-C086-4B57-8B65-36928FDC2063}] => (Allow) D:\The Crew 2\TheCrew2.exe (UBISOFT ENTERTAINMENT INC. -> UBISoft)
FirewallRules: [{71B8E305-A47B-4098-9938-8229441DA305}] => (Allow) G:\SteamLibrary\steamapps\common\Train Fever\TrainFever.exe () [File not signed]
FirewallRules: [{3689FDE9-2518-40C8-8DEB-7AE628E425F9}] => (Allow) G:\SteamLibrary\steamapps\common\Train Fever\TrainFever.exe () [File not signed]
FirewallRules: [{0D35ECA3-A74E-49C3-A0D8-481ABE9851F8}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{6965AE59-E1BF-40F1-80FF-4F9E626DA7A6}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{7CD2DF47-55B7-4C21-AF3E-6681CEEFF174}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{8AAAA5BE-A63D-4C8D-B30E-5BDB96F68460}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{9183AD19-1959-4947-AB7F-D27D0195BB94}] => (Allow) G:\SteamLibrary\steamapps\common\Legend of Grimrock 2\grimrock2.exe () [File not signed]
FirewallRules: [{341296F5-BB61-4A69-9E64-646467C79819}] => (Allow) G:\SteamLibrary\steamapps\common\Legend of Grimrock 2\grimrock2.exe () [File not signed]
FirewallRules: [{4774BA71-2F77-41D7-9E82-0481D906A577}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{7954B0EE-7755-422D-A814-550590FC1B8A}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{32A149A3-2E44-4718-BC77-0044CEAAB5CD}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{CD8D09E6-1A4A-4D2D-8EC2-A31FA559DC35}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{DD69A62F-925C-4D59-A343-587A2CA21966}] => (Allow) D:\Steam\steamapps\common\Outland\Outland.exe () [File not signed]
FirewallRules: [{45FEF2D3-8A10-427B-AFCD-A3BF92D19458}] => (Allow) D:\Steam\steamapps\common\Outland\Outland.exe () [File not signed]
FirewallRules: [{48D354AF-2667-4EBA-8B02-C53D3F296004}] => (Allow) D:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe (Valve Corp. -> Activision Publishing Inc.) [File not signed]
FirewallRules: [{3CD9D665-950E-4C62-86B9-FC5E7EC2DC99}] => (Allow) D:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe (Valve Corp. -> Activision Publishing Inc.) [File not signed]
FirewallRules: [UDP Query User{39F0B323-F8DF-417E-B9C3-34DFDAF2876D}G:\tom clancy ghost recon wildlands\grw.exe] => (Allow) G:\tom clancy ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
FirewallRules: [TCP Query User{EC9ABBB5-2937-4B2E-A80D-0E1EFB9608FD}G:\tom clancy ghost recon wildlands\grw.exe] => (Allow) G:\tom clancy ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
FirewallRules: [{78F3DA58-BB8E-4A2D-B7CF-AC4D00F931AD}] => (Allow) D:\Steam\steamapps\common\Hover\Hover.exe () [File not signed]
FirewallRules: [{15AE93FC-6529-4F23-B7E9-41807C764969}] => (Allow) D:\Steam\steamapps\common\Hover\Hover.exe () [File not signed]
FirewallRules: [{3BC39E99-EE03-46B4-B57A-B0D96643CAE5}] => (Allow) D:\Steam\steamapps\common\Besiege\Besiege.exe () [File not signed]
FirewallRules: [{C405293B-B21E-4A4E-81DC-2127B33ACAAA}] => (Allow) D:\Steam\steamapps\common\Besiege\Besiege.exe () [File not signed]
FirewallRules: [{F58BEAB1-D04B-451E-A808-D2FD97FD0BC1}] => (Allow) D:\Steam\steamapps\common\RONIN\Ronin.exe () [File not signed]
FirewallRules: [{64CAD3C3-E116-4B7B-B527-E80FC9B63485}] => (Allow) D:\Steam\steamapps\common\RONIN\Ronin.exe () [File not signed]
FirewallRules: [{8BB94889-1C57-4493-B5EE-418B2BFD3620}] => (Allow) D:\Steam\steamapps\common\Not a Hero\LEGACY.exe () [File not signed]
FirewallRules: [{15D24F6E-504B-4A89-AC03-487209F4974C}] => (Allow) D:\Steam\steamapps\common\Not a Hero\LEGACY.exe () [File not signed]
FirewallRules: [{E4CC2CD7-D5A3-40DD-B4D8-6D42504CD383}] => (Allow) D:\Steam\steamapps\common\Not a Hero\NOT A HERO.exe (JohnRibbins) [File not signed]
FirewallRules: [{092DC9DF-9030-4ED2-81ED-97F4EC4CC690}] => (Allow) D:\Steam\steamapps\common\Not a Hero\NOT A HERO.exe (JohnRibbins) [File not signed]
FirewallRules: [{E5EE7254-625A-414A-8D1C-33FEE8DAAC26}] => (Allow) D:\Steam\steamapps\common\cap4ever\cap4ever.exe () [File not signed]
FirewallRules: [{AE579140-776F-4E6F-9BDC-22BE4766E428}] => (Allow) D:\Steam\steamapps\common\cap4ever\cap4ever.exe () [File not signed]
FirewallRules: [{44ED9590-F670-422B-9CB9-29D6501B6091}] => (Allow) D:\Steam\steamapps\common\Panzer Corps\autorun.exe (Slitherine Ltd. -> Slitherine Publishing Ltd.)
FirewallRules: [{B856ABC2-79C2-4DC1-BC02-C1F169E3412C}] => (Allow) D:\Steam\steamapps\common\Panzer Corps\autorun.exe (Slitherine Ltd. -> Slitherine Publishing Ltd.)
FirewallRules: [{49D0971C-B74A-46BC-B794-9FF84C3A6013}] => (Allow) D:\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe () [File not signed]
FirewallRules: [{67A5D671-8FE9-4EE1-8D4B-C1BF69362D63}] => (Allow) D:\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe () [File not signed]
FirewallRules: [{F0E7FA60-A293-4627-B9BF-A501F16CF17F}] => (Allow) D:\Steam\steamapps\common\Moekuri\moekuri.exe () [File not signed]
FirewallRules: [{621849F7-7991-4899-A6E1-8E1BF2538676}] => (Allow) D:\Steam\steamapps\common\Moekuri\moekuri.exe () [File not signed]
FirewallRules: [{396C00EE-3616-4B19-BBFE-D6BA22AE71DE}] => (Allow) D:\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe (Activision Publishing Inc -> )
FirewallRules: [{5D6FF606-8A82-4E6F-A239-22581E16E41C}] => (Allow) D:\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe (Activision Publishing Inc -> )
FirewallRules: [{83EAC9C5-70C5-44BA-BBF1-283DAA5D85FF}] => (Allow) D:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe () [File not signed]
FirewallRules: [{59EA095F-9969-4788-998D-8F2DAE9C28D6}] => (Allow) D:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe () [File not signed]
FirewallRules: [{395FCE4E-F78C-4CB1-A6CE-F9EC10C400CB}] => (Allow) D:\Steam\steamapps\common\CM3\cm3.exe () [File not signed]
FirewallRules: [{3008F9D3-053F-4413-A60F-554421986D1B}] => (Allow) D:\Steam\steamapps\common\CM3\cm3.exe () [File not signed]
FirewallRules: [{CB549B74-916C-4D65-A744-95C1ADE0CCFB}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Prison Architect64.exe () [File not signed]
FirewallRules: [{D75022C2-A3FB-4DDB-B632-43A28AD3C451}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Prison Architect64.exe () [File not signed]
FirewallRules: [{AB564AA4-88C6-4424-947A-4B6A4A61B76C}] => (Allow) D:\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{D0DD417E-877D-4BB0-81A2-C43D0D10D2DB}] => (Allow) D:\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{1CC0770B-7793-4BA5-B7AC-A405E5B76578}] => (Allow) D:\Steam\steamapps\common\10000000\10000000.exe () [File not signed]
FirewallRules: [{86292C7F-ED48-4B22-BA39-53863F86707B}] => (Allow) D:\Steam\steamapps\common\10000000\10000000.exe () [File not signed]
FirewallRules: [{355B005F-9E42-4166-A294-AC3273381479}] => (Allow) D:\Steam\steamapps\common\Dungeon of Elements\DungeonofElements.exe () [File not signed]
FirewallRules: [{2FCF73C1-DF57-46CB-ADE6-45B667A2F8D4}] => (Allow) D:\Steam\steamapps\common\Dungeon of Elements\DungeonofElements.exe () [File not signed]
FirewallRules: [{8A6EE332-6E08-47B4-BF1B-1F069AAFEBF8}] => (Allow) D:\Steam\steamapps\common\Peggle Nights\PeggleNights.exe (PopCap Games -> )
FirewallRules: [{B57FE6FE-C5F5-4506-A819-208BE6EBFBCA}] => (Allow) D:\Steam\steamapps\common\Peggle Nights\PeggleNights.exe (PopCap Games -> )
FirewallRules: [UDP Query User{9D209CD1-F4C9-402D-8E13-095A529554EA}D:\into the breach\breach.exe] => (Allow) D:\into the breach\breach.exe () [File not signed]
FirewallRules: [TCP Query User{0FB8E4EC-00E5-41F9-9E0D-E3AB8B0E14AC}D:\into the breach\breach.exe] => (Allow) D:\into the breach\breach.exe () [File not signed]
FirewallRules: [{246A2B2B-65FA-44B3-96DE-C7436110C1B9}] => (Allow) D:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe (Valve Corp. -> Firaxis Games) [File not signed]
FirewallRules: [{EE88A536-C821-43CE-9635-2FEFE539303F}] => (Allow) D:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe (Valve Corp. -> Firaxis Games) [File not signed]
FirewallRules: [{15836D08-0556-42C5-8AB7-501732270A70}] => (Allow) D:\Steam\steamapps\common\Steep\steep.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{0C9FBC4D-9053-4DA6-9C4C-F06F10C37696}] => (Allow) D:\Steam\steamapps\common\Steep\steep.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{7C4CA846-BE20-4712-855A-7DFE6E73FF4F}] => (Allow) D:\Steam\steamapps\common\DoorKickers\DoorKickers.exe () [File not signed]
FirewallRules: [{E4B3280B-162F-4CA4-9267-86108D22047D}] => (Allow) D:\Steam\steamapps\common\DoorKickers\DoorKickers.exe () [File not signed]
FirewallRules: [{A8C2A6D1-694C-4109-A628-86E442BF7F6E}] => (Allow) D:\Steam\steamapps\common\Unity of Command\uoc-sc.exe () [File not signed]
FirewallRules: [{06B5EA68-DA1E-4F93-895D-C6A1B964BDF9}] => (Allow) D:\Steam\steamapps\common\Unity of Command\uoc-sc.exe () [File not signed]
FirewallRules: [{A85F89B8-576B-4955-97AE-3504944D93EE}] => (Allow) D:\Steam\steamapps\common\Unity of Command\uoc.exe () [File not signed]
FirewallRules: [{595A1185-4858-4C4E-BAEB-380B9D0A93D1}] => (Allow) D:\Steam\steamapps\common\Unity of Command\uoc.exe () [File not signed]
FirewallRules: [{58B600A2-8A32-4ECD-BF39-3CAB48EE70C9}] => (Allow) D:\Steam\steamapps\common\DEADBOLT\deadbolt_game.exe () [File not signed]
FirewallRules: [{36B7967B-AF60-48AA-A809-8996C887C4BE}] => (Allow) D:\Steam\steamapps\common\DEADBOLT\deadbolt_game.exe () [File not signed]
FirewallRules: [{BCA4C002-991F-4C1D-9C90-5B57347023C2}] => (Allow) D:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{4608B858-6A57-4064-BC78-323AD092F8EE}] => (Allow) D:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{B015EC8C-C80A-4F2C-82E1-7EC5B30580E7}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{AC313C0E-4234-466C-BC64-6535C5B17C98}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{6419085F-FA67-4051-9277-73C3EF76C141}] => (Allow) D:\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{34A47DFE-1A5A-4438-831C-235093CD186B}] => (Allow) D:\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{317065A0-6FDF-4C03-949A-AF49232878F2}] => (Allow) D:\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{FC5D8066-914F-4282-8F62-D272143CF9C8}] => (Allow) D:\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{C1ED9A5D-B365-495D-B039-CFA759E60040}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{8F4804EB-3DD3-45E3-9B22-B54588D53F9C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{E1731320-A08C-475F-9E4E-00046D58A6D6}] => (Allow) D:\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments) [File not signed]
FirewallRules: [{B39B78D8-F186-489F-8CE5-C178ED1E95C6}] => (Allow) D:\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments) [File not signed]
FirewallRules: [{9D64D457-0F1F-45C8-8177-BF3DC6BBA5FD}] => (Allow) D:\Steam\steamapps\common\Gemini Rue\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{C75631D6-C2AB-471D-BBE9-4593E1CB92E5}] => (Allow) D:\Steam\steamapps\common\Gemini Rue\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{BABD09AD-1828-4FFF-A2BD-A70CA62C5780}] => (Allow) D:\Steam\steamapps\common\Gemini Rue\gemini_rue_pc.exe => No File
FirewallRules: [{988175ED-125D-4D3F-856B-DC41E32CA692}] => (Allow) D:\Steam\steamapps\common\Gemini Rue\gemini_rue_pc.exe => No File
FirewallRules: [{8B8B3F37-457D-451A-88CF-2BA43F06B1B7}] => (Allow) D:\Steam\steamapps\common\Technobabylon\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{4721C1B4-6183-4FFD-9A78-173F5DBF6BCC}] => (Allow) D:\Steam\steamapps\common\Technobabylon\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{837D84D5-7904-4FB3-8D14-66F7A71A9B68}] => (Allow) D:\Steam\steamapps\common\Technobabylon\Technobabylon.exe (Technocrat Games) [File not signed]
FirewallRules: [{AA61A18D-3FDE-4041-B159-A7F219149A79}] => (Allow) D:\Steam\steamapps\common\Technobabylon\Technobabylon.exe (Technocrat Games) [File not signed]
FirewallRules: [{C99C2601-CA82-4475-856E-69E338263BDE}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{05EB7A02-B04A-445C-83FB-55392772CB74}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B3040137-81E6-4CB3-AF14-3DDC1047B633}] => (Allow) D:\Steam\steamapps\common\Sam and Max 301\SamMax301.exe (Telltale Games) [File not signed]
FirewallRules: [{619B3DF2-5977-4626-91DA-2CFECD0CF812}] => (Allow) D:\Steam\steamapps\common\Sam and Max 301\SamMax301.exe (Telltale Games) [File not signed]
FirewallRules: [{FC88D690-C392-4EC8-9689-6A50E4C72196}] => (Allow) D:\Steam\steamapps\common\TalesMajEyal\t-engine.exe (te4.org) [File not signed]
FirewallRules: [{28423607-AA5A-4168-B298-521097BF22DC}] => (Allow) D:\Steam\steamapps\common\TalesMajEyal\t-engine.exe (te4.org) [File not signed]
FirewallRules: [{A53B7DBF-C894-4DA2-B1F1-7625AAC51A66}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{C05EF2D9-D14A-4761-87DC-D6BEBE6B1CB2}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{F0FB45C9-D507-4FE0-A548-B9E7D30DC4F4}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{AB4B069F-BF53-49BE-954C-CA0561D08170}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{68E8CAFA-29DA-4ED2-B8AC-F5435FA19889}] => (Allow) D:\Steam\steamapps\common\Wizorb\Wizorb.exe () [File not signed]
FirewallRules: [{8681CAC3-54A3-4FD6-9EBA-49691660ABB0}] => (Allow) D:\Steam\steamapps\common\Wizorb\Wizorb.exe () [File not signed]
FirewallRules: [{4D877783-8F5F-491C-9D58-A7F2624FCEE5}] => (Allow) D:\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{19771D09-8D10-42F9-986A-D9E8315C8C0F}] => (Allow) D:\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{BE1BB522-DAB5-4B4B-BD8F-F4692F5E2102}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{AF599AB7-9661-4CEA-8208-5ED200440937}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{1D7010D5-83B2-4D02-B983-8D45D1D7005B}] => (Allow) D:\Steam\steamapps\common\Jigoku Kisetsukan\Jigoku_Kisetsukan.exe (Emanuele Franceschini) [File not signed]
FirewallRules: [{4AD476B1-8A2A-40CB-8495-35CBE4795DC9}] => (Allow) D:\Steam\steamapps\common\Jigoku Kisetsukan\Jigoku_Kisetsukan.exe (Emanuele Franceschini) [File not signed]
FirewallRules: [{D3BA003B-5455-4B83-B9BB-A29F9A8AE233}] => (Allow) D:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe (Activision Publishing Inc -> )
FirewallRules: [{B20CE21D-1E6C-4FA5-B2A7-B85784AB13CB}] => (Allow) D:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe (Activision Publishing Inc -> )
FirewallRules: [{AF37B695-7C11-4DF3-A3FC-3485931EB618}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{DE2F8FEA-FC58-4D19-8F8D-0A1AB42B1D2B}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{DC368E7A-BE64-44F8-AE9C-122C3B045842}] => (Allow) D:\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{309C730B-8822-4435-98DE-D772E6B5D8D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0894A1C1-C9DC-42B9-BA28-DC5881402B0A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D1CDF056-77AC-4042-AB31-B6F1AEA69C87}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7980616A-64DF-456A-ACD7-7B08C36D8EF1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A9E5A7E8-18D6-43B1-B8FE-FBCB35A8DE0E}] => (Allow) D:\Steam\steamapps\common\left 4 dead\left4dead.exe () [File not signed]
FirewallRules: [{9B6720A3-F476-4B2B-A5A4-90A979973639}] => (Allow) D:\Steam\steamapps\common\left 4 dead\left4dead.exe () [File not signed]
FirewallRules: [{3A38BCAB-469F-4CEE-B1C2-D9CAFEAD69D3}] => (Allow) D:\Steam\steamapps\common\Puzzle Agent\Grickle101.exe (Telltale Games) [File not signed]
FirewallRules: [{988C29BC-59B1-4504-8642-68AF698ACCB4}] => (Allow) D:\Steam\steamapps\common\Puzzle Agent\Grickle101.exe (Telltale Games) [File not signed]
FirewallRules: [{601EE3DC-0A07-441E-A969-B6C3320E960F}] => (Allow) D:\Steam\steamapps\common\N++\N++.exe () [File not signed]
FirewallRules: [{2A4FED4A-7010-4EFE-88F9-A9CBCE97EAA9}] => (Allow) D:\Steam\steamapps\common\N++\N++.exe () [File not signed]
FirewallRules: [{A4FD9457-6470-4896-ACE4-CADA6A31F05E}] => (Allow) D:\Steam\steamapps\common\Refunct\Refunct\Binaries\Win32\Refunct-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{AA30BB11-D106-47F1-91D5-0E584BF3EA19}] => (Allow) D:\Steam\steamapps\common\Refunct\Refunct\Binaries\Win32\Refunct-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D1A9CADF-8B11-4B35-89CC-799B4672979C}] => (Allow) D:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe () [File not signed]
FirewallRules: [{A1EB135B-7D72-4E34-838B-A2A8FF28DBF8}] => (Allow) D:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe () [File not signed]
FirewallRules: [{96BBABD8-1720-49C3-AC21-C2DB74CF1E58}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{74DA1D5C-BDC9-45E9-8C46-0A8DEB57371A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{5B691CD3-C978-4C89-964D-6B27E66BE1B9}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1C888C24-EBED-4F5E-BAFA-3C792B03182A}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EF9AEC86-FD98-43D6-95B1-B1E79EC20191}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9B42755F-D1AA-419C-A6C5-BE208C424DBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D47D8A42-EB79-439A-A87E-88C286926B6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{2A577F0E-DB64-42E9-83B6-62CB2B06334B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E642D798-880C-4081-8FC7-E96036AF3C0C}] => (Allow) D:\Steam\steamapps\common\Ultimate General Gettysburg\Ultimate General Gettysburg.exe () [File not signed]
FirewallRules: [{8EED39EF-4E47-4DB5-AE93-D6ED09E81D83}] => (Allow) D:\Steam\steamapps\common\Ultimate General Gettysburg\Ultimate General Gettysburg.exe () [File not signed]
FirewallRules: [{DB7CD77E-CD0F-485F-93B9-0DB1C439C05F}] => (Allow) D:\Steam\steamapps\common\Ultimate General Gettysburg\Ultimate General Multiplayer.exe () [File not signed]
FirewallRules: [{E6B0EAFC-25C9-423B-8AA6-D93C648B6B96}] => (Allow) D:\Steam\steamapps\common\Ultimate General Gettysburg\Ultimate General Multiplayer.exe () [File not signed]
FirewallRules: [{2FB283CE-B464-451F-ABD1-0F03CA256896}] => (Allow) D:\Steam\steamapps\common\Ultimate General Gettysburg\Bug Reporter.exe (Gamelabs LLC -> )
FirewallRules: [{0DFB4012-9578-43A8-AF6E-09313E9FACF5}] => (Allow) D:\Steam\steamapps\common\Ultimate General Gettysburg\Bug Reporter.exe (Gamelabs LLC -> )
FirewallRules: [{A400127C-8394-42DA-84D0-DA91ED67D15B}] => (Allow) D:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [{015CA374-22A5-4E02-B706-27FD70121C3C}] => (Allow) D:\Steam\steamapps\common\Nidhogg\Nidhogg.exe (Messhof LLC) [File not signed]
FirewallRules: [{6957E036-B602-4DAC-91AA-E0A96A459D93}] => (Allow) D:\Steam\steamapps\common\Empire Total War\Empire.exe (Sega Europe Limited -> The Creative Assembly Ltd)
FirewallRules: [{31F58A48-B5F5-4541-B4EB-EF68B23DD4E7}] => (Allow) D:\Steam\steamapps\common\Empire Total War\Empire.exe (Sega Europe Limited -> The Creative Assembly Ltd)
FirewallRules: [{51FC3A60-A054-4893-8133-44D2384AD0CF}] => (Allow) D:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{53CFD0D0-0D39-4956-A527-20F0AC6FFD68}] => (Allow) D:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{5B6D8278-814E-4E2A-8C7F-D0C5D8A6FA47}] => (Allow) D:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{D8EECA54-505C-4759-8424-CAE25660D56A}] => (Allow) D:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{809BEB16-A696-4103-BC60-148E1F25C2E7}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{02BBF1C2-B43B-4D9B-8795-F9C41B83087B}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{5012C32B-C045-41EF-89FC-D36B0376036E}] => (Allow) D:\Steam\steamapps\common\GOD EATER RESURRECTION\GER.exe () [File not signed]
FirewallRules: [{319B0C01-A1A8-4606-8BD1-A52A3EBA2DAE}] => (Allow) D:\Steam\steamapps\common\GOD EATER RESURRECTION\GER.exe () [File not signed]
FirewallRules: [{9A812551-BA7C-4BF3-97D2-F43D4B953514}] => (Allow) D:\Steam\steamapps\common\Shadow Warrior Original\bin\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{1D821283-3859-44EE-916B-E5CDB859DFC2}] => (Allow) D:\Steam\steamapps\common\Shadow Warrior Original\bin\DOSBox.exe (DOSBox Team) [File not signed]
FirewallRules: [{AF723906-64F4-4F3D-963D-20FF8212F9D6}] => (Allow) D:\Steam\steamapps\common\Castle In The Darkness\CastleInTheDarkness.exe () [File not signed]
FirewallRules: [{A54B273B-2221-49A8-8E41-85A5D99CA77B}] => (Allow) D:\Steam\steamapps\common\Castle In The Darkness\CastleInTheDarkness.exe () [File not signed]
FirewallRules: [TCP Query User{B8D82332-16FB-4921-8B0D-DDDC7DDDEA79}D:\origin games\battlefield 4\bf4.exe] => (Allow) D:\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{E6CAB77B-AF36-4A9A-B16E-86A6A507B37E}D:\origin games\battlefield 4\bf4.exe] => (Allow) D:\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{7D3EDDB5-FF85-426D-A62E-B1D599F7C576}D:\steam\steamapps\common\call of duty 4\iw3mp.exe] => (Allow) D:\steam\steamapps\common\call of duty 4\iw3mp.exe () [File not signed]
FirewallRules: [UDP Query User{9F3BB0AF-C674-4C6E-A8BD-7FA3CEBFB0A9}D:\steam\steamapps\common\call of duty 4\iw3mp.exe] => (Allow) D:\steam\steamapps\common\call of duty 4\iw3mp.exe () [File not signed]
FirewallRules: [{FE205834-859A-4ED9-9567-641B58588E2F}] => (Allow) D:\Steam\steamapps\common\BreachAndClear\bnc.exe () [File not signed]
FirewallRules: [{80684978-F7CD-48E4-A0DA-32F5741D1808}] => (Allow) D:\Steam\steamapps\common\BreachAndClear\bnc.exe () [File not signed]
FirewallRules: [TCP Query User{5377D63A-3270-4D5B-8987-FD59FF122CAD}D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe (Activision Publishing Inc -> )
FirewallRules: [UDP Query User{3A155CD7-17C6-4332-A67C-813EC084E2C3}D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Allow) D:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe (Activision Publishing Inc -> )
FirewallRules: [{F297A0DB-98ED-4E09-A6F6-A1C9DF47A4F5}] => (Allow) D:\Steam\steamapps\common\Nongunz\nw.exe (The NWJS Community) [File not signed]
FirewallRules: [{44329D91-96B3-4512-8536-5B08AF5AC11A}] => (Allow) D:\Steam\steamapps\common\Nongunz\nw.exe (The NWJS Community) [File not signed]
FirewallRules: [{9F391D49-C653-4EB3-BA64-4542C4C2BC2B}] => (Allow) D:\Steam\steamapps\common\Apotheon\Apotheon.exe (Microsoft) [File not signed]
FirewallRules: [{8FE9B027-B880-4AC5-803C-2BE7A02508DB}] => (Allow) D:\Steam\steamapps\common\Apotheon\Apotheon.exe (Microsoft) [File not signed]
FirewallRules: [{DBC1E34A-2F9F-4C7E-AA4C-8BA69C83BC60}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{900B750B-4ED4-4615-AA8C-DAFF3AE88F6E}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{1E9B4FB7-6053-4843-BB87-20F9EA81A486}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{C24B8C73-2A22-4883-9A34-247129E70EBA}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{7465F3FE-5018-4B9E-A647-45B3B17F242A}] => (Allow) D:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{94CE60EE-0F8D-4ADC-8EC2-ED92198E2BFC}] => (Allow) D:\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games) [File not signed]
FirewallRules: [{B64E4D6E-A903-4AC6-B7AD-BAD001B94CEE}] => (Allow) D:\Steam\steamapps\common\Jazzpunk\windows\jazzpunk.exe () [File not signed]
FirewallRules: [{61B5CB95-2DC0-4893-9AC2-FA1B6334BED6}] => (Allow) D:\Steam\steamapps\common\Jazzpunk\windows\jazzpunk.exe () [File not signed]
FirewallRules: [{7B90095E-311E-46D5-A738-D2C34FDDDC96}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{1C409009-C390-467B-AA16-C3C843498F5B}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{EF38FCD3-57E9-4E7E-9EEA-3E83941FA240}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{52AA429A-3B0D-4CB0-BE3F-87BDF253C26A}] => (Allow) D:\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{5C22ECB5-3527-421A-943D-AB280DB78285}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{34BE0278-FBA2-4AFE-8930-96F097511D4B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A1A1DF67-DC37-4B18-83C6-EE86E9E9D0A8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{6D9DD995-C25E-486F-AFF0-09C396388284}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{697BB961-0F54-4CB3-957E-72F81C13D29C}] => (Allow) D:\Steam\steamapps\common\The Warlock of Firetop Mountain\The Warlock of Firetop Mountain.exe () [File not signed]
FirewallRules: [{5EE86ECE-5161-45AA-B947-4BDDD381DC0B}] => (Allow) D:\Steam\steamapps\common\The Warlock of Firetop Mountain\The Warlock of Firetop Mountain.exe () [File not signed]
FirewallRules: [{DD72FD99-FF85-49E3-BB44-1F1A703B1038}] => (Allow) D:\Steam\steamapps\common\Ys The Oath in Felghana\ysf_win_dx9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{5C97BCC6-C9F3-4BE0-8932-886657DE0DFC}] => (Allow) D:\Steam\steamapps\common\Ys The Oath in Felghana\ysf_win_dx9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{BA8B37CB-8BED-4186-836B-40E33633F899}] => (Allow) D:\Steam\steamapps\common\Ys The Oath in Felghana\config_dx9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{516E384E-187A-4525-99DD-8C13C73201A9}] => (Allow) D:\Steam\steamapps\common\Ys The Oath in Felghana\config_dx9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{3B7DD61F-4DD0-425A-B2EF-5D5DF1900649}] => (Allow) D:\Steam\steamapps\common\Ys The Oath in Felghana\ysf_win.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{04807793-82BF-4D3A-8258-6FADA1EA5795}] => (Allow) D:\Steam\steamapps\common\Ys The Oath in Felghana\ysf_win.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{9A8D1761-6798-481F-A570-2C69545D64CD}] => (Allow) D:\Steam\steamapps\common\Ys The Oath in Felghana\config.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{BCD9BEDA-18D0-4729-8632-013D9C8DED66}] => (Allow) D:\Steam\steamapps\common\Ys The Oath in Felghana\config.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{157CF2B0-D60F-4210-A90C-BD6FE399C790}] => (Allow) D:\Steam\steamapps\common\SavantAscent\Savant_Ascent.exe (D-Pad Studio) [File not signed]
FirewallRules: [{086E6E38-6E7D-47EC-B517-10B9D0A0DA1A}] => (Allow) D:\Steam\steamapps\common\SavantAscent\Savant_Ascent.exe (D-Pad Studio) [File not signed]
FirewallRules: [{467DC77C-48E4-4689-8271-19639BB20508}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{930274C7-6701-43C1-A96B-16EA0E37CEF8}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{B327BC01-4D05-4953-B750-8BAD42AB3E36}] => (Allow) D:\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe (Zenith Blue) [File not signed]
FirewallRules: [{C97C4DAF-1AD3-4B1D-8266-4F8DA693D42C}] => (Allow) D:\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe (Zenith Blue) [File not signed]
FirewallRules: [{05E19ED8-C129-4CC0-8802-069034114C16}] => (Allow) D:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC) [File not signed]
FirewallRules: [{D24F3E66-3D61-446A-A9C9-7D8557E31A55}] => (Allow) D:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe (Hopoo Games, LLC) [File not signed]
FirewallRules: [{28B4B356-CFE5-4FA2-883C-538A4BF5A0E0}] => (Allow) D:\Steam\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{1498D5A9-3CDE-42BF-94DD-31D19C409D63}] => (Allow) D:\Steam\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{5D47A44B-C4B0-4CDA-AF9A-B063452E922B}] => (Allow) D:\Steam\steamapps\common\FINAL FANTASY TYPE-0 HD\fftype0hdlauncher.exe (SQUARE ENIX) [File not signed]
FirewallRules: [{69ED042E-C591-45E4-829C-34D774C1D8D8}] => (Allow) D:\Steam\steamapps\common\FINAL FANTASY TYPE-0 HD\fftype0hdlauncher.exe (SQUARE ENIX) [File not signed]
FirewallRules: [{A020BC37-F87F-44B0-91F4-C8531168C45E}] => (Allow) D:\Steam\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe () [File not signed]
FirewallRules: [{39A7A206-0297-4A10-B5E1-63E298866619}] => (Allow) D:\Steam\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe () [File not signed]
FirewallRules: [{3DD9D338-2121-4F35-A19C-E94025E59C65}] => (Allow) D:\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{3F177611-D609-40FF-A214-8B435D269C9F}] => (Allow) D:\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{95C7C5BA-9AEF-48FD-AE37-7C9DB7634ECA}] => (Allow) D:\Steam\steamapps\common\Adventures Of Shuggy\Shuggy.exe (Smudged Cat) [File not signed]
FirewallRules: [{69127DB8-41F3-425B-A48A-AB2327B4142A}] => (Allow) D:\Steam\steamapps\common\Adventures Of Shuggy\Shuggy.exe (Smudged Cat) [File not signed]
FirewallRules: [{87EA4559-CDD0-4B5E-B946-D5132C603CB9}] => (Allow) D:\Steam\steamapps\common\Flockers\Flockers.exe () [File not signed]
FirewallRules: [{9849C37C-61D5-424D-A030-40CC623F825B}] => (Allow) D:\Steam\steamapps\common\Flockers\Flockers.exe () [File not signed]
FirewallRules: [{0B2B0B8B-6342-4DF5-8F36-6ACAB8E7A3CC}] => (Allow) D:\Steam\steamapps\common\Deadly30\Deadly30.exe (Headup Games) [File not signed]
FirewallRules: [{6F87DB0B-3EF7-4691-A146-4C610F4B81CC}] => (Allow) D:\Steam\steamapps\common\Deadly30\Deadly30.exe (Headup Games) [File not signed]
FirewallRules: [{7C30918C-D1FE-4086-A154-B7A04B3471B6}] => (Allow) D:\Steam\steamapps\common\QP Shooting - Dangerous\QP Shooting.exe () [File not signed]
FirewallRules: [{BA539486-6B78-411D-B919-9F8B9FF960D3}] => (Allow) D:\Steam\steamapps\common\QP Shooting - Dangerous\QP Shooting.exe () [File not signed]
FirewallRules: [{125C396C-D892-4AB8-B532-A94CDEF5DBFC}] => (Allow) D:\Steam\steamapps\common\Grandia II Anniversary Edition\grandia2.exe (Sickhead Games, LLC) [File not signed]
FirewallRules: [{F45FCFEE-BE2D-49B4-8CC9-68060BCD93BE}] => (Allow) D:\Steam\steamapps\common\Grandia II Anniversary Edition\grandia2.exe (Sickhead Games, LLC) [File not signed]
FirewallRules: [{AAC3A6A0-CB7B-4365-88B7-8FD31D5D23FB}] => (Allow) D:\Steam\steamapps\common\Grandia II Anniversary Edition\Grandia2Launcher.exe (Sickhead Games, LLC) [File not signed]
FirewallRules: [{A47F6025-687D-4FCB-97B1-543DBF2202CA}] => (Allow) D:\Steam\steamapps\common\Grandia II Anniversary Edition\Grandia2Launcher.exe (Sickhead Games, LLC) [File not signed]
FirewallRules: [{01100099-D75B-4AF6-AC7F-2621BAED639F}] => (Allow) D:\Steam\steamapps\common\Scoregasm\Scoregasm.exe () [File not signed]
FirewallRules: [{7A336405-47AB-43F6-B591-9A9836F774B4}] => (Allow) D:\Steam\steamapps\common\Scoregasm\Scoregasm.exe () [File not signed]
FirewallRules: [{0BC66462-5BC1-4590-9305-CF4B7C37449F}] => (Allow) D:\Steam\steamapps\common\Portal Stories Mel\portal2.exe () [File not signed]
FirewallRules: [{11F8F675-E665-43F4-8587-D61A9DCC71D4}] => (Allow) D:\Steam\steamapps\common\Portal Stories Mel\portal2.exe () [File not signed]
FirewallRules: [{D0CCC149-812F-4E91-9B82-EB02B557E48D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B5265E7D-20F8-409F-94C5-4CEED42CA6D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F4A91F77-01A6-4502-B930-6013CDCF47E3}] => (Allow) D:\Steam\steamapps\common\Jedi Outcast\GameData\jk2sp.exe () [File not signed]
FirewallRules: [{83F1D220-7810-4853-9970-17330D92266E}] => (Allow) D:\Steam\steamapps\common\Jedi Outcast\GameData\jk2sp.exe () [File not signed]
FirewallRules: [{891E39A1-A49A-4DB4-9F34-5A52BFB6A958}] => (Allow) D:\Steam\steamapps\common\Jedi Outcast\GameData\jk2mp.exe () [File not signed]
FirewallRules: [{3A78E110-DCA4-44A8-B178-5C986F0BC139}] => (Allow) D:\Steam\steamapps\common\Jedi Outcast\GameData\jk2mp.exe () [File not signed]
FirewallRules: [{F25EA29D-631C-4568-91C9-23B72586637A}] => (Allow) D:\Steam\steamapps\common\swkotor\swkotor.exe (BioWare Corp.) [File not signed]
FirewallRules: [{9F2FF809-E617-4686-9BB5-FFF34D3F9B4F}] => (Allow) D:\Steam\steamapps\common\swkotor\swkotor.exe (BioWare Corp.) [File not signed]
FirewallRules: [{B6BFCB2A-4942-4F3E-A64A-DBF62AC61A87}] => (Allow) D:\Steam\steamapps\common\cave story+\CaveStory+.exe () [File not signed]
FirewallRules: [{96EAE75E-E269-421F-AE12-E5E9F02D598E}] => (Allow) D:\Steam\steamapps\common\cave story+\CaveStory+.exe () [File not signed]
FirewallRules: [{F7CD0B18-419F-42E3-B0C5-BA11993FC30C}] => (Allow) D:\Steam\steamapps\common\TheDarkEye Cos\satinav.exe (Daedalic Entertainment) [File not signed]
FirewallRules: [{6006B879-EB37-413F-A2CF-78F89B21FD51}] => (Allow) D:\Steam\steamapps\common\TheDarkEye Cos\satinav.exe (Daedalic Entertainment) [File not signed]
FirewallRules: [{914C1771-C176-4AAA-8CAD-1037FAB92F1A}] => (Allow) D:\Steam\steamapps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe (Daedalic Entertainment) [File not signed]
FirewallRules: [{5914E5C8-48F4-480E-B8D0-F2E861921336}] => (Allow) D:\Steam\steamapps\common\TheDarkEye Cos\VisionaireConfigurationTool.exe (Daedalic Entertainment) [File not signed]
FirewallRules: [{517D2F06-B0B5-45F7-9FB3-6CF7265D4161}] => (Allow) D:\Steam\steamapps\common\Gunpoint\Gunpoint.exe () [File not signed]
FirewallRules: [{6D488DF4-118F-49AC-A3A3-1791AFD536C1}] => (Allow) D:\Steam\steamapps\common\Gunpoint\Gunpoint.exe () [File not signed]
FirewallRules: [{0B2B51EC-9992-4322-95DA-1F21442548AF}] => (Allow) D:\Steam\steamapps\common\they bleed pixels\They Bleed Pixels PC.exe () [File not signed]
FirewallRules: [{15E33860-E18E-4071-8001-EB961201898B}] => (Allow) D:\Steam\steamapps\common\they bleed pixels\They Bleed Pixels PC.exe () [File not signed]
FirewallRules: [{3889F17C-E4BE-4834-A612-DBE9C47A2433}] => (Allow) D:\Steam\steamapps\common\Speedball 2 HD\Speedball2_steam.exe () [File not signed]
FirewallRules: [{A9529CE9-32B3-40E6-B497-D878D69CD4F4}] => (Allow) D:\Steam\steamapps\common\Speedball 2 HD\Speedball2_steam.exe () [File not signed]
FirewallRules: [{A88BFF68-49D8-4163-9A29-B8D60C7A4140}] => (Allow) D:\Steam\steamapps\common\OlliOlli\bin\olliolli.exe (7Roll) [File not signed]
FirewallRules: [{EDCCCA7D-7CA9-4C30-A8A1-BE071D74E224}] => (Allow) D:\Steam\steamapps\common\OlliOlli\bin\olliolli.exe (7Roll) [File not signed]
FirewallRules: [{415AD2F2-1AE7-44B8-BAC5-7668E63A7E23}] => (Allow) D:\Steam\steamapps\common\Titan Souls\TITAN.exe () [File not signed]
FirewallRules: [{919052AA-B7FD-4202-B116-78FD44474E5E}] => (Allow) D:\Steam\steamapps\common\Titan Souls\TITAN.exe () [File not signed]
FirewallRules: [{05534B39-16B2-4B44-9E97-FA4D909DEB71}] => (Allow) D:\Origin Games\Titanfall2\Titanfall2.exe (Respawn Entertainment, LLC -> Respawn Entertainment)
FirewallRules: [{089AAC12-EA96-4187-8A74-37E2D74F1C08}] => (Allow) D:\Origin Games\Titanfall2\Titanfall2.exe (Respawn Entertainment, LLC -> Respawn Entertainment)
FirewallRules: [{4BB90E7C-B417-4946-92D1-560DC626EB5D}] => (Allow) D:\Origin Games\Titanfall2\Titanfall2_trial.exe (Respawn Entertainment, LLC -> Respawn Entertainment)
FirewallRules: [{ABCD0754-816F-4216-B7B6-B441C50E53D0}] => (Allow) D:\Origin Games\Titanfall2\Titanfall2_trial.exe (Respawn Entertainment, LLC -> Respawn Entertainment)
FirewallRules: [{EE6424D5-B159-4901-891D-2E0FA17E3C45}] => (Allow) D:\Steam\steamapps\common\99 Spirits\99 Spirits.eXe () [File not signed]
FirewallRules: [{E664DF44-3CCC-4EF1-AC7E-B5789BEDB076}] => (Allow) D:\Steam\steamapps\common\99 Spirits\99 Spirits.eXe () [File not signed]
FirewallRules: [{CCB6BD45-DDCA-47B2-A211-BE2938ED5982}] => (Allow) D:\Steam\steamapps\common\Gems of War\GemsOfWar.exe () [File not signed]
FirewallRules: [{EFDC785E-70DD-496D-B23A-AE2157A6A4F0}] => (Allow) D:\Steam\steamapps\common\Gems of War\GemsOfWar.exe () [File not signed]
FirewallRules: [{4DA2BFF5-E1E1-4A5F-9330-3AA83B610A0A}] => (Allow) D:\Steam\steamapps\common\Acceleration of SUGURI 2\aos2.exe () [File not signed]
FirewallRules: [{CA85BFFA-5413-4D38-97C8-C57E159815E4}] => (Allow) D:\Steam\steamapps\common\Acceleration of SUGURI 2\aos2.exe () [File not signed]
FirewallRules: [{FFD17021-7910-4969-8377-304F7D355390}] => (Allow) D:\Steam\steamapps\common\The Pillars of the Earth\pillars.exe (Daedalic Entertainment GmbH) [File not signed]
FirewallRules: [{A804BE1B-C4B0-444E-A7F6-4B03583EA897}] => (Allow) D:\Steam\steamapps\common\The Pillars of the Earth\pillars.exe (Daedalic Entertainment GmbH) [File not signed]
FirewallRules: [{522D2B73-422B-433D-A470-3BDA37F3CA1F}] => (Allow) D:\Steam\steamapps\common\YookaLaylee\YookaLaylee64.exe () [File not signed]
FirewallRules: [{81AADB1C-7F55-4120-A3E0-F5D504F5D176}] => (Allow) D:\Steam\steamapps\common\YookaLaylee\YookaLaylee64.exe () [File not signed]
FirewallRules: [{B555DD8D-1C9A-4B28-A2CC-DA45F3E09182}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe (NADEO -> )
FirewallRules: [{4F67C03B-E45B-4AE3-8047-FD79AB3252F7}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe (NADEO -> )
FirewallRules: [{53CFF522-0471-454E-A99B-3969973AAF97}] => (Allow) D:\Steam\steamapps\common\Enslaved\Binaries\Win32\Enslaved.exe () [File not signed]
FirewallRules: [{E092DC19-D19F-43F6-BA43-82EC2D665DCF}] => (Allow) D:\Steam\steamapps\common\Enslaved\Binaries\Win32\Enslaved.exe () [File not signed]
FirewallRules: [{052CEAF6-203E-4F24-B5F4-0011C1C77BED}] => (Allow) D:\Steam\steamapps\common\Sunrider\SunriderMaskofArcadius-Steam.exe () [File not signed]
FirewallRules: [{D093E3B8-4186-4564-B580-50635D1E4959}] => (Allow) D:\Steam\steamapps\common\Sunrider\SunriderMaskofArcadius-Steam.exe () [File not signed]
FirewallRules: [{A5AC8B1B-11DB-4FC1-8865-B5F0DD5ADA31}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{56058DB1-570B-4CA4-8770-B209E4DA2E4F}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{32E67787-BEC0-4D1B-8C9F-737CEFA9F760}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{67A679DD-BF8F-4309-95A9-2EF451F7F78F}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\starbound_server.exe () [File not signed]
FirewallRules: [{13E0AE7B-5F7D-4E46-AAA7-136ADD78FE5E}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{BA491A45-256F-486C-84E3-834F395327DF}] => (Allow) D:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe () [File not signed]
FirewallRules: [{69F68AC4-0ECF-4282-82BD-79877A1FE327}] => (Allow) D:\Steam\steamapps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{CDEB9D99-0D79-4470-9F8C-6611B2D74778}] => (Allow) D:\Steam\steamapps\common\Starbound\win32\starbound.exe (Chucklefish LTD) [File not signed]
FirewallRules: [{F60BB63D-268A-4BFE-8F72-52C3D33DFAF4}] => (Allow) D:\Steam\steamapps\common\Quest for Infamy\QFI.exe (Infamous Quests) [File not signed]
FirewallRules: [{2C52A5FB-1E07-40D3-A060-4E13B8F70411}] => (Allow) D:\Steam\steamapps\common\Quest for Infamy\QFI.exe (Infamous Quests) [File not signed]
FirewallRules: [{B85D95BC-6E54-4053-9BFF-FA47D872C39F}] => (Allow) D:\Steam\steamapps\common\Quest for Infamy\winsetupQFI.exe (Infamous Quests) [File not signed]
FirewallRules: [{BC80A145-4E8B-4789-BC6B-F6537A684866}] => (Allow) D:\Steam\steamapps\common\Quest for Infamy\winsetupQFI.exe (Infamous Quests) [File not signed]
FirewallRules: [{EACF2FD6-3151-4321-909E-54C51A080CA8}] => (Allow) D:\Steam\steamapps\common\TxP\TormentorXPunisher.exe () [File not signed]
FirewallRules: [{85990DFA-E436-4C75-B720-B21EFDCF27BE}] => (Allow) D:\Steam\steamapps\common\TxP\TormentorXPunisher.exe () [File not signed]
FirewallRules: [{5A651C14-A736-4659-B5BF-E7A4B38B0FA1}] => (Allow) D:\Steam\steamapps\common\Teslagrad\Teslagrad.exe () [File not signed]
FirewallRules: [{B5AF4EF2-A455-497E-A2F9-9A01AD16BA17}] => (Allow) D:\Steam\steamapps\common\Teslagrad\Teslagrad.exe () [File not signed]
FirewallRules: [{36374402-0DE1-4E57-892B-771FC38A3CBB}] => (Allow) D:\Steam\steamapps\common\Transistor\x64\Transistor.exe (Supergiant Games, LLC) [File not signed]
FirewallRules: [{A6D6FDAA-4991-4911-BBBA-F417C4179CD1}] => (Allow) D:\Steam\steamapps\common\Transistor\x64\Transistor.exe (Supergiant Games, LLC) [File not signed]
FirewallRules: [TCP Query User{01AB9233-C760-4C5C-901D-C785ABEF868E}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{D753D2A0-D5B6-4DA2-A3B4-CCE3585EF2E9}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [{89315B2F-F014-4A84-B1BB-0C502F2AB131}] => (Allow) D:\Steam\steamapps\common\Furi\Furi.exe () [File not signed]
FirewallRules: [{8A8E4E9C-BFD0-448C-8E2B-34BAB8AD9323}] => (Allow) D:\Steam\steamapps\common\Furi\Furi.exe () [File not signed]
FirewallRules: [{27903452-9600-4F09-8FE8-6171F7A86141}] => (Allow) D:\Steam\steamapps\common\Dead Cells\deadcells.exe () [File not signed]
FirewallRules: [{E799912D-CDF6-475D-9403-A83C4C8B5F52}] => (Allow) D:\Steam\steamapps\common\Dead Cells\deadcells.exe () [File not signed]
FirewallRules: [{7FD06EBC-EE24-4836-9480-737FD80D6AF3}] => (Allow) D:\Steam\steamapps\common\Dead Cells\deadcells_gl.exe () [File not signed]
FirewallRules: [{56C47D30-A749-4D8E-86F6-BE7BEFFC38E4}] => (Allow) D:\Steam\steamapps\common\Dead Cells\deadcells_gl.exe () [File not signed]
FirewallRules: [{11B95321-DA7E-4CC7-B9D2-370F406C43A5}] => (Allow) D:\Steam\steamapps\common\Celeste\Celeste.exe (Matt Makes Games) [File not signed]
FirewallRules: [{3DFD0CEE-E643-464B-BA26-2C56DB08A1D6}] => (Allow) D:\Steam\steamapps\common\Celeste\Celeste.exe (Matt Makes Games) [File not signed]
FirewallRules: [{17349CEF-9A18-4792-8C9F-12800466D413}] => (Allow) D:\Steam\steamapps\common\Super Star\game.exe () [File not signed]
FirewallRules: [{2D28497C-2332-46F3-9EDB-04C7BA751D3E}] => (Allow) D:\Steam\steamapps\common\Super Star\game.exe () [File not signed]
FirewallRules: [{7FDF81C4-83AD-45E6-8194-62436C2D81E5}] => (Allow) D:\Steam\steamapps\common\Mirror\game.exe () [File not signed]
FirewallRules: [{3CB65845-D4AF-4F51-A969-4F03410C00B2}] => (Allow) D:\Steam\steamapps\common\Mirror\game.exe () [File not signed]
FirewallRules: [{416DFEC3-47F4-4CFC-A80E-D5C1595CE79D}] => (Allow) D:\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (id Software) [File not signed]
FirewallRules: [{B27AFD7E-30E0-4187-817C-17A68D531219}] => (Allow) D:\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (id Software) [File not signed]
FirewallRules: [{BFF414E5-9772-43F0-9552-A2AFEC775944}] => (Allow) D:\Steam\steamapps\common\Full Spectrum Warrior\Launcher.exe () [File not signed]
FirewallRules: [{5E482732-CF77-4534-85E7-1A29E146C256}] => (Allow) D:\Steam\steamapps\common\Full Spectrum Warrior\Launcher.exe () [File not signed]
FirewallRules: [{FA6DE1C6-77F6-4441-AB61-13EF35767CD0}] => (Allow) D:\Steam\steamapps\common\Yakuza 0\media\Yakuza0.exe () [File not signed]
FirewallRules: [{51E9C689-02E1-4E76-B5CE-16B983DC0964}] => (Allow) D:\Steam\steamapps\common\Yakuza 0\media\Yakuza0.exe () [File not signed]
FirewallRules: [{BF683460-7BB4-4266-963C-3373513214F5}] => (Allow) D:\Steam\steamapps\common\Fire Prowrestling World\FireProWrestlingW.exe () [File not signed]
FirewallRules: [{BAD2EF22-92BC-4110-AB95-67B7B86F8746}] => (Allow) D:\Steam\steamapps\common\Fire Prowrestling World\FireProWrestlingW.exe () [File not signed]
FirewallRules: [{A3354C36-61FC-457D-A6A3-C9EC0512C96E}] => (Allow) D:\Steam\steamapps\common\Resident Evil 5\Launcher.exe (maluc) [File not signed]
FirewallRules: [{28F3E4AD-5F56-4D17-B2B1-262BFCEE0A62}] => (Allow) D:\Steam\steamapps\common\Resident Evil 5\Launcher.exe (maluc) [File not signed]
FirewallRules: [{E99DCD78-0D7E-4E59-B669-43A7DF0A05AF}] => (Allow) D:\Steam\steamapps\common\YDKJ_TV\YDKJVT.EXE () [File not signed]
FirewallRules: [{205B7FAD-1E63-4D7F-B9F3-BF471D2BE45C}] => (Allow) D:\Steam\steamapps\common\YDKJ_TV\YDKJVT.EXE () [File not signed]
FirewallRules: [{1FBD373A-F707-4D82-8E36-474AB57AFC02}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1D41D787-2629-47FB-87F2-C7DCBD4B6D21}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C43B2FC7-F90A-4585-B7C9-427F11113005}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> Ubisoft)
FirewallRules: [{EB10AEDC-11D4-405E-8BD2-1346C0635168}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> Ubisoft)
FirewallRules: [{034BB09F-2BC4-4BB8-B59F-2311A339CB08}] => (Allow) D:\Steam\steamapps\common\InvisibleInc\invisibleinc.exe () [File not signed]
FirewallRules: [{312F6D39-DD52-4DFA-88EC-D02C9AEEF641}] => (Allow) D:\Steam\steamapps\common\InvisibleInc\invisibleinc.exe () [File not signed]
FirewallRules: [{8B05A966-29C9-4518-B7DD-B4C251C31335}] => (Allow) D:\Steam\steamapps\common\Anno 1404\Addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [{B6440BB4-DF5F-42AF-BA68-B34DEFF93C04}] => (Allow) D:\Steam\steamapps\common\Anno 1404\Addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [{DC1894AD-317F-4739-A9B3-5ACE74687F1F}] => (Allow) D:\Steam\steamapps\common\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{8DCCE034-CFF5-4F16-83D4-4794C3D37CD8}] => (Allow) D:\Steam\steamapps\common\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{601B5B8E-C4EF-4693-A798-26AFEE0C392E}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{CEBB1FD8-A558-44C3-91F2-B17DB3D3B871}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{18BBD73E-71D9-4648-BF44-1DA1D9BF5DDD}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{624DC761-6324-4950-A2F1-5C5AE2EA89B0}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{D2C35274-3380-443E-A300-A68DE81A8C8A}] => (Allow) D:\Steam\steamapps\common\Frozen Synapse\FrozenSynapse.exe () [File not signed]
FirewallRules: [{325C8C63-CD2B-4DBE-8C79-70404E8B60FD}] => (Allow) D:\Steam\steamapps\common\Frozen Synapse\FrozenSynapse.exe () [File not signed]
FirewallRules: [{9BCD390C-B836-486B-B79D-E9FACD8954C0}] => (Allow) D:\Steam\steamapps\common\Beholder\Beholder.exe () [File not signed]
FirewallRules: [{41A2A273-1666-423F-A260-312A7EC80A05}] => (Allow) D:\Steam\steamapps\common\Beholder\Beholder.exe () [File not signed]
FirewallRules: [{AA3B786A-72F6-4D6E-BA92-8C371D206277}] => (Allow) D:\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe (Frontier Developments) [File not signed]
FirewallRules: [{B79C7571-5A4F-4B92-ADE3-28728DD417F3}] => (Allow) D:\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe (Frontier Developments) [File not signed]
FirewallRules: [{EAE140D5-2FF1-4712-8EB8-1B89A2EF1F9D}] => (Allow) G:\SteamLibrary\steamapps\common\FINAL FANTASY XV\ffxv_s.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO.,Ltd.)
FirewallRules: [{E0C0D42F-B482-405A-8AF8-79E407C0D6D5}] => (Allow) G:\SteamLibrary\steamapps\common\FINAL FANTASY XV\ffxv_s.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO.,Ltd.)
FirewallRules: [{8270A99B-F133-4F13-B579-5213EE585992}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeons 3\Dungeons3.exe () [File not signed]
FirewallRules: [{47B559D8-4F97-4BCE-85B4-E7092E9E7B5E}] => (Allow) G:\SteamLibrary\steamapps\common\Dungeons 3\Dungeons3.exe () [File not signed]
FirewallRules: [{00379B9E-671A-42CA-9AE3-EE812E28CEC3}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{9E949AF9-3135-4DB2-B1FC-FE28AB536DB8}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{48D8A4A9-E1D4-4008-A1F8-3388AA5E4AA4}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{30DD0D1A-102B-4F07-BC79-91632667E2FA}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{9E096186-0EAC-4C50-BD28-0268D181A080}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG Corporation) [File not signed]
FirewallRules: [{88D20589-902E-42D1-B19A-86B523497664}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG Corporation) [File not signed]
FirewallRules: [{D6DE9F48-3862-45F4-91D3-002AD7A772E4}] => (Allow) G:\SteamLibrary\steamapps\common\PRO EVOLUTION SOCCER 2018\PES2018.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{59088E27-8307-4F3D-9ACB-F83898D8EC27}] => (Allow) G:\SteamLibrary\steamapps\common\PRO EVOLUTION SOCCER 2018\PES2018.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{FCD6F9E9-75F4-4744-9344-282E587694D4}] => (Allow) G:\SteamLibrary\steamapps\common\SIMULACRA\simulacra.exe (Kaigan Games OÜ) [File not signed]
FirewallRules: [{EEE62A1C-857C-4C49-961D-B5A490C88627}] => (Allow) G:\SteamLibrary\steamapps\common\SIMULACRA\simulacra.exe (Kaigan Games OÜ) [File not signed]
FirewallRules: [{D11D3D27-CECC-440B-B7A6-E465A8206EEB}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{34ED8401-6E1D-472F-9F16-2DA64F9B68B2}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{53A980A3-8CF0-4D2A-84BF-6CC72DA879DB}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{BEB30679-A5C1-4ADE-BFD4-6B8EEC20AC06}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{16A0673C-4A54-4114-B142-BE1007C13727}] => (Allow) G:\SteamLibrary\steamapps\common\Hitman™\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{FC6EF670-9A13-4021-B3DD-8DF23A5EA366}] => (Allow) G:\SteamLibrary\steamapps\common\Hitman™\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{3C07F868-531D-47B9-BF30-277A822B667C}] => (Allow) D:\Steam\steamapps\common\super meat boy\SuperMeatBoy.exe () [File not signed]
FirewallRules: [{3BD597EF-F42F-4844-83E4-5308CD724D69}] => (Allow) D:\Steam\steamapps\common\super meat boy\SuperMeatBoy.exe () [File not signed]
FirewallRules: [{AE48C34A-4A83-45F8-9A94-7291C7425BAA}] => (Allow) G:\SteamLibrary\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{5A0F5660-1DCC-47E9-A7B7-4406CD716C2F}] => (Allow) G:\SteamLibrary\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [TCP Query User{178DA580-B84C-46C2-B785-E1E3B14E4EFB}G:\call of duty black ops 4\blackops4.exe] => (Allow) G:\call of duty black ops 4\blackops4.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User{ABC4CD39-987F-436D-BCE9-1E1DB0ACD038}G:\call of duty black ops 4\blackops4.exe] => (Allow) G:\call of duty black ops 4\blackops4.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [{BD05D65B-11E4-4F50-A93A-348060D06561}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [{50F6AF2A-6BC1-4996-9838-E91159E3B7D0}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [{9F8CF13E-4173-43C8-BE9B-DAD6D66699B7}] => (Allow) D:\Steam\steamapps\common\Eternal Senia\Game.exe () [File not signed]
FirewallRules: [{575723C8-5D50-44E2-9A47-F77CE9A7E34F}] => (Allow) D:\Steam\steamapps\common\Eternal Senia\Game.exe () [File not signed]
FirewallRules: [{FD4377DA-6A6C-4386-A469-4C6AD3047F35}] => (Allow) G:\SteamLibrary\steamapps\common\super house of dead ninjas\SHODN.exe () [File not signed]
FirewallRules: [{D615C4FB-9D68-4372-BE72-E6A9DEDDCD3C}] => (Allow) G:\SteamLibrary\steamapps\common\super house of dead ninjas\SHODN.exe () [File not signed]
FirewallRules: [{235230D5-0968-45BF-A4C8-D6115F16F095}] => (Allow) G:\SteamLibrary\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{D957CB60-DEA3-4054-BD85-3A716E567373}] => (Allow) G:\SteamLibrary\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{54995C8D-B33E-4B11-AFDB-6CD04AC242CD}] => (Allow) G:\SteamLibrary\steamapps\common\Wizard of Legend\WizardOfLegend.exe () [File not signed]
FirewallRules: [{83E56CA0-3EAF-428E-8F4F-3D1DA47DB09C}] => (Allow) G:\SteamLibrary\steamapps\common\Wizard of Legend\WizardOfLegend.exe () [File not signed]
FirewallRules: [{B1ACC189-A549-4A7F-8EDE-C75B6FEA28F3}] => (Allow) D:\Steam\steamapps\common\dustforce\dustforce.exe () [File not signed]
FirewallRules: [{86BD3F55-1CD3-4C29-AE8F-5F78FBF0185A}] => (Allow) D:\Steam\steamapps\common\dustforce\dustforce.exe () [File not signed]
FirewallRules: [{A25EF74F-BA53-4C28-8B6D-879A700FA42E}] => (Allow) D:\Steam\steamapps\common\Castle of Illusion\COI.exe () [File not signed]
FirewallRules: [{068AC57E-D3BF-4839-BC00-6EC85B3DA325}] => (Allow) D:\Steam\steamapps\common\Castle of Illusion\COI.exe () [File not signed]
FirewallRules: [{1DA4014B-1418-4317-A6E0-61532691878D}] => (Allow) D:\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe (GHI Media LLC -> Croteam) [File not signed]
FirewallRules: [{C0F44201-FA96-4296-81A5-2D6207F42427}] => (Allow) D:\Steam\steamapps\common\Serious Sam 3\Bin\Sam3.exe (GHI Media LLC -> Croteam) [File not signed]
FirewallRules: [{6A589A37-3510-4DE7-A5AB-0957F5A91909}] => (Allow) D:\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe (GHI Media LLC -> Croteam) [File not signed]
FirewallRules: [{AD2F2113-B2C5-43CC-858C-1BEB31D87C21}] => (Allow) D:\Steam\steamapps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe (GHI Media LLC -> Croteam) [File not signed]
FirewallRules: [{59F8435E-B297-4699-9CB5-8D93B1C49E3F}] => (Allow) D:\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe (SEGA EUROPE LIMITED -> SEGA)
FirewallRules: [{F1116D4E-1EB2-42CD-8187-17BEE301F80E}] => (Allow) D:\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe (SEGA EUROPE LIMITED -> SEGA)
FirewallRules: [{BF85BEBF-2534-44B2-9821-1CA59048CE44}] => (Allow) D:\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe (FromSoftware,Inc. -> NAMCO BANDAI Games)
FirewallRules: [{CF6919C1-1476-4900-A819-53EAB1192A84}] => (Allow) D:\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe (FromSoftware,Inc. -> NAMCO BANDAI Games)
FirewallRules: [{BBB0FA04-EDF1-4FF4-AAF1-45A21648A2C5}] => (Allow) D:\Steam\steamapps\common\ValdisStoryAbyssalCity\Valdis_Story_AC.exe (EndlessFluff Games) [File not signed]
FirewallRules: [{42FD9A1A-DDB0-404C-BAAD-83CD40C3014A}] => (Allow) D:\Steam\steamapps\common\ValdisStoryAbyssalCity\Valdis_Story_AC.exe (EndlessFluff Games) [File not signed]
FirewallRules: [{2FE1DED8-BEB0-4883-B0C9-7CF8DB4AEACD}] => (Allow) D:\Steam\steamapps\common\REVOLVER360REACTOR\REVOLVER360REACTOR.exe () [File not signed]
FirewallRules: [{3EE43507-2001-4230-85DD-9BB46A18E61E}] => (Allow) D:\Steam\steamapps\common\REVOLVER360REACTOR\REVOLVER360REACTOR.exe () [File not signed]
FirewallRules: [{61415008-3687-430A-A96F-041DC51E717F}] => (Allow) D:\Steam\steamapps\common\TowerofGuns\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{CFEEA17A-2642-4C2C-B333-B62FB46539B7}] => (Allow) D:\Steam\steamapps\common\TowerofGuns\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{FB16B2A9-9F4C-4C46-80D8-99068E8A9DA2}] => (Allow) D:\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [File not signed]
FirewallRules: [{0F6C33BB-1C07-49C9-9289-7B81C574DC5D}] => (Allow) D:\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [File not signed]
FirewallRules: [{83C10F4C-8D0F-4CDF-8BA6-3BDF63CF8686}] => (Allow) D:\Steam\steamapps\common\Strider\Strider.exe () [File not signed]
FirewallRules: [{33F5C6CC-4ECB-4DE3-A85A-320CCAFE3098}] => (Allow) D:\Steam\steamapps\common\Strider\Strider.exe () [File not signed]
FirewallRules: [{A29AADE5-694C-453F-9AA7-993DE7D4DDAB}] => (Allow) D:\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{1E16CF78-CCBE-4A24-9AA4-1F2808DCC0FA}] => (Allow) D:\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{E0FD940F-A275-4775-93E2-21AA41B2D4F9}] => (Allow) D:\Steam\steamapps\common\Spelunky\Spelunky.exe () [File not signed]
FirewallRules: [{599CE41F-E5F9-4B34-BE74-CDBE326C064B}] => (Allow) D:\Steam\steamapps\common\Spelunky\Spelunky.exe () [File not signed]
FirewallRules: [{ABB69BC2-2921-4892-ADCB-C2F3708BC947}] => (Allow) D:\Steam\steamapps\common\Dawn of War 2\DOW2.exe (Sega Corporation) [File not signed]
FirewallRules: [{82E437A5-1B40-4F2B-A98A-CCF30A447FDF}] => (Allow) D:\Steam\steamapps\common\Dawn of War 2\DOW2.exe (Sega Corporation) [File not signed]
FirewallRules: [{A1AAA702-DC1D-4CCC-9D42-D350C065ED07}] => (Allow) D:\Steam\steamapps\common\King's Quest\Binaries\Win\KingsQuest.exe (Sierra) [File not signed]
FirewallRules: [{32983AF3-B76E-43C5-98D1-62F9641C744B}] => (Allow) D:\Steam\steamapps\common\King's Quest\Binaries\Win\KingsQuest.exe (Sierra) [File not signed]
FirewallRules: [{E43E924E-5489-4BD7-994C-6620265D9E35}] => (Allow) D:\Steam\steamapps\common\strikesuitzero\pc\main\Binary\SSZ.exe () [File not signed]
FirewallRules: [{51DC8E89-075E-4BDF-95AC-FA154AD73A20}] => (Allow) D:\Steam\steamapps\common\strikesuitzero\pc\main\Binary\SSZ.exe () [File not signed]
FirewallRules: [{EF8BD10E-A222-43C8-8DEA-23515CD80966}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{76DD7DF5-0422-4FB5-BE1D-1E02D93572D8}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe => No File
FirewallRules: [{4D485AE7-F6F7-47D6-AC93-DCAE9A7B92B2}] => (Allow) D:\Steam\steamapps\common\The Legend of Korra\LoK.exe () [File not signed]
FirewallRules: [{4A736808-3547-4E81-80F6-0016BA54E21B}] => (Allow) D:\Steam\steamapps\common\The Legend of Korra\LoK.exe () [File not signed]
FirewallRules: [{2383204E-F4C6-4329-8963-B34C6F468A5A}] => (Allow) D:\Steam\steamapps\common\Strike Suit Infinity\pc\main\Binary\SSZ.exe () [File not signed]
FirewallRules: [{B6E2B509-6056-4B6B-AAA8-FCBCA408E741}] => (Allow) D:\Steam\steamapps\common\Strike Suit Infinity\pc\main\Binary\SSZ.exe () [File not signed]
FirewallRules: [{48B0EDA8-40E4-4F0D-89C7-61D0761EE97F}] => (Allow) D:\Steam\steamapps\common\SatelliteReign\SatelliteReignWindows.exe () [File not signed]
FirewallRules: [{274B7643-4B76-4C54-B162-36AE0B8132C7}] => (Allow) D:\Steam\steamapps\common\SatelliteReign\SatelliteReignWindows.exe () [File not signed]
FirewallRules: [{6A9B3A7D-9DF4-4A91-8C0B-AC962F54D3F5}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{98F8449C-84D9-4096-93B7-8BA89949D5F7}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{0AD575B1-161F-44F8-A918-01CB2B070C25}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{5B84BAAC-BD08-4DCA-A2FC-C9CF5C11F5F3}] => (Allow) D:\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{DF1FD006-703C-4D43-8391-86F0A43EF718}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMValley\ManiaPlanetLauncher.exe (NADEO -> )
FirewallRules: [{C84174E2-9BC5-4DFC-8B18-2DA80A08E081}] => (Allow) G:\SteamLibrary\steamapps\common\ManiaPlanet_TMValley\ManiaPlanetLauncher.exe (NADEO -> )
FirewallRules: [{E2351856-8D92-49D7-8C9B-D95A77F52DDF}] => (Allow) G:\Battlefield V\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{68F1A975-26E7-4D83-BDA0-F8DB66A700F4}] => (Allow) G:\Battlefield V\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{EDACC52F-0143-4343-A125-8281E69568C8}] => (Allow) G:\Battlefield V\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{9466DA90-1D9E-415A-AE9A-BE9CD26874F4}] => (Allow) G:\Battlefield V\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{CADBC3EB-C38F-4AA1-85B7-B7609F969444}] => (Allow) D:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{CD4863EA-1482-4395-BC2E-938CC43E4482}] => (Allow) D:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe () [File not signed]
FirewallRules: [{D30DBED9-FE53-4947-AD5B-DE1FFB0A0087}] => (Allow) G:\SteamLibrary\steamapps\common\Ceville\Ceville.exe (Kalypso Media) [File not signed]
FirewallRules: [{2E917482-7228-4923-98CA-86FDDE21BDA3}] => (Allow) G:\SteamLibrary\steamapps\common\Ceville\Ceville.exe (Kalypso Media) [File not signed]
FirewallRules: [{3D207585-0203-4CE6-9917-5327272EDA4C}] => (Allow) G:\SteamLibrary\steamapps\common\One Finger Death Punch\One Finger Death Punch.exe (Silver Dollar Games) [File not signed]
FirewallRules: [{8508E8E6-94B6-4E2C-B504-0468E44916A6}] => (Allow) G:\SteamLibrary\steamapps\common\One Finger Death Punch\One Finger Death Punch.exe (Silver Dollar Games) [File not signed]
FirewallRules: [{AD071F4A-582E-4F03-8B3E-86D67482EA97}] => (Allow) G:\SteamLibrary\steamapps\common\Read Only Memories\ROM.exe () [File not signed]
FirewallRules: [{9F7AAD0F-2C68-4041-9F1B-911B3C72A2A4}] => (Allow) G:\SteamLibrary\steamapps\common\Read Only Memories\ROM.exe () [File not signed]
FirewallRules: [{AFFA7E81-9069-41E7-A23E-B7DD7829AB15}] => (Allow) G:\SteamLibrary\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{F7988CA6-E000-456D-9A4C-1B9CB0C99E6C}] => (Allow) G:\SteamLibrary\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{ED9EBDAD-EC1E-464F-8DD0-DDFFA553B401}] => (Allow) G:\SteamLibrary\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{ACA2F386-1516-4211-B001-47CD09B2BE2B}] => (Allow) G:\SteamLibrary\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{2D7EBD14-C08C-40E3-A6F1-E4949E91E681}] => (Allow) G:\SteamLibrary\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{D93731FF-92F9-49CA-A301-992C2857A73B}] => (Allow) G:\SteamLibrary\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{F449620F-094E-4DBE-BDD7-D24AF03BD174}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{2C819BE6-0896-4468-9EA4-3B7FBF93E343}] => (Allow) G:\No Mans Sky\7launcher\tools\aria2\aria2c.exe (Rainsky Evgeny Valeryevich -> )
FirewallRules: [{887CBC05-7810-47C3-B5E2-AC4077AB45FE}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{9319E04F-2A84-48A2-98D3-0F1B0745CC21}] => (Allow) G:\No Mans Sky\Run_NMS.exe (IP Rainskiy Dmitriy Valeryevich -> SE7EN Solutions, Ltd.)
FirewallRules: [{F7E27FDC-65DB-41A4-AE98-597B41382E57}] => (Allow) G:\SteamLibrary\steamapps\common\Beat Hazard 2\BeatHazard2.exe () [File not signed]
FirewallRules: [{89928529-D817-4DF9-9E94-56CE12D04669}] => (Allow) G:\SteamLibrary\steamapps\common\Beat Hazard 2\BeatHazard2.exe () [File not signed]
FirewallRules: [{5FFF8951-79AB-4D5A-B5EB-DF4C25CFF81D}] => (Allow) G:\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe (Brace Yourself Games (Transcendsense Technologies Inc) -> )
FirewallRules: [{C313FB4D-295F-4CA1-9474-6A3B9A84D6DC}] => (Allow) G:\SteamLibrary\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe (Brace Yourself Games (Transcendsense Technologies Inc) -> )
FirewallRules: [TCP Query User{3EFC64AA-130A-4BA1-8961-42A2CBF24806}G:\kingdom come deliverance - royal ed\bin\win64\kingdomcome.exe] => (Allow) G:\kingdom come deliverance - royal ed\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{5513FA51-B6D6-4714-AEF3-BC57A35F618C}G:\kingdom come deliverance - royal ed\bin\win64\kingdomcome.exe] => (Allow) G:\kingdom come deliverance - royal ed\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{070DE79A-A78E-4625-80F7-2E2D31AA34E3}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe (GHI Media LLC -> Croteam)
FirewallRules: [{32F8B423-0CF1-468A-B116-D0A20CCBEAFB}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos.exe (GHI Media LLC -> Croteam)
FirewallRules: [{F54C5617-4EC4-4ACF-9BA0-A8ED5BAA5118}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{6C872667-A8F9-4B09-8DA4-95600020FAF2}] => (Allow) D:\Steam\steamapps\common\The Talos Principle\Bin\x64\Talos_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{ED21D49D-64F8-4227-9594-A3F32521D404}] => (Allow) G:\SteamLibrary\steamapps\common\Shadowlings\Shadowlings.exe (Games From The Deep) [File not signed]
FirewallRules: [{5489FF0D-EE75-4C87-AD2D-9F898396DEAB}] => (Allow) G:\SteamLibrary\steamapps\common\Shadowlings\Shadowlings.exe (Games From The Deep) [File not signed]
FirewallRules: [{AEC51C98-8027-4117-A497-4483AA27A645}] => (Allow) G:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{B0EEEC9E-6917-46B7-ADA1-C1D8A6D58A3D}] => (Allow) G:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{CBDF5432-BDE6-4CCB-AA59-1060B7F49077}] => (Allow) G:\SteamLibrary\steamapps\common\Audiosurf\engine\QuestViewer.exe () [File not signed]
FirewallRules: [{A6D5E9F9-E5FC-47C0-8F51-C5BE2ED058F1}] => (Allow) G:\SteamLibrary\steamapps\common\Audiosurf\engine\QuestViewer.exe () [File not signed]
FirewallRules: [TCP Query User{D9E83CF9-2EDC-471E-AFD0-2B2FAD24A315}G:\usenet 3\humble trove\tokyo42_windows\t42.exe] => (Allow) G:\usenet 3\humble trove\tokyo42_windows\t42.exe () [File not signed]
FirewallRules: [UDP Query User{1414B0DA-9591-4FE0-83FC-E1705D13B900}G:\usenet 3\humble trove\tokyo42_windows\t42.exe] => (Allow) G:\usenet 3\humble trove\tokyo42_windows\t42.exe () [File not signed]
FirewallRules: [{5AB5BD71-960B-45F9-9711-9740BED8C3F6}] => (Allow) G:\SteamLibrary\steamapps\common\RebelGalaxy\SteamLauncher.exe (Double Damage Games Inc.) [File not signed]
FirewallRules: [{5F0EA6C5-C36E-435F-80C6-06109014E36A}] => (Allow) G:\SteamLibrary\steamapps\common\RebelGalaxy\SteamLauncher.exe (Double Damage Games Inc.) [File not signed]
FirewallRules: [{42136E2C-4C9F-4F5A-8283-8E6189DEC2FA}] => (Allow) G:\SteamLibrary\steamapps\common\ElectronicSuperJoy\ElectronicSuperJoy.exe () [File not signed]
FirewallRules: [{8B943B87-3FB6-4944-A485-07D56ACBF3C2}] => (Allow) G:\SteamLibrary\steamapps\common\ElectronicSuperJoy\ElectronicSuperJoy.exe () [File not signed]
FirewallRules: [{05AB3AFE-459D-4EE3-BDD4-A64D15E3BF53}] => (Allow) G:\SteamLibrary\steamapps\common\ElectronicSuperJoy2\ESJ2.exe () [File not signed]
FirewallRules: [{7EA5E3A2-60FC-4306-B1E2-AE2E55D86A9F}] => (Allow) G:\SteamLibrary\steamapps\common\ElectronicSuperJoy2\ESJ2.exe () [File not signed]
FirewallRules: [{C66B1C32-CC6E-403C-8903-CECB73C0C8A8}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{C2EAE82B-A5D2-4021-A207-91C6BA9950D6}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B48CDC73-40AB-45CB-8973-ACB4366751DE}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{F1D50C94-9372-4D68-B95F-79D70C541296}] => (Allow) D:\Steam\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{096F7FE0-3B17-4448-A290-EC422020F08A}G:1\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) G:1\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [UDP Query User{88B93AF8-1697-45AC-B5A1-61BA64EAD5FA}G:1\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) G:1\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [TCP Query User{F84C4251-D061-4150-8A46-317E0DDBB7DD}F:38\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) F:38\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [UDP Query User{84F62926-E5F8-4CD6-A844-DADDB45900B9}F:38\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) F:38\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [TCP Query User{75B38E47-6C18-4507-8399-B5EEB13A0160}F:81\flightsimulator.exe] => (Allow) F:81\flightsimulator.exe => No File
FirewallRules: [UDP Query User{7810CFAF-48B1-459E-9731-09094C5BAB7D}F:81\flightsimulator.exe] => (Allow) F:81\flightsimulator.exe => No File
FirewallRules: [TCP Query User{5746BAA0-D718-4C61-94B4-3D311D507530}E:06\flightsimulator.exe] => (Allow) E:06\flightsimulator.exe => No File
FirewallRules: [UDP Query User{DDD8862D-A359-4122-9122-2DFC3E152285}E:06\flightsimulator.exe] => (Allow) E:06\flightsimulator.exe => No File
FirewallRules: [TCP Query User{5065E234-30BC-4FFD-B565-0010E866401C}E:08\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) E:08\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [UDP Query User{AEE1A439-00A5-491A-8B49-5525E84B6666}E:08\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) E:08\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [TCP Query User{21A2F661-AF62-4FFA-A874-6F9C07619774}E:48\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) E:48\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [UDP Query User{4B23C4D8-9374-4382-B851-0FCA79E0CB7E}E:48\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) E:48\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [TCP Query User{2129634B-A852-4425-9408-D09561CF78CF}E:63\flightsimulator.exe] => (Allow) E:63\flightsimulator.exe => No File
FirewallRules: [UDP Query User{089CCEC4-FB87-4134-AE89-B80C98E86BF7}E:63\flightsimulator.exe] => (Allow) E:63\flightsimulator.exe => No File
FirewallRules: [TCP Query User{AC0DBC15-4B4A-4F10-A9BB-B6ACDC926BFF}E:65\flightsimulator.exe] => (Allow) E:65\flightsimulator.exe => No File
FirewallRules: [UDP Query User{2F9DD03D-8066-4CC6-A62B-32C58334AF02}E:65\flightsimulator.exe] => (Allow) E:65\flightsimulator.exe => No File
FirewallRules: [{5E2892A8-AF62-4A6B-8DBE-25157DD08C1B}] => (Allow) C:\Games\Knockout City\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{6100FA57-3882-424F-A176-D2371A55D946}] => (Allow) C:\Games\Knockout City\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{0695A579-5E1D-45FE-988B-E9AEC792CA41}] => (Allow) G:\SteamLibrary\steamapps\common\A Legionary's Life\legionary.exe () [File not signed]
FirewallRules: [{829AC00B-D34C-4E40-8983-2F62BDE77FED}] => (Allow) G:\SteamLibrary\steamapps\common\A Legionary's Life\legionary.exe () [File not signed]
FirewallRules: [TCP Query User{E6DFEB60-1167-4975-A646-D4A9022090B4}F:0\flightsimulator.exe] => (Allow) F:0\flightsimulator.exe => No File
FirewallRules: [UDP Query User{ADCC814E-4913-42A7-A60F-EDDBF19A6F98}F:0\flightsimulator.exe] => (Allow) F:0\flightsimulator.exe => No File
FirewallRules: [{A2522D28-12A3-4E82-AE65-1F8E2C24E422}] => (Allow) C:\SteamLibrary\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{5FC03DCF-2159-4CCE-97EB-9F3B3EE93589}] => (Allow) C:\SteamLibrary\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{FA2E6A72-87C7-484E-96AE-223F563F0346}] => (Allow) C:\SteamLibrary\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{EF3EA84A-41E9-42DE-A35D-65AB0D5FB417}] => (Allow) C:\SteamLibrary\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{866A10FA-D576-44F4-B8DB-D6CC5FD9091B}] => (Allow) C:\Games\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{24FBB3C1-DAA0-4A63-A527-D322BA208B54}] => (Allow) C:\Games\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B35709DA-DDD2-4756-94B1-A02CE73967FA}] => (Allow) C:\Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{F6969695-A516-4C92-8399-E98CC75118AD}] => (Allow) C:\Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{9EB520B6-B752-4C59-8D27-5AA020A405D3}] => (Allow) D:\Steam\steamapps\common\Sherlock Holmes The Secret of the Silver Earring\game.exe (Frogwares Ireland ltd -> )
FirewallRules: [{319424AF-805F-48AD-9278-CD035B9D9DC2}] => (Allow) D:\Steam\steamapps\common\Sherlock Holmes The Secret of the Silver Earring\game.exe (Frogwares Ireland ltd -> )
FirewallRules: [{2930EB16-4FCE-4EAB-9547-490FC9B3DC1C}] => (Allow) D:\Steam\steamapps\common\Dark Forces\DosBox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{96C3FA94-BC36-4F35-AAA5-91DBD113E48E}] => (Allow) D:\Steam\steamapps\common\Dark Forces\DosBox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{7C7BF4A3-B015-4753-ACF9-08F170850E19}] => (Allow) D:\Steam\steamapps\common\blackwell legacy\blackwell1.exe => No File
FirewallRules: [{34E785A5-7D9C-46DE-80D9-31C5691F015C}] => (Allow) D:\Steam\steamapps\common\blackwell legacy\blackwell1.exe => No File
FirewallRules: [{7CC7B876-C83B-4F21-9304-E8DED7FD9D46}] => (Allow) D:\Steam\steamapps\common\blackwell legacy\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{2878A810-EE62-4F35-A5D5-854A9670A555}] => (Allow) D:\Steam\steamapps\common\blackwell legacy\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{570C8C21-CCE8-471B-8B5E-7D55E5ECA85C}] => (Allow) D:\Steam\steamapps\common\blackwell unbound\Unbound.exe () [File not signed]
FirewallRules: [{499B7552-D075-4C7C-9397-F24762D6A54F}] => (Allow) D:\Steam\steamapps\common\blackwell unbound\Unbound.exe () [File not signed]
FirewallRules: [{3A806EF5-86DC-4F70-AFC0-45B14A40C2B6}] => (Allow) D:\Steam\steamapps\common\blackwell unbound\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{CC8B3996-4889-45F4-A668-CD794570CD4C}] => (Allow) D:\Steam\steamapps\common\blackwell unbound\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{11605178-C907-4935-8938-57B2D87F966C}] => (Allow) D:\Steam\steamapps\common\blackwell convergence\Convergence.exe (Wadjet Eye Games) [File not signed]
FirewallRules: [{48498E57-21F0-4D12-8325-713A7BAC72F1}] => (Allow) D:\Steam\steamapps\common\blackwell convergence\Convergence.exe (Wadjet Eye Games) [File not signed]
FirewallRules: [{33439B30-EE9D-4596-A68A-B7E8CA65A195}] => (Allow) D:\Steam\steamapps\common\blackwell convergence\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{50A7B4ED-8F2E-42CE-88FB-1DEC9F0BFACA}] => (Allow) D:\Steam\steamapps\common\blackwell convergence\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{6627AAE3-80A4-4BD8-9DA5-70D1E2721AC0}] => (Allow) D:\Steam\steamapps\common\blackwell deception\Deception.exe () [File not signed]
FirewallRules: [{D877D0A7-F203-4D4A-86FD-5001AEE315F8}] => (Allow) D:\Steam\steamapps\common\blackwell deception\Deception.exe () [File not signed]
FirewallRules: [{34D03179-EBDD-46BA-8139-E913E9D046C3}] => (Allow) D:\Steam\steamapps\common\blackwell deception\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{476AB6FA-5F10-4565-AD32-A8F63CE0E166}] => (Allow) D:\Steam\steamapps\common\blackwell deception\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{516CBAFD-C01A-4C6C-85BE-5EBE34E88944}] => (Allow) D:\Steam\steamapps\common\Luftrausers\bin\Luftrausers.exe (Vlambeer) [File not signed]
FirewallRules: [{68270E94-271D-49F6-9FCA-9A050AAE614A}] => (Allow) D:\Steam\steamapps\common\Luftrausers\bin\Luftrausers.exe (Vlambeer) [File not signed]
FirewallRules: [{F9E4FB46-9FBD-4D81-B150-7908376C3CB7}] => (Allow) C:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{5BFE6421-A790-4D8C-AC3C-B2FEB1E9F34E}] => (Allow) C:\SteamLibrary\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [TCP Query User{965E2AE8-67B6-466C-BD3E-0CA4E9742DC8}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{C54C76FE-73B6-49B8-99C9-F6F391043DF5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A20D0AFF-6A1C-42FC-9E1E-601E5554DD36}] => (Allow) C:\Users\aluca\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D440A643-98DB-46D7-BC1E-B75D235372C3}] => (Allow) C:\Users\aluca\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A48DB7AA-CC9D-4A23-8914-BC74D53C5AEC}] => (Allow) C:\Users\aluca\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8329023C-B76B-4668-BB66-FA889377FEEF}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{77FDF1D7-CAC4-46F7-8467-D74AD9AC7E77}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{CC9FDBC4-6842-4593-976C-CC9870B6999F}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BEF4E4EF-0463-407B-9929-ECDB52553D54}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{EB2B3DC2-55AA-4A79-8F5C-FF49B755E504}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C7DA882C-DD70-4766-B36B-AA265C8A4546}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{26408E7E-0FE6-4ABD-BA18-0E9B6135418A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A69E6B15-3C14-46E3-9155-3C6F07CE640E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{ADD5658F-F211-4370-ADE3-7CAA9A23172F}H:24\forzahorizon5.exe] => (Allow) H:24\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{E0ABC722-E248-47AA-8509-914DFCABAE8B}H:24\forzahorizon5.exe] => (Allow) H:24\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{90A46B17-35CC-4BA5-A06E-29961B0C2B15}H:62\forzahorizon5.exe] => (Allow) H:62\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{D7E1AF52-6917-4C7F-BED7-05C5126D2D58}H:62\forzahorizon5.exe] => (Allow) H:62\forzahorizon5.exe => No File
FirewallRules: [{CB0D74C1-4E9A-401A-B46A-D827CCACA172}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BFD06949-E6A8-4C3A-B8C2-D07FD7A948E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0E6A44D3-9A7D-42CC-984F-9210EB57D138}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C6E83D2B-7CEA-491C-93E9-5B70C39687F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{95AA6DE9-1A76-4990-B24D-DCDF298678F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8418445D-C4C1-428E-A166-68D8A4CC0DA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{152619FE-D154-47A5-8D2C-EFDCE939A9E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E8E0B693-55E6-41B2-9B1E-03D69A419E59}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{0EAB7B3F-953A-4811-A2B0-7D82DAEF93F0}H:71\haloinfinite.exe] => (Allow) H:71\haloinfinite.exe => No File
FirewallRules: [UDP Query User{72350DFD-3F32-4BA8-AEF6-C2275A1B2091}H:71\haloinfinite.exe] => (Allow) H:71\haloinfinite.exe => No File
FirewallRules: [TCP Query User{F35147C3-09EE-4386-8226-818DCC4F9147}D:54\forzahorizon5.exe] => (Allow) D:54\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{1F976972-64D5-43FA-BC65-54C6A22AC1C8}D:54\forzahorizon5.exe] => (Allow) D:54\forzahorizon5.exe => No File
FirewallRules: [{82B1A92B-0365-4E1E-A438-443C84A24F3F}] => (Allow) D:\Steam\steamapps\common\ABRISS Demo\ABRISS.exe () [File not signed]
FirewallRules: [{A4607F4F-5A9A-481A-A944-F0DD637A017C}] => (Allow) D:\Steam\steamapps\common\ABRISS Demo\ABRISS.exe () [File not signed]
FirewallRules: [TCP Query User{222363EB-D991-4CFB-B489-63AA4A2A2FA4}E:16\forzahorizon5.exe] => (Allow) E:16\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{A8A350F6-CBEB-4C87-8B5C-C0112B58AEB7}E:16\forzahorizon5.exe] => (Allow) E:16\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{A5B60A07-5AA1-4119-8CEF-F26AD03AA935}E:71\forzahorizon5.exe] => (Allow) E:71\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{4E72020F-1FFE-4576-A4A8-6CFC28A76BC7}E:71\forzahorizon5.exe] => (Allow) E:71\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{E478E2B9-53E5-4297-82BE-8142781D5481}F:5\doometernalx64vk.exe] => (Allow) F:5\doometernalx64vk.exe => No File
FirewallRules: [UDP Query User{93C01243-B056-4A10-943F-378D5B723756}F:5\doometernalx64vk.exe] => (Allow) F:5\doometernalx64vk.exe => No File
FirewallRules: [TCP Query User{27741F86-C6A9-47C8-AFAB-B4E9147DA3AB}F:2\theascent\binaries\wingdk\theascent-wingdk-shipping.exe] => (Allow) F:2\theascent\binaries\wingdk\theascent-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{FC98EDC9-B098-45BE-8ADA-43978E0C6897}F:2\theascent\binaries\wingdk\theascent-wingdk-shipping.exe] => (Allow) F:2\theascent\binaries\wingdk\theascent-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{BE8C84C3-783A-4126-9B7A-A1CF1E35FD98}C:\games\kena bridge of spirits\kena\binaries\win64\kena-win64-shipping.exe] => (Allow) C:\games\kena bridge of spirits\kena\binaries\win64\kena-win64-shipping.exe => No File
FirewallRules: [UDP Query User{60FB1F58-F2B3-4B10-AD6C-3AF96A0B3A92}C:\games\kena bridge of spirits\kena\binaries\win64\kena-win64-shipping.exe] => (Allow) C:\games\kena bridge of spirits\kena\binaries\win64\kena-win64-shipping.exe => No File
FirewallRules: [{85DEF987-35BC-4078-8C66-AEF76B332931}] => (Allow) C:\Games\Immortals Fenyx Rising\ImmortalsFenyxRising.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{D82641B9-A9E6-43D8-8ECF-3B853C259C53}] => (Allow) D:\Steam\steamapps\common\Vampire Survivors\VampireSurvivors.exe (Luca Galante) [File not signed]
FirewallRules: [{A79E90E6-A570-41BE-9A60-D8AD82092333}] => (Allow) D:\Steam\steamapps\common\Vampire Survivors\VampireSurvivors.exe (Luca Galante) [File not signed]
FirewallRules: [{4802A1D0-199C-4B85-963B-FDE223F15D88}] => (Allow) D:\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [{589B0DB0-9DD3-4C42-B66A-FE4792886F87}] => (Allow) D:\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [{7BF8BC22-0CA1-4678-BCF0-8A932277C7C2}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{8ABB212B-BD4E-44B7-93B3-644EBF977A6D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{E77FEBBD-B397-401C-86F3-6425464F1FCA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{3DBA0C17-9EFF-4079-B03B-8EBB816492F3}] => (Allow) C:\SteamLibrary\steamapps\common\X4 Foundations\X4.exe (Egosoft GmbH -> EGOSOFT GmbH)
FirewallRules: [{629AE189-5CA5-4FA0-AEAF-690C6B575B71}] => (Allow) C:\SteamLibrary\steamapps\common\X4 Foundations\X4.exe (Egosoft GmbH -> EGOSOFT GmbH)
FirewallRules: [{BBCDCE45-9235-49E0-975F-8ABA502430A9}] => (Allow) D:\Steam\steamapps\common\nebuchadnezzar\binary\win\nebuchadnezzar.exe () [File not signed]
FirewallRules: [{2C428997-C617-44D0-B345-9380CBA0E124}] => (Allow) D:\Steam\steamapps\common\nebuchadnezzar\binary\win\nebuchadnezzar.exe () [File not signed]
FirewallRules: [{70E6E938-A5A6-4789-B036-DF25DFAF9CD2}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{DE77F345-09FF-4C91-90F4-8C4495E7ADF4}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{7C65E962-EE11-46C4-BD8E-D78490CB83B9}] => (Allow) D:\Steam\steamapps\common\Gemini Rue\Gemini Rue.exe (TheJBurger) [File not signed]
FirewallRules: [{5A9D07F6-B21C-4197-8838-3AB13616F03C}] => (Allow) D:\Steam\steamapps\common\Gemini Rue\Gemini Rue.exe (TheJBurger) [File not signed]
FirewallRules: [{D7AC325A-9256-4555-995A-22FA36EB1AD3}] => (Allow) D:\Steam\steamapps\common\blackwell legacy\Blackwell Legacy.exe () [File not signed]
FirewallRules: [{DDF26CF9-1920-45B4-AD44-7522A4453708}] => (Allow) D:\Steam\steamapps\common\blackwell legacy\Blackwell Legacy.exe () [File not signed]
FirewallRules: [{AC9BA000-5218-49E7-9C54-E20E1C055193}] => (Allow) C:\SteamLibrary\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{169D48B2-E710-484B-8565-A04323758C37}] => (Allow) C:\SteamLibrary\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{FF8D5E42-108D-43D3-9850-C73A8097C7E3}] => (Allow) D:\Steam\steamapps\common\MultiVersus\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{947DCBE2-86FA-4ECC-919E-16EA02AA12BF}] => (Allow) D:\Steam\steamapps\common\MultiVersus\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{9272D8FA-D316-463C-A436-6AC767BDA732}] => (Allow) D:\Steam\steamapps\common\Waves 2\Waves.exe () [File not signed]
FirewallRules: [{A57AFE5C-E199-421D-8637-0AA260EA7CA9}] => (Allow) D:\Steam\steamapps\common\Waves 2\Waves.exe () [File not signed]
FirewallRules: [{0F583737-7F27-40EC-8C33-A53BB5A6882E}] => (Allow) D:\Steam\steamapps\common\PoliceStories\PoliceStories.exe (HypeTrain Digital LTD) [File not signed]
FirewallRules: [{C28C0D15-0C9A-49EA-AB84-DA364EB54568}] => (Allow) D:\Steam\steamapps\common\PoliceStories\PoliceStories.exe (HypeTrain Digital LTD) [File not signed]
FirewallRules: [{26352581-BD73-48C7-9438-A6547F77A8F1}] => (Allow) D:\Steam\steamapps\common\Victor Vran\VictorVranSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{8F594C37-0A65-4FAA-A210-C722A76166A0}] => (Allow) D:\Steam\steamapps\common\Victor Vran\VictorVranSteam.exe (Haemimont Games) [File not signed]
FirewallRules: [{F51C2157-192C-467A-B2E4-2EA82DBD9F37}] => (Allow) D:\Steam\steamapps\common\Soulstone Survivors Prologue\Soulstone Survivors.exe () [File not signed]
FirewallRules: [{997E4DB6-BD97-42BD-A9CC-4E97986782CE}] => (Allow) D:\Steam\steamapps\common\Soulstone Survivors Prologue\Soulstone Survivors.exe () [File not signed]
FirewallRules: [{6B31EF1E-15F4-4028-8664-9898E36FE55E}] => (Allow) C:\Program Files (x86)\PlayStationPlus\pspluslauncher.exe (Sony Interactive Entertainment LLC -> Sony Interactive Entertainment LLC)
FirewallRules: [{EBF8614F-A322-4A11-8D3E-55CBFFA1A59E}] => (Allow) C:\Users\aluca\AppData\Local\Gaikai\CrashReports\dumpupload.exe (Sony Interactive Entertainment LLC -> )
FirewallRules: [{C97EEDFC-5598-486D-8DF6-66FBFB574B06}] => (Allow) C:\Program Files (x86)\PlayStationPlus\unidater.exe (Sony Interactive Entertainment LLC -> Sony Interactive Entertainment)
FirewallRules: [{C4680834-A243-4C50-8998-8815FEE5D450}] => (Allow) D:\Games\Anthem\AnthemTrial.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{ACDC606C-94FA-4F89-9857-B304B744923E}] => (Allow) D:\Games\Anthem\AnthemTrial.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{DA10F40A-B5B7-42AE-BEEC-DCDB3A2E7C96}] => (Allow) D:\Games\Anthem\Anthem.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A46F552B-1A35-4FCA-8CF6-0E6A7AE1D22A}] => (Allow) D:\Games\Anthem\Anthem.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{3F369AB8-099A-41A7-98FA-E6B0715FFA3A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{885E7B6D-E577-410E-9DEA-09C8C3355A97}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6D88B0B0-599E-42F8-9256-09926C36F10C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5AD2B09A-947A-41F6-837E-351B652BFE37}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7D031FF9-730C-48A4-A4AC-265A485C393B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2A94039A-E064-48A3-9BDA-9665DA8E700D}] => (Allow) D:\Steam\steamapps\common\Dwarf Fortress\Dwarf Fortress.exe () [File not signed]
FirewallRules: [{138D95D3-74BA-491A-AEC2-867EAE259A8C}] => (Allow) D:\Steam\steamapps\common\Dwarf Fortress\Dwarf Fortress.exe () [File not signed]
FirewallRules: [{58716586-12C7-409A-A5EC-E4F755BFCBC8}] => (Allow) C:\Program Files (x86)\Sony\PS Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)
FirewallRules: [{1A212474-D6A3-46F4-89E4-8D3AF3EC73AA}] => (Allow) D:\Steam\steamapps\common\A Golden Wake\a-golden-wake.exe (Francisco Gonzalez) [File not signed]
FirewallRules: [{E28B90EC-BF18-40B2-9182-7CEDD67A1F08}] => (Allow) D:\Steam\steamapps\common\A Golden Wake\a-golden-wake.exe (Francisco Gonzalez) [File not signed]
FirewallRules: [{0FB9FB60-5761-4F5D-BBE2-D7C3463E145C}] => (Allow) D:\Steam\steamapps\common\A Golden Wake\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{670A16B4-F4EE-40D2-854B-8F674A3C6E2C}] => (Allow) D:\Steam\steamapps\common\A Golden Wake\winsetup.exe (Chris Jones) [File not signed]
FirewallRules: [{C23E313A-4EAF-4A75-B107-3DB07FEEC45D}] => (Allow) D:\Steam\steamapps\common\Kathy Rain\KathyRain.exe (Joel Staaf Hästö) [File not signed]
FirewallRules: [{9064A227-FEC9-4060-ADF3-024465B2336C}] => (Allow) D:\Steam\steamapps\common\Kathy Rain\KathyRain.exe (Joel Staaf Hästö) [File not signed]
FirewallRules: [{B656C6DB-D984-425C-9E30-7AFA005F84FB}] => (Allow) D:\Steam\steamapps\common\Shadowgate\Shadowgate.exe () [File not signed]
FirewallRules: [{16C911FC-2EC5-4B01-AD60-98B3550040AB}] => (Allow) D:\Steam\steamapps\common\Shadowgate\Shadowgate.exe () [File not signed]
FirewallRules: [{4DD830DD-1B9E-4765-B349-157BBBEA084B}] => (Allow) C:\SteamLibrary\steamapps\common\Dyson Sphere Program\DSPGAME.exe () [File not signed]
FirewallRules: [{C0DCB4EE-07C1-4745-9CC3-9E0CC7883865}] => (Allow) C:\SteamLibrary\steamapps\common\Dyson Sphere Program\DSPGAME.exe () [File not signed]
FirewallRules: [TCP Query User{9EA1FA63-67F6-4506-BC5B-D25EB46FDEF8}D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{84C32E2E-CE80-4DFD-BD56-5AA6D1F4F1AD}D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{DEF17B19-DC03-419F-868F-C15FB1213C61}C:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{93461624-BC80-4A8A-8F26-9C98FC918BCA}C:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{3258E639-8624-496E-B96C-028E24CFD7C9}] => (Allow) C:\Games\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{625D7DC8-0C06-4054-8C21-89D9CB2BB926}] => (Allow) C:\Games\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{F11DD113-325E-4903-863C-F87D810164B7}C:\games\battlefield 2042\bf2042.exe] => (Allow) C:\games\battlefield 2042\bf2042.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{9A19E4B1-5054-48C5-8324-DC462E7DC7C5}C:\games\battlefield 2042\bf2042.exe] => (Allow) C:\games\battlefield 2042\bf2042.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D2B848A8-6FC4-4C70-BC61-5CC6C83F0E8F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1AB30EFD-F9CA-49AB-A649-83FEC79007BB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EC78CCB1-3F08-4360-A33D-CEA8F07AFADC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{22D29F1C-E195-4AB8-9D82-A82587351CA1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0ABCD3B1-9E13-4EF3-BAF3-06C4EB2F635B}] => (Allow) H:\SteamLibrary\steamapps\common\Chernobylite\ChernobylGame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{AF19BB22-0DC7-41AC-A573-14250D1B98A1}] => (Allow) H:\SteamLibrary\steamapps\common\Chernobylite\ChernobylGame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{66CE6B75-A838-453A-8055-CE96EE9E4149}H:\xboxgames\serious sam 4\content\sam4.exe] => (Allow) H:\xboxgames\serious sam 4\content\sam4.exe (Access Denied) [File not signed]
FirewallRules: [UDP Query User{1C02FC50-B9DB-4674-83CF-ECC0CA422A28}H:\xboxgames\serious sam 4\content\sam4.exe] => (Allow) H:\xboxgames\serious sam 4\content\sam4.exe (Access Denied) [File not signed]
FirewallRules: [{7D9763A7-A92D-4F2A-9A81-3CF2DEA3B4E8}] => (Allow) H:\SteamLibrary\steamapps\common\SpellForceThree\launcher\SF3\Launcher.exe (Grimlore Games GmbH) [File not signed]
FirewallRules: [{45CBD183-C565-43FD-B02E-B99742F419D3}] => (Allow) H:\SteamLibrary\steamapps\common\SpellForceThree\launcher\SF3\Launcher.exe (Grimlore Games GmbH) [File not signed]
FirewallRules: [{6AC846C8-AB3C-4A0B-A43B-295F0479B3F6}] => (Allow) H:\SteamLibrary\steamapps\common\SpellForceThree\SF3LegacyLauncher.exe () [File not signed]
FirewallRules: [{84F0D07B-3781-491A-854C-41874327E490}] => (Allow) H:\SteamLibrary\steamapps\common\SpellForceThree\SF3LegacyLauncher.exe () [File not signed]
FirewallRules: [{3D06E2A1-9170-4B25-BC3F-64F3A54639C0}] => (Allow) H:\SteamLibrary\steamapps\common\SpellForceThree\SF3ClientFinal.exe (Grimlore Games GmbH) [File not signed]
FirewallRules: [{8D2ED04F-59EC-4344-BE54-67C22EC672B7}] => (Allow) H:\SteamLibrary\steamapps\common\SpellForceThree\SF3ClientFinal.exe (Grimlore Games GmbH) [File not signed]
FirewallRules: [TCP Query User{67C49A42-1CA8-4107-9C6B-691ED445485C}D:6\flightsimulator.exe] => (Allow) D:6\flightsimulator.exe => No File
FirewallRules: [UDP Query User{4D6C77F1-4828-4597-8362-C375D89478AB}D:6\flightsimulator.exe] => (Allow) D:6\flightsimulator.exe => No File
FirewallRules: [{C8EFD80A-0FCB-4111-882C-26381C9F42BF}] => (Allow) H:\SteamLibrary\steamapps\common\Thronebreaker The Witcher Tales\Thronebreaker.exe () [File not signed]
FirewallRules: [{BFDFEEFC-83DA-49C4-9257-528DAE84AE02}] => (Allow) H:\SteamLibrary\steamapps\common\Thronebreaker The Witcher Tales\Thronebreaker.exe () [File not signed]
FirewallRules: [{B908A462-1C7B-4EC9-99A4-1B29BB446D32}] => (Allow) H:\SteamLibrary\steamapps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{D45E6917-C551-47FC-8F83-5D051085708E}] => (Allow) H:\SteamLibrary\steamapps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7F485BA5-3BB0-415B-8DDC-8B38F2F2C3D4}] => (Allow) H:\SteamLibrary\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{B1581001-D572-4903-B272-5D3965D6F270}] => (Allow) H:\SteamLibrary\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{62227FC7-480C-40D3-8E4F-A7219EA05EA1}] => (Allow) H:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{5FC154CD-6DA6-45B0-8DB9-E8D91D41C761}] => (Allow) H:\SteamLibrary\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{91F90FF0-7101-45CB-937D-A2374A8F3F23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D2F78BAA-6DF1-4717-BFEC-617CB9373811}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7A5A5B35-76A2-4EF8-9D14-50DC500B13F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{797E5EBE-AC02-438F-9ACB-981201BE36EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8A863BED-5F68-42C9-8A6F-6C5A631A5A90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{49CA0F43-ED81-4DDD-88FA-9654F65654E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{EBBDD577-B4EB-41C0-AD18-75E93E77636F}] => (Allow) H:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{EE72C6FE-6374-4A3A-8279-BF54A6C564E3}] => (Allow) H:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{6CFD3A0A-3BC7-44AF-BB6C-2594B642C2E0}] => (Allow) H:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{1ED3FE49-F17E-4B37-BAFC-698AEFA9B478}] => (Allow) H:\Games\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{E1ACB08C-E982-4BBD-A3B8-AC7994FF6B36}] => (Allow) H:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{DE44A826-7693-4378-878C-7927AF3644E9}] => (Allow) H:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{D8B18FBB-20FF-49B3-B904-73730A6A7106}] => (Allow) H:\SteamLibrary\steamapps\common\DEATH STRANDING DIRECTORS CUT\ds.exe (KOJIMA PRODUCTIONS Co., Ltd.) [File not signed]
FirewallRules: [{20946C54-E5E3-4B7C-902C-463E72A87345}] => (Allow) H:\SteamLibrary\steamapps\common\DEATH STRANDING DIRECTORS CUT\ds.exe (KOJIMA PRODUCTIONS Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{93E6042E-DFAB-424A-9D38-3F9723868178}E:4\flightsimulator.exe] => (Allow) E:4\flightsimulator.exe => No File
FirewallRules: [UDP Query User{AE6763A1-356E-4396-8EBE-07B223638ED4}E:4\flightsimulator.exe] => (Allow) E:4\flightsimulator.exe => No File
FirewallRules: [{CEB05F7A-A4E2-4B1F-8E8B-2B48E13FEFA6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0F029D0E-58C9-4CE6-A170-436DA48EFA76}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{56676D79-6FD8-486B-9A2A-7D3600D503E6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E50258FB-6C5A-4C7D-87D7-D95C6AAEE939}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5E236B02-0F50-4783-BB29-CD8117E0610E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{086D5992-BE06-41F1-9476-43C0AF0EA9EF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{241EE579-0203-45AD-B477-F5D4574A93F0}] => (Allow) H:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe () [File not signed]
FirewallRules: [{9CC73BF2-CE16-4737-A902-6BC92CF41D33}] => (Allow) H:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe () [File not signed]
FirewallRules: [{F1C02C95-787A-48DC-AF58-54910E9A50C3}] => (Allow) D:\Need For Speed Heat\NeedForSpeedHeatTrial.exe (Electronic Arts) [File not signed]
FirewallRules: [{393CED3D-38C2-46F0-A349-E8FA5B1C89B3}] => (Allow) D:\Need For Speed Heat\NeedForSpeedHeatTrial.exe (Electronic Arts) [File not signed]
FirewallRules: [{726A22A1-9251-4376-8470-CEB932F9DEF4}] => (Allow) D:\Need For Speed Heat\NeedForSpeedHeat.exe (Electronic Arts) [File not signed]
FirewallRules: [{F2184E56-527B-4C48-B499-C6278E8D173B}] => (Allow) D:\Need For Speed Heat\NeedForSpeedHeat.exe (Electronic Arts) [File not signed]
FirewallRules: [{DBFF1182-CE57-45E9-B5F2-A117C98503D2}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{1811F88B-85D7-4BD9-9B38-973BFDEBDABD}] => (Allow) D:\Steam\steamapps\common\Epistory\Epistory.exe () [File not signed]
FirewallRules: [{FEE2BC57-A6A5-4439-B683-E0CD0E082135}] => (Allow) D:\Steam\steamapps\common\Epistory\Epistory.exe () [File not signed]
FirewallRules: [TCP Query User{9BC2C2AC-B92A-4E6D-8C23-7EA95024B306}H:\quantum break\dx11\quantumbreak.exe] => (Block) H:\quantum break\dx11\quantumbreak.exe () [File not signed]
FirewallRules: [UDP Query User{D807F334-C761-43D6-AC3D-6C75287C4DCB}H:\quantum break\dx11\quantumbreak.exe] => (Block) H:\quantum break\dx11\quantumbreak.exe () [File not signed]
FirewallRules: [{4036E294-FE5D-41C0-9BAF-71D68915BCBC}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{CFE886E7-3E49-4B98-ADE5-08B6C158A024}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (MiniTool Software Limited -> )
FirewallRules: [{5497ADC1-023C-471B-98A9-A769E70D2624}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0823E4E9-B480-4BA6-A70B-71FFF4CF8CE5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{42DC6330-2443-485F-AB41-B6984C13BD4B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D460908-CA61-416F-A685-9D170C8D1C98}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D4560D2E-B894-41C9-8D26-C8C86E0DFA07}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0AF60BF7-A4D8-49EA-AFF6-C06356732079}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{511F45A7-4F70-4059-A918-CA5C49A4E08E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{944E516F-ED2D-44B6-BBA4-6C206AD2E964}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{17993A39-B694-4E2C-A12B-D83D7C2F4C40}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D21E3408-D3C5-4AAF-A5A9-BF3C8457446A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EC472FE6-3B85-4894-B2AB-314C2D59D46C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E7EAD3BA-8C66-48F4-BE7E-4A2DF66F41C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{763878A7-15E7-4BB5-AB97-8C256E90C3B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{016B0B28-70B4-4777-B568-B5B9E8A574E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5CE0010C-3493-4E1C-83A2-23852A8D5A2E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{047E846B-7F53-4D62-AEB9-9EB3D1B42850}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

17-08-2023 22:22:17 Geplanter Prüfpunkt
26-08-2023 23:22:38 Geplanter Prüfpunkt
29-08-2023 16:20:35 Windows Modules Installer
30-08-2023 19:31:30 Nach Wiederherstellung von UEFI Boot (da Win nicht startete)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/04/2023 09:38:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (09/04/2023 09:38:18 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (09/04/2023 09:30:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: updatechecker.exe, version: 0.0.0.0, time stamp: 0x5e4c6e6e
Faulting module name: Qt5Core.dll, version: 5.6.3.0, time stamp: 0x59ba22ce
Exception code: 0xc0000005
Fault offset: 0x00000000001b3093
Faulting process id: 0x1d28
Faulting application start time: 0x01d9dea9b85af57a
Faulting application path: C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
Faulting module path: C:\Program Files\MiniTool Partition Wizard 12\Qt5Core.dll
Report Id: fe2a61ee-0868-4a93-b2e0-db18bf3a2287
Faulting package full name:
Faulting package-relative application ID:

Error: (09/03/2023 10:59:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (09/03/2023 10:59:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (09/03/2023 10:59:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (09/03/2023 10:59:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (09/03/2023 08:22:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: armoredcore6.exe, version: 1.0.0.0, time stamp: 0x64ce302f
Faulting module name: armoredcore6.exe, version: 1.0.0.0, time stamp: 0x64ce302f
Exception code: 0xc0000005
Fault offset: 0x00000000041ef16f
Faulting process id: 0x5628
Faulting application start time: 0x01d9de934a71eebd
Faulting application path: H:\Games\Armored Core 6 - Fires of Rubicon\Game\armoredcore6.exe
Faulting module path: H:\Games\Armored Core 6 - Fires of Rubicon\Game\armoredcore6.exe
Report Id: 009dc94f-8799-45aa-aeab-3e87df78f79f
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (09/04/2023 09:42:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AntivirProtectedService service failed to start due to the following error:
The system cannot find the file specified.

Error: (09/04/2023 09:41:50 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Nicht verfügbar" in order to run the server:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (09/04/2023 09:41:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4F0VDIR)
Description: The server {2DE3095A-B49E-418F-B5C1-69D2CCF62A8F} did not register with DCOM within the required timeout.

Error: (09/04/2023 09:41:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4F0VDIR)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (09/04/2023 09:40:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AntivirProtectedService service failed to start due to the following error:
The system cannot find the file specified.

Error: (09/04/2023 09:39:51 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4F0VDIR)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Nicht verfügbar" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/04/2023 09:39:39 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4F0VDIR)
Description: DCOM got error "1084" attempting to start the service TokenBroker with arguments "Nicht verfügbar" in order to run the server:
Windows.Internal.Security.Authentication.Web.WamProviderRegistration

Error: (09/04/2023 09:39:33 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-4F0VDIR)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Nicht verfügbar" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}


Windows Defender:
================
Date: 2023-09-04 21:02:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung

Date: 2023-09-03 18:43:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung

Date: 2022-06-05 22:31:27
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung

Date: 2022-06-05 08:01:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung

Date: 2022-06-04 11:42:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Event[0]:

Date: 2023-09-04 21:38:50
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Bei Zugriff
Error Code: 0x8007043c
Error description: Der Dienst kann nicht im abgesicherten Modus gestartet werden.
Reason: Die Antischadsoft-Sicherheitsfunktion wurde aus unbekanntem Grund beendet. Möglicherweise kann das Problem durch einen Neustart des Diensts behoben werden.

Date: 2023-02-07 16:56:26
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.381.2962.0
Update Source: Microsoft Update-Server
Security intelligence Type: AntiVirus
Update Type: Voll
Current Engine Version:
Previous Engine Version: 1.1.19900.2
Error code: 0x80240017
Error description: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".

CodeIntegrity:
===============
Date: 2023-09-04 21:46:45
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume16\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. P2.20 03/30/2023
Motherboard: ASRock Z590 Extreme
Processor: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Percentage of memory in use: 26%
Total physical RAM: 32623.16 MB
Available physical RAM: 23925.19 MB
Total Virtual: 47983.16 MB
Available Virtual: 35436.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1861.97 GB) (Free:445.16 GB) (Model: WDC WDS200T2B0C-00PXH0) NTFS
Drive d: (Primärfestplatte Partition 2) (Fixed) (Total:3724.98 GB) (Free:185.33 GB) (Model: WDC WD40EFRX-68N32N0) NTFS
Drive e: (Sekundär) (Fixed) (Total:1863.02 GB) (Free:94.5 GB) (Model: WDC WD2002FAEX-007BA0) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Tertiär) (Fixed) (Total:3725.9 GB) (Free:114.82 GB) (Model: WDC WD40EZRX-00SPEB0) NTFS
Drive g: (Quartär) (Fixed) (Total:4657.4 GB) (Free:392.79 GB) (Model: TOSHIBA HDWE150) NTFS
Drive h: (Crucial P2 SSD) (Fixed) (Total:1863 GB) (Free:1000.35 GB) (Model: CT2000P2SSD8) NTFS

\\?\Volume{5019dd88-b871-4b02-8b8e-280cf34539cf}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{3a340c7d-3ee9-4497-8a80-d1b05bcfbee9}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{b0faa004-6939-4197-b1c8-267bfb0f05e4}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{6cdeb2c4-412c-4dc5-bdaf-ef797a7363d0}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{fe270e7d-1c2f-0acc-11d8-b29745501506}\ () (Fixed) (Total:0.48 GB) (Free:0 GB) NTFS
\\?\Volume{b8b34776-ea39-8dc1-ad4c-052dc4fa0bc6}\ () (Fixed) (Total:3.32 GB) (Free:0 GB) NTFS
\\?\Volume{fef152b9-d07d-6c05-7837-02f2b0380e3b}\ () (Fixed) (Total:135.83 GB) (Free:0 GB) NTFS
\\?\Volume{80d34bf8-f98b-51da-b17a-8eba6eddd503}\ () (Fixed) (Total:0.66 GB) (Free:0 GB) NTFS
\\?\Volume{dff7ecf1-4c55-c671-5c7c-74ea6332bda1}\ () (Fixed) (Total:0.76 GB) (Free:0 GB) NTFS
\\?\Volume{d34ba279-f770-db44-6510-a1d1008857d6}\ () (Fixed) (Total:1.26 GB) (Free:0 GB) NTFS
\\?\Volume{63679637-779b-07f9-42c2-d415f8a24a3d}\ () (Fixed) (Total:0.18 GB) (Free:0 GB) NTFS
\\?\Volume{529e3775-2e11-0dc0-2cd9-7beb69ef5835}\ () (Fixed) (Total:3.64 GB) (Free:0 GB) NTFS
\\?\Volume{26c903b2-5cbb-abad-e9ca-b11b5cb99202}\ () (Fixed) (Total:0.41 GB) (Free:0 GB) NTFS
\\?\Volume{5baf365f-fe28-baf3-95d8-654011c73b9e}\ () (Fixed) (Total:3.35 GB) (Free:0 GB) NTFS
\\?\Volume{c5917046-080a-6282-de62-8c2d60b6364b}\ () (Fixed) (Total:88.96 GB) (Free:0 GB) NTFS
\\?\Volume{adfdb11b-dec0-e3a1-cde8-6f9f724d5b93}\ () (Fixed) (Total:4.36 GB) (Free:0 GB) NTFS
\\?\Volume{90512937-51c8-64c9-28d4-6bac53e3e468}\ () (Fixed) (Total:1.02 GB) (Free:0 GB) NTFS
\\?\Volume{f30db087-ff04-371f-3d61-f4e04e401e4d}\ () (Fixed) (Total:0.51 GB) (Free:0 GB) NTFS
\\?\Volume{1e286bc3-eaf5-241c-bcc1-abd27379f298}\ () (Fixed) (Total:0.85 GB) (Free:0 GB) NTFS
\\?\Volume{3b984627-294b-f47d-8c60-fada7d5d7b10}\ () (Fixed) (Total:3.26 GB) (Free:0 GB) NTFS
\\?\Volume{7bb54f80-8ac0-98f8-55b1-ea5b254364fc}\ () (Fixed) (Total:1.98 GB) (Free:0 GB) NTFS
\\?\Volume{88826b4b-f041-30e5-a691-fb7eb93f3aa6}\ () (Fixed) (Total:27.63 GB) (Free:0 GB) NTFS
\\?\Volume{9684698e-3979-2b78-2f56-253d080c2cae}\ () (Fixed) (Total:101.66 GB) (Free:0 GB) NTFS
\\?\Volume{474b9397-3a0e-9b6c-714a-6f718bb1507d}\ () (Fixed) (Total:135.74 GB) (Free:0 GB) NTFS
\\?\Volume{40e07cd9-aff6-f85f-a148-52e6d8a7b3a5}\ () (Fixed) (Total:10.26 GB) (Free:0 GB) NTFS
\\?\Volume{17b9d833-c057-dc2f-8afe-e0747553a43c}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{20af4153-6165-f2c6-b7d0-0c6f65a43426}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{e930a4ec-d1bd-3b79-11a2-3df525ee525a}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{fef99fd2-93ea-80ca-9155-61e105c116a9}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{a7537661-921f-ed59-a758-f2ff8a6db369}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{7a84994b-6bf0-45c7-be02-b5f8a69bbf5f}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
\\?\Volume{1f92eb1a-3da6-4f1c-82a2-662bc949ba9a}\ () (Fixed) (Total:0.1 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 4657.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: F393E8A3)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 0DDAEBB4)

Partition: GPT.

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 5DD0770D)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 5 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 6.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 7.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 8.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 9.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 10.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 11.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 12.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 13.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 14.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 15.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 16.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 17.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 18.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 19.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 20.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 21.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 22.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 23.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 24.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 25.

==================== End of Addition.txt =======================

 

[DR M]

Hello.

I prefer you to attach the logs from now on, instead of pasting them in your reply.

Since we are in the Security Arena now, there are some special rules while we are working to fix a system. And this is because we follow specific steps considering the condition of the system at the specific time. We don't want changes, since this would make things more complicated.

So... these are the rules:

1. Always ask before acting. Do not continue if you are not sure, or if something unexpected happens!

2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.

3. Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Having such programs installed, is the easiest way to get infected. Thus, no need to clean the computer, since, soon or later, it will get infected again. If you have such programs, please uninstall them now, before we start the cleaning procedure.

4. If your computer seems to start working normally, don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.

5. You have to reply to my posts within 3 days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback. If you are able, I would request you to check this thread at least once per day so that we can resolve your issues effectively and efficiently.

6. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.


====================

I'll review your logs and be back to you when I am ready. This, may take some time, but not more than 24 hours.

 

[DR M]

Just letting you know that I started reviewing your logs. There are many things to check, so I'll reply to you tomorrow. Thanks for your patience.

 

[AlucardSX]

No problem, thanks for your help. :)

 

[DR M]

Let's start.

Please remove any external drives from the computer.

After that:


1. Security programs

You had Avira Security which was not uninstalled properly and there are many remnants in the system. You also have ZoneAlarm and Malwarebytes. Plus, the built-in Microsoft Defender.

Have in mind that many antivirus in the system may cause:

• False positives: When the anti virus software tells you that your PC has a virus when it actually doesn't.
• Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
• Low performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
• Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.

It's your computer, so your decision, but I would uninstall ZoneAlarm and Avira, and keep Malwarebytes and Microsoft Defender.

Let me know what did you decide/do.


2. Java

There are very few reasons these days to continue having Java installed on your computer. However, if you do elect to keep Java, it needs to be updated to the latest version which you can find here: Java SE Runtime Environment 8 - Downloads. Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional. But this, only when we finish from here.

For now:

Uninstall the out of date version of Java: Java 8 Update 181


3. Uninstall programs

Please uninstall the following. No need to use them in a Windows 1O system

Defraggler
A-Tuning v3.0.425

Also this, in case you don't need/use it:

Chrome Remote Desktop Host


4. Settings

Have you set the following intentionally?

HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\.cmd: => <==== ATTENTION


5. Fresh FRST logs

Please run the FRST tool once again, and attach for me fresh logs to check (Addition and FRST).


In your next reply please post:

1. If you uninstalled any of these: ZoneAlarm, Java, Defraggler, A-Tuning, Chrome Remote Desktop.
2. Fresh FRST logs

 

[AlucardSX]

I deinstalled ZoneAlarm, Java, Defraggler, A-Tuning and Chrome Remote Desktop. As for Avira, I had already uninstalled that a short while ago. I used to use itfor my day-to-day protection and only used manual Malware Bytes scans for the occasional "second opinion". But I had already decided that MS Defender and Malwarebytes were protection enough, so there's no Avira currently running on my system (and hadn't been when I submitted my first FRST scans). So these leftofters really are just remnants of past installations. I haven't tried to get rid of them for now, since you haven't explicitly told me to, and I'd first have to look up how to go about it in any case. Hope that's ok. As to those registry entries, no, I do not believe I intentionally set them. I have only very occasionally manually edited my registry to fix specific issues, always following a guide. But I don't think this was one of those cases. If it somehow was, it would have to have been years ago.

 

[DR M]

Hi.

No, you don't have to do anything regarding Avira's remnants. Thanks for the logs.

Moving on:


1. Remove a Chrome extension

Open Chrome.
At the top right choose More (the three vertical dots) > More Tools > Extensions
Find Avira Browserschutz, and remove it, clicking on Remove.
Confirm the action by clicking Remove once again.


2. FRST fix

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

• Select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.

Start::
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Run: [] => [X]
HKU\S-HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\MountPoints2: {cbb4c2c2-e06f-11e6-8363-806e6f6e6963} - "I:\LaunchU3.exe" -a
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5307536 2023-08-10] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\...\MountPoints2: {cbb4c2c2-e06f-11e6-8363-806e6f6e6963} - "I:\LaunchU3.exe" -a
GroupPolicy-Firefox: Restriction <==== ATTENTION
Task: {C83D7EEC-CF0F-496B-ADD1-8DDF6C8E4E70} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {09F575CF-37C7-4F0C-996F-EA2BF7FF278D} - System32\Tasks\Avira_Antivirus_Systray => "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe"  /min (No File)
Task: {F9E652F1-4BC0-4FE9-A5CD-A07B9C9E3191} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => %ProgramFiles%\rempl\remsh.exe  /RunUsoScanOnly (No File)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Extension: (Avira Safe Shopping) - C:\Users\aluca\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-10-31]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FF Extension: (Avira Browser Safety) - C:\Users\aluca\AppData\Roaming\Mozilla\Firefox\Profiles\piWQYoLX.default\Extensions\abs@avira.com.xpi [2018-12-09] [UpdateUrl:hxxps://download.avira.com/package/abs/firefox/update-webext.rdf]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [hncafdhkllgldnimopgfkgnlcijmonah]
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 AntivirProtectedService; "C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe" [X]
S3 SoundBoosterService; C:\Program Files (x86)\Letasoft Sound Booster\SoundBoosterService.exe [X]
S3 AsrDrv105; C:\WINDOWS\SysWOW64\Drivers\AsrDrv105.sys [40696 2023-08-28] (ASROCK INC. -> ASRock Incorporation)
S3 ALSysIO; \??\C:\Users\aluca\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 HWiNFO_174; \??\C:\Users\aluca\AppData\Local\Temp\HWiNFO64A_174.SYS [X] <==== ATTENTION
U3 iswSvc; no ImagePath
U4 npcap_wifi; no ImagePath
AV: Avira Security (Enabled - Up to date) {C622D33D-B035-6463-E471-9D92B9517CA1}
FW: Avira Security (Enabled) {BE55A40C-05CA-1096-36EB-CCA92DEAF539}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
FW: Avira Security (Enabled) {877B141C-E73B-9A54-223E-108CC963426A}
AlternateDataStreams: C:\Users\aluca\Anwendungsdaten:c7637b1ddf4ebe3cea300c7598738ba3 [394]
AlternateDataStreams: C:\Users\aluca\AppData\Roaming:c7637b1ddf4ebe3cea300c7598738ba3 [394]
AlternateDataStreams: C:\Users\Public\AppData:CSM [452]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7586]
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\regfile:  <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\.reg:  =>  <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\.bat:  =>  <==== ATTENTION
HKU\S-1-5-21-3615177999-3261653453-3779512466-1001\Software\Classes\.cmd:  =>  <==== ATTENTION
FirewallRules: [UDP Query User{35CBDC56-E0BF-4541-9703-45F1E80492F7}E:4\tetriseffect\binaries\wingdk\tetriseffect-wingdk-shipping.exe] => (Allow) E:4\tetriseffect\binaries\wingdk\tetriseffect-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{E84848B9-76EC-459B-A94A-ABE236102D69}E:4\tetriseffect\binaries\wingdk\tetriseffect-wingdk-shipping.exe] => (Allow) E:4\tetriseffect\binaries\wingdk\tetriseffect-wingdk-shipping.exe => No File
FirewallRules: [{A53B7DBF-C894-4DA2-B1F1-7625AAC51A66}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{C05EF2D9-D14A-4761-87DC-D6BEBE6B1CB2}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{F0FB45C9-D507-4FE0-A548-B9E7D30DC4F4}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [{AB4B069F-BF53-49BE-954C-CA0561D08170}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe => No File
FirewallRules: [TCP Query User{096F7FE0-3B17-4448-A290-EC422020F08A}G:1\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) G:1\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [UDP Query User{88B93AF8-1697-45AC-B5A1-61BA64EAD5FA}G:1\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) G:1\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [TCP Query User{F84C4251-D061-4150-8A46-317E0DDBB7DD}F:38\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) F:38\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [UDP Query User{84F62926-E5F8-4CD6-A844-DADDB45900B9}F:38\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) F:38\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [TCP Query User{75B38E47-6C18-4507-8399-B5EEB13A0160}F:81\flightsimulator.exe] => (Allow) F:81\flightsimulator.exe => No File
FirewallRules: [UDP Query User{7810CFAF-48B1-459E-9731-09094C5BAB7D}F:81\flightsimulator.exe] => (Allow) F:81\flightsimulator.exe => No File
FirewallRules: [TCP Query User{5746BAA0-D718-4C61-94B4-3D311D507530}E:06\flightsimulator.exe] => (Allow) E:06\flightsimulator.exe => No File
FirewallRules: [UDP Query User{DDD8862D-A359-4122-9122-2DFC3E152285}E:06\flightsimulator.exe] => (Allow) E:06\flightsimulator.exe => No File
FirewallRules: [TCP Query User{5065E234-30BC-4FFD-B565-0010E866401C}E:08\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) E:08\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [UDP Query User{AEE1A439-00A5-491A-8B49-5525E84B6666}E:08\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) E:08\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [TCP Query User{21A2F661-AF62-4FFA-A874-6F9C07619774}E:48\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) E:48\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [UDP Query User{4B23C4D8-9374-4382-B851-0FCA79E0CB7E}E:48\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe] => (Allow) E:48\projectmayhem\binaries\win64\darksidersgenesis-win64-shipping.exe => No File
FirewallRules: [TCP Query User{2129634B-A852-4425-9408-D09561CF78CF}E:63\flightsimulator.exe] => (Allow) E:63\flightsimulator.exe => No File
FirewallRules: [UDP Query User{089CCEC4-FB87-4134-AE89-B80C98E86BF7}E:63\flightsimulator.exe] => (Allow) E:63\flightsimulator.exe => No File
FirewallRules: [TCP Query User{AC0DBC15-4B4A-4F10-A9BB-B6ACDC926BFF}E:65\flightsimulator.exe] => (Allow) E:65\flightsimulator.exe => No File
FirewallRules: [UDP Query User{2F9DD03D-8066-4CC6-A62B-32C58334AF02}E:65\flightsimulator.exe] => (Allow) E:65\flightsimulator.exe => No File
FirewallRules: [{B35709DA-DDD2-4756-94B1-A02CE73967FA}] => (Allow) C:\Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{F6969695-A516-4C92-8399-E98CC75118AD}] => (Allow) C:\Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [TCP Query User{ADD5658F-F211-4370-ADE3-7CAA9A23172F}H:24\forzahorizon5.exe] => (Allow) H:24\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{E0ABC722-E248-47AA-8509-914DFCABAE8B}H:24\forzahorizon5.exe] => (Allow) H:24\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{90A46B17-35CC-4BA5-A06E-29961B0C2B15}H:62\forzahorizon5.exe] => (Allow) H:62\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{D7E1AF52-6917-4C7F-BED7-05C5126D2D58}H:62\forzahorizon5.exe] => (Allow) H:62\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{0EAB7B3F-953A-4811-A2B0-7D82DAEF93F0}H:71\haloinfinite.exe] => (Allow) H:71\haloinfinite.exe => No File
FirewallRules: [UDP Query User{72350DFD-3F32-4BA8-AEF6-C2275A1B2091}H:71\haloinfinite.exe] => (Allow) H:71\haloinfinite.exe => No File
FirewallRules: [TCP Query User{F35147C3-09EE-4386-8226-818DCC4F9147}D:54\forzahorizon5.exe] => (Allow) D:54\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{1F976972-64D5-43FA-BC65-54C6A22AC1C8}D:54\forzahorizon5.exe] => (Allow) D:54\forzahorizon5.exe => No File
FirewallRules: [{82B1A92B-0365-4E1E-A438-443C84A24F3F}] => (Allow) D:\Steam\steamapps\common\ABRISS Demo\ABRISS.exe () [File not signed]
FirewallRules: [{A4607F4F-5A9A-481A-A944-F0DD637A017C}] => (Allow) D:\Steam\steamapps\common\ABRISS Demo\ABRISS.exe () [File not signed]
FirewallRules: [TCP Query User{222363EB-D991-4CFB-B489-63AA4A2A2FA4}E:16\forzahorizon5.exe] => (Allow) E:16\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{A8A350F6-CBEB-4C87-8B5C-C0112B58AEB7}E:16\forzahorizon5.exe] => (Allow) E:16\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{A5B60A07-5AA1-4119-8CEF-F26AD03AA935}E:71\forzahorizon5.exe] => (Allow) E:71\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{4E72020F-1FFE-4576-A4A8-6CFC28A76BC7}E:71\forzahorizon5.exe] => (Allow) E:71\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{E478E2B9-53E5-4297-82BE-8142781D5481}F:5\doometernalx64vk.exe] => (Allow) F:5\doometernalx64vk.exe => No File
FirewallRules: [UDP Query User{93C01243-B056-4A10-943F-378D5B723756}F:5\doometernalx64vk.exe] => (Allow) F:5\doometernalx64vk.exe => No File
FirewallRules: [TCP Query User{27741F86-C6A9-47C8-AFAB-B4E9147DA3AB}F:2\theascent\binaries\wingdk\theascent-wingdk-shipping.exe] => (Allow) F:2\theascent\binaries\wingdk\theascent-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{FC98EDC9-B098-45BE-8ADA-43978E0C6897}F:2\theascent\binaries\wingdk\theascent-wingdk-shipping.exe] => (Allow) F:2\theascent\binaries\wingdk\theascent-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{BE8C84C3-783A-4126-9B7A-A1CF1E35FD98}C:\games\kena bridge of spirits\kena\binaries\win64\kena-win64-shipping.exe] => (Allow) C:\games\kena bridge of spirits\kena\binaries\win64\kena-win64-shipping.exe => No File
FirewallRules: [UDP Query User{60FB1F58-F2B3-4B10-AD6C-3AF96A0B3A92}C:\games\kena bridge of spirits\kena\binaries\win64\kena-win64-shipping.exe] => (Allow) C:\games\kena bridge of spirits\kena\binaries\win64\kena-win64-shipping.exe => No File
FirewallRules: [{7BF8BC22-0CA1-4678-BCF0-8A932277C7C2}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{8ABB212B-BD4E-44B7-93B3-644EBF977A6D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{E77FEBBD-B397-401C-86F3-6425464F1FCA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [TCP Query User{9EA1FA63-67F6-4506-BC5B-D25EB46FDEF8}D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{84C32E2E-CE80-4DFD-BD56-5AA6D1F4F1AD}D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [TCP Query User{93E6042E-DFAB-424A-9D38-3F9723868178}E:4\flightsimulator.exe] => (Allow) E:4\flightsimulator.exe => No File
FirewallRules: [UDP Query User{AE6763A1-356E-4396-8EBE-07B223638ED4}E:4\flightsimulator.exe] => (Allow) E:4\flightsimulator.exe => No File
2023-08-28 22:41 - 2023-08-28 22:41 - 000040696 _____ (ASRock Incorporation) C:\Windows\SysWOW64\Drivers\AsrDrv105.sys
2023-09-05 00:21 - 2022-09-27 12:17 - 000000000 ____D C:\Users\aluca\AppData\Roaming\qBittorrent
2023-08-29 16:34 - 2017-01-22 19:55 - 000000000 ____D C:\Program Files (x86)\Avira
2023-08-29 16:33 - 2021-04-16 11:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2023-08-29 16:33 - 2017-01-22 19:55 - 000000000 ____D C:\ProgramData\Avira
2023-08-29 16:32 - 2022-06-06 12:10 - 000000000 ____D C:\Program Files\Avira
C:\Program Files (x86)\CheckPoint
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2
cmd: netsh advfirewall reset
cmd: netsh winsock reset
EmptyTemp:
End::

• Right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
• Press the Fix button once and wait.
• FRST will process fixlist.txt
• When finished, it will produce a log fixlog.txt on your Desktop.
• Post the log in your next reply.

In your next reply please post:

1. If uninstalling the extension ran smoothly
2. The fixlog.txt

 

[AlucardSX]

Hi.
Uninstalling the Avira extension ran smoothly, as did the FRST fix, although it took forever. Just for my own curiosity, is it normal for the deletion of the various temp folders and the like to take hours, with the app seemingly going unresponsive every now and then. Does the tool use some form of data erasure, overwriting the files bit by bit? Anyway, it finished just fine eventually, so here's the fixlog.

 

[DR M]

As you can see in the fixlog, more than 22GB of temporary files were removed! That is why it took so long to complete. Have in mind that when you run FRST, you must not use the system for other tasks.

Now...


1. Run AdwCleaner (scan only)

Download AdwCleaner and save it to your desktop.

• Double click AdwCleaner.exe to run it.
• Click Scan Now.
  • When the scan has finished, a Scan Results window will open.
  • Click Cancel (at this point do not attempt to Quarantine anything that is found)
• Now click the Log Filestab.
  • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
  • A Notepad file will open containing the results of the scan.
  • Please post the contents of the file in your next reply.

2. Run Malwarebytes (scan only)

• Open Malwarebytes you have already installed.
• Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:
  

  Under the title Scan Options, all the options are checked.
  Under the title Windows Security Center (Premium only) the option is NOT checked.
  Under the title Potentially unwanted items all options are set to Always.

• Click on the little gear to return to the main menu and select Scan. The program will start scanning your computer. This may take about 10 minutes, but in some cases it may be take longer.
• When finished, you will see the Threat Scan Summary window open.

If threats are not found, click View Report and proceed to the two last steps below.

If threats are found, make sure that all threats are not selected, close the program and proceed to the next steps below.

• Open Malwarebytes again, click on the Scanner, and then on the Reports tab.
• Find the report with the most recent date and double click on it.
• Click on Export and then Copy to Clipboard.
• Paste its content here, in your next reply.

In your next reply, please post:

1. The AdwCleaner[S0*].txt
2. The Malwarebytes report

 

[AlucardSX]

No worries, I didn't use the PC for any other tasks while FRST was doing it's thing.
In Malwarebytes, under Windows Security Center, the toggle was set to on, but greyed out, because I'm not a premium member.
Here's the logs:

AdwCleaner:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-07-2023
# Duration: 00:00:10
# OS: Windows 10 (Build 19045.3324)
# Scanned: 32090
# Detected: 3


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy usenet-crawler
PUP.Optional.Legacy usenet-crawler

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.support.toshiba.com Chromium URLs support.toshiba.com



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########


Malwarebytes:
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 9/7/23
Scan Time: 11:27 AM
Log File: c1b426fc-4d60-11ee-8706-00ff7a77524e.json

-Software Information-
Version: 4.6.1.280
Components Version: 1.0.2117
Update Package Version: 1.0.74965
License: Free

-System Information-
OS: Windows 10 (Build 19045.3324)
CPU: x64
File System: NTFS
User: DESKTOP-4F0VDIR\aluca

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 408071
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 2 min, 31 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

[DR M]

Hi.

About Malwarebytes: Go to Settings and then Account. Select Deactivate. Close the program, restart and open Malwarebytes again. Go to Settings, Security and check if you can disable the option about Windows Security Center.

After that:

• Double click AdwCleaner.exe on your Desktop, to run it as you did before.
• Click Scan Now.
• When the scan has finished a Scan Results window will open.
• Please check all the boxes and then click Quarantine.
• Click Next.
  • If any pre-installed software was found on your machine, a prompt window will open. Click OK to close it.
  • Check the pre-installed software item found.
  • Click Quarantine.
• A prompt to save your work will appear.
  • Click Continue when you're ready to proceed.
• A prompt to restart your computer will appear.
  • Click Restart Now.
• Once your computer has restarted:
  • If it doesn't open automatically, please start AdwCleaner.
  • Click the Log Files tab.
  • Double click on the latest Clean log (Clean logs have a [C0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
  • A Notepad file will open containing the results of the removal.
  • Please post the contents of the file in your next reply.

 

[AlucardSX]

re: Malwarebytes: unfortunately there is is no option to deactivate, only to activate a subscription.
re: AdwCleaner: here's the log:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-07-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.3324)
# Cleaned: 0
# Failed: 3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Not Deleted usenet-crawler
Not Deleted usenet-crawler

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Not Deleted Preinstalled.support.toshiba.com Chromium URLs support.toshiba.com


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1521 octets] - [07/09/2023 10:39:52]
AdwCleaner[S01].txt - [1582 octets] - [07/09/2023 11:53:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

 

[DR M]

The PUPs detected were not deleted, but that is not something to worry about now.

To ensure that everything is clean:

Download ESET Online Scanner and save it to your desktop.

• Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
• When the tool opens, click Get Started.
• Read and accept the license agreement.
• At the Welcome to ESET Online Scanner window, click Get Started.
• Select whether you would like to send anonymous data to ESET.
• Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
• Click on the Full Scan option.
• Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
• ESET will now begin scanning your computer. This may take some time.
• When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
• ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
• On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
• Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

 

[AlucardSX]

Hi, just wanted to give you a quick update and confirm that I'm still working on that scan. It's been running since shortly after your last post, but it's still only a bit over half-way done. I guess two 2TB SSDs, one 2TB HDD and three 4TB HDDs will do that to a poor, overworked malware scanner
I hope it will be finished before I have to go to work tomorrow, but if not, I'll be sure to get the log to you afterward.

 

[DR M]

The stuff you have in your computer is ... amazingly much, so we will just make patience.

 

[AlucardSX]

What can I say, I'm a digital pack rat.
By the way, I tried downloading both yesterday, after executing the FRST, and also today, and the extreme system slowdowns I described in the other thread and which originally sent me here seem to be completely gone. As in, my highest reported routine execution time during downloads is now 1643 µs according to LatencyMon, as opposed to in the hundreds of thousands. So between the uninstalled programs and the changes made through the FRST fix, something seems to have done the trick.

Anyway, here's the ESET log:

9/8/2023 9:58:20 AM
Files scanned: 4253578
Detected files: 50
Cleaned files: 50
Total scan time 14:21:34
Scan status: Finished
C:\Users\aluca\Downloads\bl_hosts_editor\HostsEditor.exe a variant of Win32/HostsEditor.A potentially unsafe application cleaned by deleting

C:\Users\aluca\Downloads\pcwWinCleaner_v2021\Tools\IObitUninstallerPortable\App\uninstaller\Feedback.exe a variant of Win32/IObit.AF potentially unwanted application cleaned by deleting

C:\Users\aluca\Downloads\pcwWinCleaner_v2021\Tools\IObitUninstallerPortable\App\uninstaller\IObitUninstaler.exe a variant of Win32/IObit.AE potentially unwanted application cleaned by deleting

C:\Users\aluca\Downloads\pcwWinCleaner_v2021\Tools\IObitUninstallerPortable\App\uninstaller\iush.exe a variant of Win32/IObit.AQ potentially unwanted application cleaned by deleting

C:\Users\aluca\Downloads\CDisplayExWin64v1.10.29.exe Win32/FusionCore.I potentially unwanted application cleaned by deleting

C:\Users\aluca\Downloads\cmd_fw_installer_6113_c7.exe a variant of Win32/Yandex.F potentially unwanted application cleaned by deleting

C:\Users\aluca\Downloads\dfsetup221.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting

C:\Users\aluca\Downloads\nox_setup_v6.3.0.7_full_intl.exe a variant of Win32/FusionCore.AQ potentially unwanted application deleted

C:\Users\aluca\Downloads\rcsetup153.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting

C:\Users\aluca\Downloads\zafwSetupWeb_150_653_17211.exe a variant of Win32/FusionCore.L potentially unwanted application deleted

D:\downloads\aida64extreme430.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting

D:\downloads\CheatEngine64.exe a variant of Win32/OpenCandy.A potentially unsafe application,Win32/GameTool.IC potentially unsafe application,a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application,Win32/OpenCandy.L potentially unsafe application cleaned by deleting

D:\downloads\MediaInfo_GUI_0.7.71_Windows.exe Win32/OpenCandy potentially unsafe application cleaned by deleting

D:\downloads\zafwSetupWeb_133_209_000.exe Win32/Toolbar.Conduit potentially unwanted application deleted

D:\downloads\zp861free.exe Win32/OpenCandy potentially unsafe application cleaned by deleting

D:\downloads\zp920free.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting

D:\downloads\zp950free.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting

D:\OneDrive\Backup Windows 7 Benutzer-Ordner (pre 31. 12. 2014)\Users\AlucardSX\Desktop\vpsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted

E:\Studium\Visuelle Soziologie\Free-Video-Dub-Setup.exe a variant of Win32/WinloadSDA.D potentially unwanted application cleaned by deleting

E:\Usenet\Music\Wolfsheim\Wolfsheim - Alben - 1992 - No Happy View\www.brothers-of-usenet.org\Brothers Bar Community Toolbar für Internet Explorer.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting

E:\Usenet\Music\Wolfsheim\Wolfsheim - Alben - 1993 - Pop Killer\www.brothers-of-usenet.org\Brothers Bar Community Toolbar für Internet Explorer.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting

E:\Usenet\Music\Wolfsheim\Wolfsheim - Alben - 1995 - 55578\www.brothers-of-usenet.org\Brothers Bar Community Toolbar für Internet Explorer.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting

E:\Usenet\Music\Wolfsheim\Wolfsheim - Alben - 1996 - Dreaming Apes\www.brothers-of-usenet.org\Brothers Bar Community Toolbar für Internet Explorer.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting

E:\Usenet\Music\Wolfsheim\Wolfsheim - Alben - 1997 - Hamburg Rom Wolfsheim (Live)\www.brothers-of-usenet.org\Brothers Bar Community Toolbar für Internet Explorer.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting

E:\Usenet\Music\Wolfsheim\Wolfsheim - Alben - 1999 - Spectators\www.brothers-of-usenet.org\Brothers Bar Community Toolbar für Internet Explorer.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting

E:\Usenet\Music\Wolfsheim\Wolfsheim - Alben - 2003 - Casting Shadows\www.brothers-of-usenet.org\Brothers Bar Community Toolbar für Internet Explorer.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting

E:\uTorrent\uTorrent.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting

F:\Backup Windows 10 Benutzerorder (25.08.2015)\Users\AlucardSX\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting

F:\Backup Windows 10 Benutzerorder (25.08.2015)\Users\AlucardSX\AppData\Roaming\uTorrent\uTorrent.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting

F:\Backup Windows 10 Benutzerorder (25.08.2015)\Users\AlucardSX\Downloads\Core-Temp-installer.exe Win32/Somoto.Q potentially unwanted application,a variant of Win32/Somoto.V potentially unwanted application cleaned by deleting

F:\Backup Windows 10 Benutzerorder (25.08.2015)\Users\AlucardSX\Downloads\JDownloader 2 BETA.exe Win32/Appwork.A potentially unwanted application cleaned by deleting

F:\Backup Windows 10 Benutzerorder (25.08.2015)\Users\AlucardSX\Downloads\PDFX4SA_LE_H.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application cleaned by deleting

F:\Backup Windows 10 Benutzerorder (25.08.2015)\Users\AlucardSX\Downloads\uTorrent.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting

F:\Backup Windows 10 Benutzerorder (25.08.2015)\Users\AlucardSX\Downloads\Virtual CloneDrive - CHIP-Installer.exe a variant of Win32/DownloadSponsor.C potentially unwanted application cleaned by deleting

F:\Backup Windows 10 Benutzerorder (25.08.2015)\Users\AlucardSX\Downloads\zafwSetupWeb_133_209_000.exe Win32/Toolbar.Conduit potentially unwanted application deleted

F:\Backup Windows 10 Benutzerorder (25.08.2015)\Users\AlucardSX\Downloads\zp920free.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting

F:\Backup Windows 7 Benutzer-Ordner (pre 31. 12. 2014)\Users\AlucardSX\Desktop\vpsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted

F:\Backup Windows 7 Benutzer-Ordner (pre 31. 12. 2014)\Users\AlucardSX\Downloads\zp920free.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting

F:\Rettung nach Crash am 19.01.2017\RecoveredData\C\Users\aluca\Downloads\CDisplayExWin64v1.10.29.exe Win32/FusionCore.I potentially unwanted application cleaned by deleting

F:\Rettung nach Crash am 19.01.2017\RecoveredData\C\Users\aluca\Downloads\CheatEngine65.exe a variant of Win32/OpenCandy.A potentially unsafe application,Win32/GameTool.IC potentially unsafe application,a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application,Win32/OpenCandy.L potentially unsafe application cleaned by deleting

F:\Rettung nach Crash am 19.01.2017\RecoveredData\C\Users\aluca\Downloads\cmd_fw_installer_6113_c7.exe a variant of Win32/Yandex.F potentially unwanted application cleaned by deleting

F:\Rettung nach Crash am 19.01.2017\RecoveredData\C\Users\aluca\Downloads\Install JDownloader.exe a variant of Win32/Appwork.A potentially unwanted application cleaned by deleting

F:\Rettung nach Crash am 19.01.2017\RecoveredData\C\Users\aluca\Downloads\zp920free.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting

F:\Studium-kopie\Visuelle Soziologie\Free-Video-Dub-Setup.exe a variant of Win32/WinloadSDA.D potentially unwanted application cleaned by deleting

F:\Windows.old\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting

F:\Windows.old\Program Files (x86)\Avira\AntiVir Desktop\apnstub.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application cleaned by deleting

F:\Windows.old\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting

F:\Windows.old\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application cleaned by deleting

F:\Windows.old\Program Files (x86)\JDownloader\tools\Windows\kikin\kikin_installer.exe a variant of Win32/Kikin.A potentially unwanted application cleaned by deleting

F:\Windows.old\Users\AlucardSX\Desktop\vpsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted

 

[DR M]

So between the uninstalled programs and the changes made through the FRST fix, something seems to have done the trick.

Of course! What we did was carefully targeted.

We have some other things to do before we finish, however. Please, do not download anything while we are working here.


1. FRST Quarantine

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

• Select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.

Start::
Folder: C:\FRST\Quarantine
End::

• Right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
• Press the Fix button once and wait.
• FRST will process fixlist.txt
• When finished, it will produce a log fixlog.txt on your Desktop.
• Post the log in your next reply.

2. FRST logs

Perform a new scan with FRST tool and attach for me the 2 logs to check (Addition and FRST).


In your next reply please post:

1. The fixlog.txt
2. The fresh FRST logs, Addition and FRST

 

[AlucardSX]

Here are the logs.

 

[DR M]

You have still an Edge Avira extension: Avira Password Manager

Go to the Default Edge profile, and remove it.


After that:

1. Run Deployment Image Servicing and Management (DISM)

• Click on the Start button and in the search box, type Command Prompt
• When you see Command Prompt on the list, right-click on it and select Run as administrator
• Enter the command below and press on Enter;

DISM /Online /Cleanup-Image /RestoreHealth

• Let the scan run until the end (100%). Depending on your system, it can take some time.
• Please post here the result you got (a screenshot).

2. When DISM finishes, you can then run SFC from the same command prompt window, but full instructions as if starting fresh:

• Click on the Start button and in the search box, type Command Prompt
• When you see Command Prompt on the list, right-click on it and select Run as administrator
• Enter the command below and press on Enter

sfc /scannow

• Let the scan finish.
• You will normally get one of the following results:
  

  Windows Resource Protection did not find any integrity violations
  Windows Resource Protection found corrupt files and successfully repaired them
  Windows Resource Protection found corrupt files but was unable to fix some of them
  Windows Resource Protection could not perform the requested operation

  Please post the result you got (a screenshot).

3. Check disk

There was an indication in the last logs about your disk. Let's check the C, where the operating system is installed.

• Click on the Start button and in the search box, type Command Prompt.
• When you see Command Prompt on the list, right-click on it and select Run as administrator.
• Enter the command below and press on Enter and wait for it to finish (~15 minutes).
  

     chkdsk C: /r

• You will receive a message that the operation cannot be performed while the system is in use and ask if you want to check when you restart your computer. Choose Yes, and then restart the computer, allowing disk check to run at startup.
• The process will take some time, depending on the disk condition.
• Download ListChkdskResult by SleepyDude and save it on your Desktop.
• Double click on the created icon.
• A notepad file will open. Copy its content and paste it in your next reply.

In your next reply please post:

1. The 2 screenshots
2. The chkdsk result