Setup Proxy 127.0.0.1:86 – Virus, Trojan, Spyware, and Malware Removal Help

So Farrare

Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-08-2021 Ran by Dan (05-08-2021 09:48:46) Running from C:UsersDanDownloads Windows 10 Pro Version 1909 18363.1316 (X64) (2021-01-21 16:48:04) Boot Mode: Normal ==========================================================     ==================== Accounts: =============================     (If an entry is included in the fixlist, it will […]

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-08-2021

Ran by Dan (05-08-2021 09:48:46)

Running from C:UsersDanDownloads

Windows 10 Pro Version 1909 18363.1316 (X64) (2021-01-21 16:48:04)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-1100201080-1795771759-1847257070-500 – Administrator – Enabled) => C:UsersAdministrator

Dan (S-1-5-21-1100201080-1795771759-1847257070-1000 – Administrator – Enabled) => C:UsersDan

DefaultAccount (S-1-5-21-1100201080-1795771759-1847257070-503 – Limited – Disabled)

Guest (S-1-5-21-1100201080-1795771759-1847257070-501 – Limited – Disabled)

sshd (S-1-5-21-1100201080-1795771759-1847257070-1001 – Limited – Enabled)

WDAGUtilityAccount (S-1-5-21-1100201080-1795771759-1847257070-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…uTorrent) (Version: 3.5.5.46036 – BitTorrent Inc.)

µTorrent (HKUS-1-5-21-1100201080-1795771759-1847257070-500…uTorrent) (Version: 3.5.5.45988 – BitTorrent Inc.)

7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)

Adobe Creative Cloud (HKLM-x32…Adobe Creative Cloud) (Version: 5.4.5.550 – Adobe Inc.)

AMD Chipset Software (HKLM-x32…AMD_Chipset_IODrivers) (Version: 2.17.25.506 – Advanced Micro Devices, Inc.)

AMD Software (HKLM…AMD Catalyst Install Manager) (Version: 21.6.1 – Advanced Micro Devices, Inc.)

AMD_Chipset_Drivers (HKLM-x32…9bbdaa84-1315-4bcf-ac55-57449b4228f1) (Version: 2.17.25.506 – Advanced Micro Devices, Inc.) Hidden

Apache NetBeans IDE 12.0 (HKLM…nbi-nb-all-12.0.0.0.200529) (Version: 12.0 – Apache NetBeans)

AutoCAD 2020 – English (HKLM…28B89EEF-3001-0409-2102-CF3F3A09B77D) (Version: 23.1.47.0 – Autodesk) Hidden

Autodesk App Manager 2020 (HKLM-x32…93769E2-0281-4626-88B1-43180365CCDF) (Version: 3.0.0 – Autodesk)

Autodesk AutoCAD 2020 – English (HKLM…AutoCAD 2020 – English) (Version: 23.1.47.0 – Autodesk)

Autodesk Desktop App (HKLM-x32…Autodesk Desktop App) (Version: 7.0.14.33 – Autodesk)

Autodesk Featured Apps 2020 (HKLM-x32…D0194D24-57D6-4FC8-9B80-3B60BFEBA23A) (Version: 3.0.0 – Autodesk)

Autodesk Genuine Service (HKLM-x32…317D67F2-9027-4E85-9ED1-ADF4D765AE02) (Version: 3.0.11 – Autodesk)

Autodesk Material Library 2020 (HKLM-x32…B9312A51-41B5-479D-9F72-E7448A2D89AF) (Version: 18.11.1.0 – Autodesk)

Autodesk Material Library Base Resolution Image Library 2020 (HKLM-x32…E976988-E753-4C81-BD96-434CE305B176) (Version: 18.11.1.0 – Autodesk)

Autodesk Save to Web and Mobile (HKLM…26FB18F7-B553-430D-94F6-C2389A91235F) (Version: 3.0.21 – Autodesk)

Autodesk Single Sign On Component (HKLM…E3807FC8-DD0A-4D6D-89E9-EAADE00C845C) (Version: 10.22.00.1800 – Autodesk)

Badlion Client (HKLM…1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 3.2.4 – Badlion)

BandLab Assistant 6.4.1 (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…9b08bea4-021c-5f9d-a74e-ac0ceb51fb28) (Version: 6.4.1 – BandLab Technologies)

Boris FX Sapphire Plug-ins 2019.52 for OFX (HKLM…GenArts Sapphire Plug-ins for OFX_is1) (Version: 12.520 – Boris FX, Inc.)

Brackets (HKLM-x32…43086E55-5B37-4DA8-852F-EEC6C75ECFE9) (Version: 1.14.17770 – brackets.io)

Branding64 (HKLM…C871FC62-0186-40ED-BAEA-7C65BE367755) (Version: 1.00.0006 – Advanced Micro Devices, Inc.) Hidden

Brave (HKLM-x32…BraveSoftware Brave-Browser) (Version: 92.1.27.109 – Brave Software Inc)

Canon E510 series MP Drivers (HKLM…1199FAD5-9546-44f3-81CF-FFDB8040B7BF_Canon_E510_series) (Version: 1.03 – Canon Inc.)

Canon IJ Scan Utility (HKLM-x32…Canon_IJ_Scan_Utility) (Version:  – ‪Canon Inc.‬)

CCleaner (HKLM…CCleaner) (Version: 5.82 – Piriform)

Cloudflare WARP (HKLM…EF5A51EF-A841-41A1-A56C-28EE82799D70) (Version: 1.5.206.0 – Cloudflare, Inc.)

CPUID CPU-Z 1.94 (HKLM…CPUID CPU-Z_is1) (Version: 1.94 – CPUID, Inc.)

Crystal Mod Launcher 1.0.3 (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…8bd3592f-ce97-5bc9-b455-b9edc15a202b) (Version: 1.0.3 – Daniel Scalzi, BestBearr)

Discord (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Discord) (Version: 0.0.309 – Discord Inc.)

Discord (HKUS-1-5-21-1100201080-1795771759-1847257070-500…Discord) (Version: 1.0.9002 – Discord Inc.)

Dota2Mods V4 4.0.2 (HKUS-1-5-21-1100201080-1795771759-1847257070-500…7573502-2e95-5fbc-8a75-f1af600ae49c) (Version: 4.0.2 – Planetweb.ro)

ffmpeg version 1.0 (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…59A818ED-B65B-4BA4-9227-56EE184ABCBC_is1) (Version: 1.0 – temp#2742)

Genshin Impact (HKLM…Genshin Impact) (Version: 2.10.2.0 – miHoYo Co.,Ltd)

Google Chrome (HKLM-x32…Google Chrome) (Version: 92.0.4515.131 – Google LLC)

Google Update Helper (HKLM-x32…A92DAB39-4E2C-4304-9AB6-BC44E68B55E2) (Version: 1.3.101.0 – Google LLC) Hidden

Guilded 1.0.996954-release (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…37acac95-e961-5909-9d05-c98f2db949a9) (Version: 1.0.996954-release – Guilded, Inc.)

Huion Tablet v14.8.137.1273 (HKLM…62047893-F186-48B8-83A5-1C74D8666D19_is1) (Version: v14.8.137.1273 – )

IntelliJ IDEA Community Edition 2021.1.3 (HKLM-x32…IntelliJ IDEA Community Edition 2021.1.3) (Version: 211.7628.21 – JetBrains s.r.o.)

Java 8 Update 291 (64-bit) (HKLM…26A24AE4-039D-4CA4-87B4-2F64180291F0) (Version: 8.0.2910.10 – Oracle Corporation)

JetBrains dotPeek 2021.1.3 (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…b3a57a4b-1568-53a0-abd5-fead3d8ca1fc) (Version: 2021.1.3 – JetBrains s.r.o.)

JetBrains ReSharper in Visual Studio Community 2019 (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…6bc9594e-4aea-5807-b8e0-93de364f0a7e) (Version: 2021.1.3 – JetBrains s.r.o.)

Kits Configuration Installer (HKLM-x32…63AAA877-5536-9481-2385-28A082100D78) (Version: 10.1.18362.1 – Microsoft) Hidden

Logitech G HUB (HKLM…521c89be-637f-4274-a840-baaf7460c2b2) (Version: 2021.8.792 – Logitech)

Lunar Client (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 2.7.4 – Moonsworth, LLC)

Lunar Client (HKUS-1-5-21-1100201080-1795771759-1847257070-500…1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 2.5.2 – Moonsworth, LLC)

Microsoft 365 Apps for enterprise – en-us (HKLM…O365ProPlusRetail – en-us) (Version: 16.0.14228.20204 – Microsoft Corporation)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 92.0.902.62 – Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 92.0.902.62 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-1100201080-1795771759-1847257070-500…OneDriveSetup.exe) (Version: 21.109.0530.0001 – Microsoft Corporation)

Microsoft Teams (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Teams) (Version: 1.4.00.4167 – Microsoft Corporation)

Microsoft Teams (HKUS-1-5-21-1100201080-1795771759-1847257070-500…Teams) (Version: 1.4.00.2879 – Microsoft Corporation)

Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32…C5E3A69D-D391-45A6-A8FB-00B01E2B010D) (Version: 1.1.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61187 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…ad8a2fa1-06e7-4b0d-927d-6e54b3d31028) (Version: 8.0.61186 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.7523 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.7523 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.7523 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.7523 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime – 11.0.61135 (HKLM…37B8F9C7-03FB-3253-8781-2517C99D7C00) (Version: 11.0.61135 – Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Minimum Runtime – 11.0.61135 (HKLM…CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97) (Version: 11.0.61135 – Microsoft Corporation)

Microsoft Visual C++ 2012 x86 Additional Runtime – 11.0.61135 (HKLM-x32…B175520C-86A2-35A7-8619-86DC379688B9) (Version: 11.0.61135 – Microsoft Corporation)

Microsoft Visual C++ 2012 x86 Minimum Runtime – 11.0.61135 (HKLM-x32…BD95A8CD-1D9F-35AD-981A-3E7925026EBB) (Version: 11.0.61135 – Microsoft Corporation)

Microsoft Visual C++ 2013 x64 Additional Runtime – 12.0.40664 (HKLM…10792BA-551A-3AC0-A7EF-0FAB4156C382) (Version: 12.0.40664 – Microsoft Corporation)

Microsoft Visual C++ 2013 x64 Minimum Runtime – 12.0.40664 (HKLM…53CF6934-A98D-3D84-9146-FC4EDF3D5641) (Version: 12.0.40664 – Microsoft Corporation)

Microsoft Visual C++ 2013 x86 Additional Runtime – 12.0.40664 (HKLM-x32…D401961D-3A20-3AC7-943B-6139D5BD490A) (Version: 12.0.40664 – Microsoft Corporation)

Microsoft Visual C++ 2013 x86 Minimum Runtime – 12.0.40664 (HKLM-x32…8122DAB1-ED4D-3676-BB0A-CA368196543E) (Version: 12.0.40664 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.29.30037 (HKLM-x32…4b2f3795-f407-415e-88d5-8c8ab322909d) (Version: 14.29.30037.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.29.30037 (HKLM-x32…dfea0fad-88b2-4a1f-8536-3f8f9391f4ef) (Version: 14.29.30037.0 – Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM…47C2CCDB-7A04-3797-992B-A84D3E90258F) (Version: 10.0.60833 – Microsoft Corporation)

Microsoft Visual Studio Installer (HKLM…6F320B93-EE3C-4826-85E0-ADF79F8D4C61) (Version: 2.10.2174.31177 – Microsoft Corporation)

Minecraft Launcher (HKLM-x32…911FBC64-4C64-4B8F-A637-B34832638C86) (Version: 1.0.0.0 – Mojang)

Mozilla Firefox 89.0.2 (x64 en-US) (HKLM…Mozilla Firefox 89.0.2 (x64 en-US)) (Version: 89.0.2 – Mozilla)

Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 88.0.1 – Mozilla)

MySQL Documents 8.0 (HKLM-x32…F8EAD01A-824D-4D18-BAD7-B0C3081EB5E4) (Version: 8.0.24 – Oracle Corporation)

MySQL Examples and Samples 8.0 (HKLM-x32…4E588DA6-6B34-4E2B-8108-89D0447E388A) (Version: 8.0.24 – Oracle Corporation)

NARUTO SHIPPUDEN Ultimate Ninja STORM 4 Road to Boruto Next Generations (HKLM-x32…NARUTO SHIPPUDEN Ultimate Ninja STORM 4 Road to ~629813CA_is1) (Version:  – )

Nightly (x64 en-US) (HKLM…Nightly 91.0a1 (x64 en-US)) (Version: 91.0a1 – Mozilla)

Node.js (HKLM…46B3B986-91F4-44FF-890D-E01C31A623E6) (Version: 15.11.0 – Node.js Foundation)

Npcap (HKLM-x32…NpcapInst) (Version: 1.10 – Nmap Project)

OBS Studio (HKLM-x32…OBS Studio) (Version: 27.0.1 – OBS Project)

Office 16 Click-to-Run Extensibility Component (HKLM…90160000-008C-0000-1000-0000000FF1CE) (Version: 16.0.14228.20204 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…90160000-007E-0000-1000-0000000FF1CE) (Version: 16.0.14228.20204 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM…90160000-008C-0409-1000-0000000FF1CE) (Version: 16.0.14131.20278 – Microsoft Corporation) Hidden

Offline CheatBreaker Beta (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Offline CheatBreaker Beta) (Version: 00.00.00.09 – Offline CheatBreaker)

OpenVPN 2.5.1-I601 amd64 (HKLM…E5931AF4-2A8F-48A5-AFC8-CE9B79C4B19D) (Version: 2.5.020 – OpenVPN, Inc.)

Opera GX Stable 77.0.4054.275 (HKUS-1-5-21-1100201080-1795771759-1847257070-500…Opera GX 77.0.4054.275) (Version: 77.0.4054.275 – Opera Software)

Opera GX Stable 77.0.4054.298 (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Opera GX 77.0.4054.298) (Version: 77.0.4054.298 – Opera Software)

osu! (HKLM-x32…a20400e5-dddc-4804-8ce1-573a52e7d3cd) (Version: latest – ppy Pty Ltd)

PicPick (HKLM-x32…PicPick) (Version: 5.1.5 – NGWIN)

Popcorn Time (HKLM-x32…Popcorn Time_is1) (Version: 6.2.1.17 – Popcorn Time) <==== ATTENTION

Promontory_GPIO Driver (HKLM-x32…B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9) (Version: 2.0.1.0 – Advanced Micro Devices, Inc.) Hidden

ProtonVPN (HKLM-x32…FFAFEA09-E7DA-4710-A278-7F0506C96829) (Version: 1.18.5 – Proton Technologies AG) Hidden

ProtonVPN (HKLM-x32…ProtonVPN 1.18.5) (Version: 1.18.5 – Proton Technologies AG)

ProtonVPNTap (HKLM-x32…5DA710E2-1B81-4675-BFC5-76BAF63AE1F6) (Version: 1.1.3 – Proton Technologies AG)

PvPLounge Launcher (HKLM…ad8f9f29-9001-57dc-871c-20ee37a85c88) (Version: 0.2.9 – Digital Ingot, Inc.)

Python 3.9.5 (64-bit) (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…f3d4ed4c-f434-41ef-8469-ffadd80c4ccf) (Version: 3.9.5150.0 – Python Software Foundation)

Python 3.9.5 Add to Path (64-bit) (HKLM…6504EEE5-2172-4D34-A76D-0372356396B4) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Core Interpreter (64-bit debug) (HKLM…8FFB26F7-4CCF-4741-8C9A-264BDD0F5C68) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Core Interpreter (64-bit symbols) (HKLM…7AE79937-D0A7-4D36-9965-5E91E22E5FFA) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Core Interpreter (64-bit) (HKLM…FBB6299D-CB58-4177-B6A0-63BFB1C8C3AE) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Development Libraries (64-bit debug) (HKLM…9C8A86E-0205-4821-A084-0008EA107CCD) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Development Libraries (64-bit) (HKLM…AEE58901-97A1-422A-B964-4FD9BF3327B8) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Documentation (64-bit) (HKLM…4EFE695B-F377-4CB0-90E3-6AEEE22DEFEB) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Executables (64-bit debug) (HKLM…E4B94548-B7BF-492D-839A-32851B0B5076) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Executables (64-bit symbols) (HKLM…62B02C0C-B9B8-49E4-BC06-ABA02223D2BA) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Executables (64-bit) (HKLM…843C07B6-040E-4E83-B244-5383247D70AB) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 pip Bootstrap (64-bit) (HKLM…7559EB6B-36F9-4AE8-8970-532E4DC0ECA3) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Standard Library (64-bit debug) (HKLM…DB9DF8C7-EDDB-4FB9-8E65-39BBE13FB31B) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Standard Library (64-bit symbols) (HKLM…72FB8CF5-E7CB-4CD2-90B2-39ADC3483845) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Standard Library (64-bit) (HKLM…F4DC18F4-6323-4BE8-A322-38268831BC24) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Tcl/Tk Support (64-bit debug) (HKLM…A52DECFA-2040-4C9B-840D-D836AE967A63) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Tcl/Tk Support (64-bit symbols) (HKLM…9F0D0DF1-B4D0-4760-A174-0CFF5C09D758) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Tcl/Tk Support (64-bit) (HKLM…351016A7-AED4-4824-8D2E-2F9ED497CF77) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Test Suite (64-bit debug) (HKLM…3C884419-9FCB-4245-804D-C9D3EB88FD87) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Test Suite (64-bit symbols) (HKLM…F47D09A3-9226-47D6-A1E4-FDE02FAF24D0) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Test Suite (64-bit) (HKLM…605117B9-EE12-4498-A089-A63219191799) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python 3.9.5 Utility Scripts (64-bit) (HKLM…420E50F6-A8E8-4098-A321-7DF6B3C3BA82) (Version: 3.9.5150.0 – Python Software Foundation) Hidden

Python Launcher (HKLM-x32…B6EF11B6-0882-43B1-AA75-4D3BD32A144A) (Version: 3.9.7427.0 – Python Software Foundation)

Quick CPU x64 (HKLM…B5AD600E-9874-4036-9619-DEBC4A2FDC34) (Version: 3.3.3.0 – CoderBag)

Riot Vanguard (HKLM…Riot Vanguard) (Version:  – Riot Games, Inc.)

RiseupVPN (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…564606a6-d183-4517-8bce-b1d73f4f2cf8) (Version: 0.21.2-16-g97d9bea – LEAP Encryption Access Project)

Roblox Player for Dan (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…roblox-player) (Version:  – Roblox Corporation)

RyzenMasterSDK (HKLM…16104918-7D6F-452E-B244-5C330E347E98) (Version: 1.2.3.5 – Advanced Micro Devices, Inc.) Hidden

Safe Watch (HKUS-1-5-21-1100201080-1795771759-1847257070-500…11b9ea7a-35e8-5cfb-8216-8caab4be266f) (Version: 1.6.24 – )

ShareX (HKLM…82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.5.0 – ShareX Team)

Slack (HKUS-1-5-21-1100201080-1795771759-1847257070-500…slack) (Version: 4.18.0 – Slack Technologies Inc.)

SoftEther VPN Client (HKLM…softether_sevpnclient) (Version: 4.34.9745 – SoftEther VPN Project)

Speccy (HKLM…Speccy) (Version: 1.32 – Piriform)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Teams Machine-Wide Installer (HKLM-x32…731F6BAA-A986-45A4-8936-7C3AAAAA760B) (Version: 1.3.0.28779 – Microsoft Corporation)

TLauncher (HKLM-x32…TLauncher2.8) (Version: 2.8 – TLauncher Inc.)

Universe (HKLM…Universe_is1) (Version: 2.2.2 – Red Giant & Team V.R)

VALORANT (HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Riot Game valorant.live) (Version:  – Riot Games, Inc)

VEGAS Pro 18.0 (HKLM…75111FE1-CE55-11EA-8B12-00155D43CFCE) (Version: 18.0.284 – VEGAS)

VLC media player (HKLM…VLC media player) (Version: 3.0.12 – VideoLAN)

Voicemeeter, The Virtual Mixing Console (HKLM-x32…VB:Voicemeeter 17359A74-1236-5467) (Version:  – VB-Audio Software)

Windows Driver Package – Graphics Tablet (WinUsb) USBDevice  (04/10/2014 8.33.30.0) (HKLM…142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 – Graphics Tablet)

Windows SDK AddOn (HKLM-x32…E18618EC-D9DB-4BCE-B382-85ADA2CBB340) (Version: 10.1.0.0 – Microsoft Corporation)

Windscribe (HKLM-x32…fa690e90-ddb0-4f0c-b3f1-136c084e5fc7_is1) (Version: 2.2 Build 10 – Windscribe Limited)

WinRAR 6.00 (HKLM…WinRAR_is1) (Version: 6.00 – lrepacks.ru)

Zoom (HKUS-1-5-21-1100201080-1795771759-1847257070-500…ZoomUMX) (Version: 5.7.4 (804) – Zoom Video Communications, Inc.)

ZoomInfo Contact Contributor (HKUS-1-5-21-1100201080-1795771759-1847257070-500…ZoomInfo Contact Contributor) (Version: 62 – )

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-1100201080-1795771759-1847257070-1000_ClassesCLSID19A6E644-14E6-4A60-B8D7-DD20610A871DInprocServer32 -> C:UsersDanAppDataLocalMicrosoftTeamsMeetingAddin1.0.20289.5x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-1100201080-1795771759-1847257070-1000_ClassesCLSID2F81B25E-7507-4844-BFF2-77D2CC24CED4localserver32 -> C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe (Adobe Inc. -> Adobe Inc.)

CustomCLSID: HKUS-1-5-21-1100201080-1795771759-1847257070-1000_ClassesCLSIDCB965DF1-B8EA-49C7-BDAD-5457FDC1BF92InprocServer32 -> C:UsersDanAppDataLocalMicrosoftTeamsMeetingAddin1.0.20244.4x64Microsoft.Teams.AddinLoader.dll => No File

CustomCLSID: HKUS-1-5-21-1100201080-1795771759-1847257070-1000_ClassesCLSIDe1a7f602-67b7-44f7-ad19-439e41f06cd8localserver32 -> “C:Program FilesGlobal DelightBoom 3DBoom3D.exe” -ToastActivated => No File

ShellIconOverlayIdentifiers: [   AccExtIco1] -> AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-06-04] (Adobe Inc. -> )

ShellIconOverlayIdentifiers: [   AccExtIco2] -> 853B7E05-C47D-4985-909A-D0DC5C6D7303 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-06-04] (Adobe Inc. -> )

ShellIconOverlayIdentifiers: [   AccExtIco3] -> 42D38F2E-98E9-4382-B546-E24E4D6D04BB => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-06-04] (Adobe Inc. -> )

ShellIconOverlayIdentifiers: [ OneDrive1] -> BBACC218-34EA-4666-9D7A-C78F2274A524 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive2] -> 5AB7172C-9C11-405C-8DD5-AF20F3606282 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive3] -> A78ED123-AB77-406B-9962-2A5D9D2F7F30 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive4] -> F241C880-6982-4CE5-8CF7-7085BA96DA5A =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive5] -> A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive6] -> 9AA2F32D-362A-42D9-9328-24A483E2CCC3 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive7] -> C5FF006E-2AE9-408C-B85B-2DFDD5449D9C =>  -> No File

ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> 36A21736-36C2-4C11-8ACB-D4136F2B57BD => C:Windowssystem32AcSignIcon.dll [2019-01-30] (Autodesk, Inc. -> Autodesk, Inc.)

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> BBACC218-34EA-4666-9D7A-C78F2274A524 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> 5AB7172C-9C11-405C-8DD5-AF20F3606282 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> A78ED123-AB77-406B-9962-2A5D9D2F7F30 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> F241C880-6982-4CE5-8CF7-7085BA96DA5A =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> 9AA2F32D-362A-42D9-9328-24A483E2CCC3 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> C5FF006E-2AE9-408C-B85B-2DFDD5449D9C =>  -> No File

ContextMenuHandlers1: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [AccExt] -> 2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-06-04] (Adobe Inc. -> )

ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> 2E7A2C6C-B938-40a4-BA1C-C7EC982DC202 => C:Program FilesCommon FilesAutodesk SharedAcShellExAcShellExtension.dll [2019-01-30] (Autodesk, Inc. -> Autodesk)

ContextMenuHandlers1: [DriveFS 28 or later] -> EE15C2BD-CECB-49F8-A113-CA1BFC528F5B =>  -> No File

ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers4: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [DriveFS 28 or later] -> EE15C2BD-CECB-49F8-A113-CA1BFC528F5B =>  -> No File

ContextMenuHandlers5: [ACE] -> 5E2121EE-0300-11D4-8D3B-444553540000 => C:WindowsSystem32atiacm64.dll [2021-06-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

ContextMenuHandlers5: [DriveFS 28 or later] -> EE15C2BD-CECB-49F8-A113-CA1BFC528F5B =>  -> No File

ContextMenuHandlers6: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [AccExt] -> 2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4 => C:Program Files (x86)Common FilesAdobeCoreSyncExtensionCoreSync_x64.dll [2021-06-04] (Adobe Inc. -> )

ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

 

==================== Codecs (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Drivers32: [VIDC.FICV] => C:Windowssystem32ficvdec_x64.dll [652288 2013-05-29] () [File not signed]

HKLM…Drivers32: [VIDC.FICV] => C:WindowsSysWOW64ficvdec_x86.dll [641024 2013-05-29] () [File not signed]

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

Shortcut: C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox Nightly.lnk -> C:Program FilesFirefox Nightlyfirefox.exe (Mozilla Corporation)

ShortcutWithArgument: C:UsersDanDesktopNosWTF (Dan) – Chrome.lnk -> C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=”Default”

ShortcutWithArgument: C:UsersDanDesktopYouTube.lnk -> C:Program FilesGoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=agimnkijcaahngcdmfeangaknmldooml

ShortcutWithArgument: C:UsersDanAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsYouTube.lnk -> C:Program FilesGoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=agimnkijcaahngcdmfeangaknmldooml

ShortcutWithArgument: C:UsersDanAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts69639df789022856Nitro (Dan) – Chrome.lnk -> C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=”Profile 1″

ShortcutWithArgument: C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk -> C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC) -> –load-extension=”C:ProgramData4ede5b3d0b9c80aeec2ecc6ce540b940″

ShortcutWithArgument: C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk -> C:Program Files (x86)MicrosoftEdgeApplicationmsedge.exe (Microsoft Corporation) -> –load-extension=”C:ProgramData4ede5b3d0b9c80aeec2ecc6ce540b940″

 

==================== Loaded Modules (Whitelisted) =============

 

2021-07-31 17:05 – 2021-07-31 11:18 – 000634880 _____ () [File not signed] \?C:Program FilesLGHUBresourcesapp.asar.unpackednode_moduleskeytarbuildReleasekeytar.node

2021-01-06 12:26 – 2021-01-06 12:26 – 000017920 _____ () [File not signed] C:Program FilesAMDCNextCNextlibEGL.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 003567616 _____ () [File not signed] C:Program FilesAMDCNextCNextlibGLESv2.dll

2020-03-19 06:40 – 2020-03-19 06:40 – 000912896 _____ () [File not signed] C:Program FilesAMDPerformance Profile Clientaws-cpp-sdk-core.dll

2020-03-19 06:40 – 2020-03-19 06:40 – 003109888 _____ () [File not signed] C:Program FilesAMDPerformance Profile Clientaws-cpp-sdk-s3.dll

2021-06-17 19:40 – 2021-06-17 19:40 – 001704960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:Program FilesAMDWVROpenVRbinwin64driver_amdwvr.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqgif.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000039424 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqicns.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqico.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000414720 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqjpeg.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000025088 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqsvg.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000024576 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqtga.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000023552 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqwbmp.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000532992 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqwebp.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 001441792 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsplatformsqwindows.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 001189888 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginssqldriversqsqlite.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000134656 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsstylesqwindowsvistastyle.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 006184448 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Core.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 006867456 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Gui.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 000735232 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Multimedia.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 000120832 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5MultimediaQuick.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 001104896 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Network.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 000325120 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Positioning.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 003668480 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Qml.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 000517120 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QmlModels.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 000051712 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QmlWorkerScript.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 004228608 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Quick.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 000171008 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QuickControls2.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 001085440 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QuickTemplates2.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 000480256 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5RemoteObjects.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 000205824 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Sql.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 000329728 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Svg.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 000127488 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebChannel.dll

2021-01-06 12:25 – 2021-01-06 12:25 – 000390656 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebEngine.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 095598080 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebEngineCore.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 005587968 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Widgets.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000462848 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WinExtras.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000188928 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Xml.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 002878464 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5XmlPatterns.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000055808 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtGraphicalEffectsprivateqtgraphicaleffectsprivate.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000059392 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtGraphicalEffectsqtgraphicaleffectsplugin.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000262144 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtMultimediadeclarative_multimedia.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQmlqmlplugin.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuick.2qtquick2plugin.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000284160 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickControls.2qtquickcontrols2plugin.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000333824 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickControlsqtquickcontrolsplugin.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000136704 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickDialogsdialogplugin.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000090112 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickLayoutsqquicklayoutsplugin.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000313856 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickTemplates.2qtquicktemplates2plugin.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickWindow.2windowplugin.dll

2021-01-06 12:26 – 2021-01-06 12:26 – 000091648 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtWebEngineqtwebengineplugin.dll

2021-04-21 09:10 – 2021-04-21 09:10 – 005833216 _____ (University of Tsukuba) [File not signed] C:Program FilesSoftEther VPN ClientVpnGatePlugin_x64.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:ProgramDataReprise:jhqduwvxlctbqqijsf`usjbm`bfjhiqhnhmfh [0]

AlternateDataStreams: C:ProgramDataReprise:jhqduwvxlctbqqijsf`usjbm`pgyjhiqhnhm [0]

 

==================== Safe Mode (Whitelisted) ==================

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKUS-1-5-21-1100201080-1795771759-1847257070-1000SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP

SearchScopes: HKUS-1-5-21-1100201080-1795771759-1847257070-1000 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = 

BHO: IDM integration (IDMIEHlprObj Class) -> 0055C089-8582-441B-A0BF-17B458C2A3A8 -> C:Program Files (x86)Internet Download ManagerIDMIECC64.dll => No File

BHO: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootOffice16OCHelper.dll [2021-07-23] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program FilesJavajre1.8.0_291binssv.dll [2021-06-07] (Oracle America, Inc. -> Oracle Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program FilesJavajre1.8.0_291binjp2ssv.dll [2021-06-07] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: IDM integration (IDMIEHlprObj Class) -> 0055C089-8582-441B-A0BF-17B458C2A3A8 -> C:Program Files (x86)Internet Download ManagerIDMIECC.dll => No File

BHO-x32: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2021-07-23] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKU.DEFAULT…localhost -> localhost

IE trusted site: HKUS-1-5-21-1100201080-1795771759-1847257070-1000…google.com -> hxxps://google.com

IE trusted site: HKUS-1-5-21-1100201080-1795771759-1847257070-1000…localhost -> localhost

IE trusted site: HKUS-1-5-21-1100201080-1795771759-1847257070-500…sharepoint.com -> hxxps://pupedu-files.sharepoint.com

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2021-05-29 11:47 – 2021-07-22 15:24 – 000000822 _____ C:Windowssystem32driversetchosts

 

2021-07-25 22:47 – 2021-07-26 08:45 – 000000443 _____ C:Windowssystem32driversetchosts.ics

172.17.125.177 DESKTOP-43IHF7V.mshome.net # 2026 7 6 25 0 45 19 167

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH;C:Program Filesnodejs;C:Program Files (x86)Bracketscommand

HKUS-1-5-21-1100201080-1795771759-1847257070-1000Control PanelDesktop\Wallpaper -> C:UsersDanAppDataRoamingMicrosoftWindows Photo ViewerWindows Photo Viewer Wallpaper.jpg

HKUS-1-5-21-1100201080-1795771759-1847257070-500Control PanelDesktop\Wallpaper -> C:UsersAdministratorDownloadswallpapereIgMv8P.png

DNS Servers: 8.8.8.8 – 8.8.4.4

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Off)

Windows Firewall is enabled.

 

Network Binding:

=============

Bluetooth Network Connection 3: SoftEther Lightweight Network Protocol -> SeLow (enabled) 

Bluetooth Network Connection 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 

Ethernet: SoftEther Lightweight Network Protocol -> SeLow (disabled) 

Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 

NordLynx: SoftEther Lightweight Network Protocol -> SeLow (enabled) 

NordLynx: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 

OpenVPN TAP-Windows6: SoftEther Lightweight Network Protocol -> SeLow (enabled) 

OpenVPN TAP-Windows6: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 

VPN – VPN Client: SoftEther Lightweight Network Protocol -> SeLow (enabled) 

VPN – VPN Client: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 

Local Area Connection 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 

Local Area Connection 3: SoftEther Lightweight Network Protocol -> SeLow (enabled) 

OpenVPN Wintun: SoftEther Lightweight Network Protocol -> SeLow (enabled) 

OpenVPN Wintun: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 

Local Area Connection 4: SoftEther Lightweight Network Protocol -> SeLow (enabled) 

Local Area Connection 4: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 

Local Area Connection: SoftEther Lightweight Network Protocol -> SeLow (enabled) 

Local Area Connection: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) 

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

MSCONFIGServices: AdAppMgrSvc => 2

MSCONFIGServices: AdskLicensingService => 2

MSCONFIGServices: CloudflareWARP => 2

MSCONFIGServices: FlexNet Licensing Service => 2

MSCONFIGServices: GoogleChromeElevationService => 3

MSCONFIGServices: gupdate => 2

MSCONFIGServices: gupdatem => 3

MSCONFIGServices: ProtonVPN Service => 3

MSCONFIGServices: ProtonVPN Update Service => 3

MSCONFIGServices: SEVPNCLIENT => 2

HKLM…StartupApprovedStartupFolder: => “Cloudflare WARP.lnk”

HKLM…StartupApprovedStartupFolder: => “SoftEther VPN Client Manager Startup.lnk”

HKLM…StartupApprovedStartupFolder: => “Huion Tablet.lnk”

HKLM…StartupApprovedRun: => “SoftEther VPN Client UI Helper”

HKLM…StartupApprovedRun: => “XMouseButtonControl”

HKLM…StartupApprovedRun: => “Riot Vanguard”

HKLM…StartupApprovedRun: => “UrbanVPN”

HKLM…StartupApprovedRun: => “AdobeGCInvoker-1.0”

HKLM…StartupApprovedRun32: => “SunJavaUpdateSched”

HKLM…StartupApprovedRun32: => “TeamsMachineInstaller”

HKLM…StartupApprovedRun32: => “Autodesk Desktop App”

HKLM…StartupApprovedRun32: => “vmware-tray.exe”

HKLM…StartupApprovedRun32: => “Adobe CCXProcess”

HKLM…StartupApprovedRun32: => “Adobe Creative Cloud”

HKUS-1-5-21-1100201080-1795771759-1847257070-1000…StartupApprovedRun: => “com.squirrel.Teams.Teams”

HKUS-1-5-21-1100201080-1795771759-1847257070-1000…StartupApprovedRun: => “Discord”

HKUS-1-5-21-1100201080-1795771759-1847257070-1000…StartupApprovedRun: => “uTorrent”

HKUS-1-5-21-1100201080-1795771759-1847257070-1000…StartupApprovedRun: => “Snap Camera”

HKUS-1-5-21-1100201080-1795771759-1847257070-1000…StartupApprovedRun: => “TabletDriver”

HKUS-1-5-21-1100201080-1795771759-1847257070-1000…StartupApprovedRun: => “electron.app.Guilded”

HKUS-1-5-21-1100201080-1795771759-1847257070-1000…StartupApprovedRun: => “Boom 3D”

HKUS-1-5-21-1100201080-1795771759-1847257070-1000…StartupApprovedRun: => “Windscribe”

HKUS-1-5-21-1100201080-1795771759-1847257070-1000…StartupApprovedRun: => “ut”

HKUS-1-5-21-1100201080-1795771759-1847257070-1000…StartupApprovedRun: => “winkit”

HKUS-1-5-21-1100201080-1795771759-1847257070-1000…StartupApprovedRun: => “CCleaner Smart Cleaning”

HKUS-1-5-21-1100201080-1795771759-1847257070-500…StartupApprovedStartupFolder: => “ShareX.lnk”

HKUS-1-5-21-1100201080-1795771759-1847257070-500…StartupApprovedStartupFolder: => “GenuineService.lnk”

HKUS-1-5-21-1100201080-1795771759-1847257070-500…StartupApprovedRun: => “com.squirrel.Teams.Teams”

HKUS-1-5-21-1100201080-1795771759-1847257070-500…StartupApprovedRun: => “uTorrent”

HKUS-1-5-21-1100201080-1795771759-1847257070-500…StartupApprovedRun: => “CCleaner Smart Cleaning”

HKUS-1-5-21-1100201080-1795771759-1847257070-500…StartupApprovedRun: => “NordVPN”

HKUS-1-5-21-1100201080-1795771759-1847257070-500…StartupApprovedRun: => “Opera GX Browser Assistant”

HKUS-1-5-21-1100201080-1795771759-1847257070-500…StartupApprovedRun: => “PicPick Start”

HKUS-1-5-21-1100201080-1795771759-1847257070-500…StartupApprovedRun: => “Lync”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [81C8067E-3E8B-4BD5-8B87-97D14391F5F6] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [FB783F7D-4D84-42CD-BD1D-E33C8064EED0] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [E662BEA5-846F-45AF-AB1E-CC9D6CD7D7C8] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [D1398F89-4D40-45D7-89E3-8F73F092DF59] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [C965D189-EA2A-4827-B7FD-7F8BD3F80BBC] => (Allow) D:Steamsteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [847F8807-F21B-4612-862A-39BEA29A5133] => (Allow) D:Steamsteamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [A8DFB2EA-B9D3-4C1E-AA12-1606F43A4A93] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query UserB50B19D4-34B8-460D-A06E-5EACF8E76DB8C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe => No File

FirewallRules: [UDP Query User912E3771-409C-4669-8306-A5CEF1197CBCC:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe => No File

FirewallRules: [AD3A36B4-774E-40FA-BB9D-8F24BDCB39EE] => (Allow) C:UsersAdministratorAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [TCP Query User2C0F005D-3BB8-4D57-A519-7A4F770A8E71C:usersadministrator.lunarclientjrezulu8.50.0.53-ca-fx-jre8.0.275-win_x64binjavaw.exe] => (Allow) C:usersadministrator.lunarclientjrezulu8.50.0.53-ca-fx-jre8.0.275-win_x64binjavaw.exe

FirewallRules: [UDP Query UserAAC5248A-3484-47BC-A1BD-65DA64A44CE8C:usersadministrator.lunarclientjrezulu8.50.0.53-ca-fx-jre8.0.275-win_x64binjavaw.exe] => (Allow) C:usersadministrator.lunarclientjrezulu8.50.0.53-ca-fx-jre8.0.275-win_x64binjavaw.exe

FirewallRules: [D515FE1C-84CD-4713-A972-DDABBCB80B49] => (Allow) C:Program FilesSoftEther VPN Clientvpnclient.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)

FirewallRules: [EFDB0D5D-E5A8-4C45-A7FB-C5F727E102BE] => (Allow) C:Program FilesSoftEther VPN Clientvpnclient_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)

FirewallRules: [2B0EFDAA-B299-4C7F-A6A8-F6E5E50228EF] => (Allow) C:Program FilesSoftEther VPN Clientvpncmgr.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)

FirewallRules: [7133EA40-9B9B-4337-AE21-2E0842FD8827] => (Allow) C:Program FilesSoftEther VPN Clientvpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)

FirewallRules: [9638623B-492F-4F8E-8F1C-FA5CF0DC9A92] => (Allow) C:Program FilesSoftEther VPN Clientvpncmd.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)

FirewallRules: [B911835D-50A4-4FF3-9DE0-B82519C95FD9] => (Allow) C:Program FilesSoftEther VPN Clientvpncmd_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)

FirewallRules: [9A16D237-DEB4-4C63-8ACE-949FE371BBD0] => (Allow) D:SteamsteamappscommonAim LabAimLab_tb.exe () [File not signed]

FirewallRules: [0C8B3B2B-9D35-4789-8038-A05BC00DCAA1] => (Allow) D:SteamsteamappscommonAim LabAimLab_tb.exe () [File not signed]

FirewallRules: [TCP Query UserC5FE82C0-40C9-4342-9E3E-FECB4A867141D:jump forcejump_forcebinarieswin64jump_force-win64-shipping.exe] => (Allow) D:jump forcejump_forcebinarieswin64jump_force-win64-shipping.exe => No File

FirewallRules: [UDP Query UserF1D7AEE6-8A21-4B32-886A-6BE0270BAD2CD:jump forcejump_forcebinarieswin64jump_force-win64-shipping.exe] => (Allow) D:jump forcejump_forcebinarieswin64jump_force-win64-shipping.exe => No File

FirewallRules: [0DD6CE9E-0834-41CE-8101-68C93849DD56] => (Allow) D:SteamsteamappscommonSCP Secret LaboratorySCPSL.exe (Hubert Moszka Northwood -> )

FirewallRules: [12CED8C9-83A5-443C-A165-9A38114F6B59] => (Allow) D:SteamsteamappscommonSCP Secret LaboratorySCPSL.exe (Hubert Moszka Northwood -> )

FirewallRules: [6D1B9281-2CB0-4A1A-9941-AE611AC2BCCB] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [832DD732-4240-42B1-8346-AF4A7551B45B] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [TCP Query UserD6BCA32B-A14A-4575-8E7D-80957666B009C:usersdan.lunarclientjrezulu8.50.0.53-ca-fx-jre8.0.275-win_x64binjavaw.exe] => (Allow) C:usersdan.lunarclientjrezulu8.50.0.53-ca-fx-jre8.0.275-win_x64binjavaw.exe => No File

FirewallRules: [UDP Query User616FFA52-3540-42BB-AA38-69D54F80D8ADC:usersdan.lunarclientjrezulu8.50.0.53-ca-fx-jre8.0.275-win_x64binjavaw.exe] => (Allow) C:usersdan.lunarclientjrezulu8.50.0.53-ca-fx-jre8.0.275-win_x64binjavaw.exe => No File

FirewallRules: [TCP Query UserCBD3EB54-BFA1-4DA0-8DB9-0D3447D8708AC:usersadministratorappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersadministratorappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [UDP Query UserB7D48BB1-0A59-4106-A10F-1D1DE61D6F20C:usersadministratorappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersadministratorappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User56DBE550-5497-4472-AE91-FB809ECC928EC:program filesvideolanvlcvlc.exe] => (Allow) C:program filesvideolanvlcvlc.exe (VideoLAN -> VideoLAN)

FirewallRules: [UDP Query User44D04369-226E-4620-89CC-41F96E49E84AC:program filesvideolanvlcvlc.exe] => (Allow) C:program filesvideolanvlcvlc.exe (VideoLAN -> VideoLAN)

FirewallRules: [TCP Query User490AAAAF-8EDA-4042-BDA8-4CB9B8F66F09C:usersdanappdatalocalprogramsnicehash minerminer_pluginseb75e920-94eb-11ea-a64d-17be303ea466bins15.01.15lolminer.exe] => (Allow) C:usersdanappdatalocalprogramsnicehash minerminer_pluginseb75e920-94eb-11ea-a64d-17be303ea466bins15.01.15lolminer.exe => No File

FirewallRules: [UDP Query UserCD0B7132-2C69-458F-9F69-899BA1B499B5C:usersdanappdatalocalprogramsnicehash minerminer_pluginseb75e920-94eb-11ea-a64d-17be303ea466bins15.01.15lolminer.exe] => (Allow) C:usersdanappdatalocalprogramsnicehash minerminer_pluginseb75e920-94eb-11ea-a64d-17be303ea466bins15.01.15lolminer.exe => No File

FirewallRules: [TCP Query User74000B45-8FBC-4B45-8679-99F220F369C2C:usersdanappdatalocalprogramsnicehash minerminer_pluginsfa369d10-94eb-11ea-a64d-17be303ea466bins15.1phoenixminer_5.2e_windowsphoenixminer.exe] => (Allow) C:usersdanappdatalocalprogramsnicehash minerminer_pluginsfa369d10-94eb-11ea-a64d-17be303ea466bins15.1phoenixminer_5.2e_windowsphoenixminer.exe => No File

FirewallRules: [UDP Query User6AE2B404-502A-41DF-A822-F67C7E05632BC:usersdanappdatalocalprogramsnicehash minerminer_pluginsfa369d10-94eb-11ea-a64d-17be303ea466bins15.1phoenixminer_5.2e_windowsphoenixminer.exe] => (Allow) C:usersdanappdatalocalprogramsnicehash minerminer_pluginsfa369d10-94eb-11ea-a64d-17be303ea466bins15.1phoenixminer_5.2e_windowsphoenixminer.exe => No File

FirewallRules: [TCP Query User5E30B58E-5ADA-47C9-944C-09EE12FEAEDAC:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe

FirewallRules: [UDP Query User6F9D892F-BF45-43B6-AD95-DB0A47276A94C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe

FirewallRules: [TCP Query User9184A337-E0C2-44FE-B1C9-ABB2220498A3C:programdatabadlionclientjre1.8.0_202binjava.exe] => (Allow) C:programdatabadlionclientjre1.8.0_202binjava.exe

FirewallRules: [UDP Query User285B4539-6F82-4B74-8AC7-DBB006CD87B0C:programdatabadlionclientjre1.8.0_202binjava.exe] => (Allow) C:programdatabadlionclientjre1.8.0_202binjava.exe

FirewallRules: [TCP Query UserF98A10DB-75A4-4750-BF4A-623AA24AB7DAD:torque.drifttorque drifttorquedrift.exe] => (Allow) D:torque.drifttorque drifttorquedrift.exe => No File

FirewallRules: [UDP Query User50B44E47-5536-4AE4-A7A0-15B1D894C5BDD:torque.drifttorque drifttorquedrift.exe] => (Allow) D:torque.drifttorque drifttorquedrift.exe => No File

FirewallRules: [TCP Query User02E2148B-753A-486B-ADF9-998AEAC6F7CAC:program filesjavajre1.8.0_281binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_281binjavaw.exe => No File

FirewallRules: [UDP Query User217DD162-1610-4893-A288-B4E376A3CB75C:program filesjavajre1.8.0_281binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_281binjavaw.exe => No File

FirewallRules: [TCP Query User8B9FF986-4D74-4DE9-939E-C96C60F30EC9C:usersdanappdataroamingoffline cheatbreakerjrebinjava.exe] => (Allow) C:usersdanappdataroamingoffline cheatbreakerjrebinjava.exe

FirewallRules: [UDP Query User9D87A13B-53BC-4055-B35B-D1284896B4A4C:usersdanappdataroamingoffline cheatbreakerjrebinjava.exe] => (Allow) C:usersdanappdataroamingoffline cheatbreakerjrebinjava.exe

FirewallRules: [TCP Query User8B32B900-1FDD-4FC5-B386-36920911AEDEC:usersdanappdatalocalprogramsbandlab-assistantbandlab assistant.exe] => (Allow) C:usersdanappdatalocalprogramsbandlab-assistantbandlab assistant.exe (BandLab Singapore Pte Ltd. -> BandLab Technologies)

FirewallRules: [UDP Query UserFD289B0A-D64A-4B0A-B496-89F372F7DBCAC:usersdanappdatalocalprogramsbandlab-assistantbandlab assistant.exe] => (Allow) C:usersdanappdatalocalprogramsbandlab-assistantbandlab assistant.exe (BandLab Singapore Pte Ltd. -> BandLab Technologies)

FirewallRules: [9F0B45E8-E606-4464-A329-51D89FF8DAF8] => (Allow) D:SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [0CA29436-D315-4E3A-BB98-5EBB9687912B] => (Allow) D:SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [TCP Query UserDC7816BC-3F8B-4823-BA1D-71219CE679C5C:usersadministratorappdatalocalcitranightly-mingwcitra-qt.exe] => (Allow) C:usersadministratorappdatalocalcitranightly-mingwcitra-qt.exe => No File

FirewallRules: [UDP Query User02A3127D-07D7-4A28-977D-3C8D118893CAC:usersadministratorappdatalocalcitranightly-mingwcitra-qt.exe] => (Allow) C:usersadministratorappdatalocalcitranightly-mingwcitra-qt.exe => No File

FirewallRules: [D31CFFDE-6E17-4623-AD2E-6F159078D107] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [434919F2-8C41-4861-B641-7BE57C24E8C9] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [TCP Query User3849499E-5DF4-4CA1-815C-B86D46ABE308C:program filestixatitixati.exe] => (Allow) C:program filestixatitixati.exe => No File

FirewallRules: [UDP Query UserCD130674-A89B-40C7-B935-0184BABAE8A5C:program filestixatitixati.exe] => (Allow) C:program filestixatitixati.exe => No File

FirewallRules: [739C0008-C3D9-4670-B821-35B4913DCF90] => (Allow) C:UsersDanAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [9D3CC26B-5D78-46F3-B622-87451731ED08] => (Allow) C:UsersDanAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [38F621EE-8082-4A50-8C12-DB1BAC5EB1D8] => (Allow) C:UsersDanAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [35CF3EE4-A12D-4A49-81A0-8A7BBFBCD674] => (Allow) C:UsersDanAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [C6FF14EB-B0F5-4DDD-9644-D7B545B9B166] => (Allow) C:UsersDanAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [36C5E0E8-5650-4969-8C35-FCD653BD3926] => (Allow) C:UsersDanAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [TCP Query User9EB72E9B-81E5-423A-801A-99E63F26EC3AC:usersdanappdataroaming.minecraftsigmajre1.8.0_202binjava.exe] => (Allow) C:usersdanappdataroaming.minecraftsigmajre1.8.0_202binjava.exe => No File

FirewallRules: [UDP Query User3D4E502A-E01D-4158-837C-2ADB6FE412CFC:usersdanappdataroaming.minecraftsigmajre1.8.0_202binjava.exe] => (Allow) C:usersdanappdataroaming.minecraftsigmajre1.8.0_202binjava.exe => No File

FirewallRules: [TCP Query User85EB893F-772C-43CA-8D8F-D5ED786BE419D:gamesneed.for.speed.heat-p2pneed for speed heatneedforspeedheat.exe] => (Allow) D:gamesneed.for.speed.heat-p2pneed for speed heatneedforspeedheat.exe => No File

FirewallRules: [UDP Query UserB6FC0864-8E08-471D-A65A-11D88C8B3C9AD:gamesneed.for.speed.heat-p2pneed for speed heatneedforspeedheat.exe] => (Allow) D:gamesneed.for.speed.heat-p2pneed for speed heatneedforspeedheat.exe => No File

FirewallRules: [865BC969-0058-441B-90B8-796CA78C4950] => (Allow) D:SteamsteamappscommonTeam Fortress 2hl2.exe (Valve -> )

FirewallRules: [7D0A78AF-B4C5-42DC-94A0-7D6F50EB07FA] => (Allow) D:SteamsteamappscommonTeam Fortress 2hl2.exe (Valve -> )

FirewallRules: [TCP Query UserF4D7FA70-DB72-4FCD-B584-9F8C325EF631C:program files (x86)bracketsnode.exe] => (Allow) C:program files (x86)bracketsnode.exe (Adobe Inc. -> Node.js)

FirewallRules: [UDP Query User3B2B79AD-114C-4256-9559-AEDC4041C8F8C:program files (x86)bracketsnode.exe] => (Allow) C:program files (x86)bracketsnode.exe (Adobe Inc. -> Node.js)

FirewallRules: [F17A189A-FD6F-483D-BBEF-4DE7FD35B4A0] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [3BF19233-4EAF-476B-A0A6-002B36503364] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [8FDF7FA0-D701-49A4-A763-AF3385750F93] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [18FFE7A8-3B20-4CA6-A853-CBD9AC55FC75] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [915C4688-46C5-4646-8128-F09B8E54BCB6] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [9AA47BBE-950E-419F-BA5D-ECE8AC72E50F] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [58E65C1A-A523-4E99-B7E9-36EBA898F6BC] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [EA1C7FBC-378E-4CE8-AF6B-CD6688487674] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User98B5772F-55DA-441E-ACE5-9342A76926D7C:usersdan.lunarclientjrezulu8.52.0.23-ca-fx-jre8.0.282-win_x64binjavaw.exe] => (Allow) C:usersdan.lunarclientjrezulu8.52.0.23-ca-fx-jre8.0.282-win_x64binjavaw.exe => No File

FirewallRules: [UDP Query User3BE181CD-0965-4317-A1BA-57179ED3BA99C:usersdan.lunarclientjrezulu8.52.0.23-ca-fx-jre8.0.282-win_x64binjavaw.exe] => (Allow) C:usersdan.lunarclientjrezulu8.52.0.23-ca-fx-jre8.0.282-win_x64binjavaw.exe => No File

FirewallRules: [TCP Query UserB31D4181-B5D3-4679-A987-C317E07E53CAD:intelijintellij idea 2021.1binidea64.exe] => (Allow) D:intelijintellij idea 2021.1binidea64.exe => No File

FirewallRules: [UDP Query User7567EDF8-76B0-40CC-A836-A83299469AE7D:intelijintellij idea 2021.1binidea64.exe] => (Allow) D:intelijintellij idea 2021.1binidea64.exe => No File

FirewallRules: [3D6F4E9D-74DA-4C17-933F-D0EBEC99D85F] => (Allow) LPort=3306

FirewallRules: [1A6CB432-9C19-43EA-88D7-C28C9ECAA06B] => (Allow) LPort=33060

FirewallRules: [TCP Query User6F4C7262-EE1A-4AED-A12C-3FAD3068EFAAD:javaeclispeeclipseeclipse.exe] => (Allow) D:javaeclispeeclipseeclipse.exe (Eclipse.org Foundation, Inc. -> )

FirewallRules: [UDP Query UserD3BFEFAB-4640-4920-9CD8-FB51ADC6C17CD:javaeclispeeclipseeclipse.exe] => (Allow) D:javaeclispeeclipseeclipse.exe (Eclipse.org Foundation, Inc. -> )

FirewallRules: [B46DBD3D-0DE4-42D6-A7AC-D2964C527A26] => (Allow) C:Program FilesBlueStacksHD-Player.exe => No File

FirewallRules: [9A7DAAE2-FF11-409C-A2FA-69806C413585] => (Allow) C:Program FilesFirefox Nightlyfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [95DF1776-15C9-4B5E-B625-F5F9374F87A4] => (Allow) C:Program FilesFirefox Nightlyfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [TCP Query User8868B3F7-0866-4E46-BC21-774331DA5097C:program filesbadlion clientbadlion client.exe] => (Allow) C:program filesbadlion clientbadlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)

FirewallRules: [UDP Query UserFAF1353E-7890-4316-BF16-D7459487AC13C:program filesbadlion clientbadlion client.exe] => (Allow) C:program filesbadlion clientbadlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)

FirewallRules: [TCP Query User417CAFE4-193D-4BC3-A1E6-C3C2321CF812C:programdatabadlionclientjre1.8.0_202binjavaw.exe] => (Allow) C:programdatabadlionclientjre1.8.0_202binjavaw.exe

FirewallRules: [UDP Query User28E6FC98-06F4-41DB-A840-0445B6D8A4D8C:programdatabadlionclientjre1.8.0_202binjavaw.exe] => (Allow) C:programdatabadlionclientjre1.8.0_202binjavaw.exe

FirewallRules: [TCP Query UserEFF18012-ED11-4C9F-B40A-49C13AE3910BC:program filesbadlion clientbadlion client.exe] => (Allow) C:program filesbadlion clientbadlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)

FirewallRules: [UDP Query User45910905-4C96-4F74-9320-84091851B4DAC:program filesbadlion clientbadlion client.exe] => (Allow) C:program filesbadlion clientbadlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)

FirewallRules: [TCP Query UserDF51A269-4411-4590-B41E-8CD7E0C0186EC:programdatabadlionclientjre1.8.0_202binjavaw.exe] => (Allow) C:programdatabadlionclientjre1.8.0_202binjavaw.exe

FirewallRules: [UDP Query User63ED66EF-D7A1-452E-AF44-457B0CE6411DC:programdatabadlionclientjre1.8.0_202binjavaw.exe] => (Allow) C:programdatabadlionclientjre1.8.0_202binjavaw.exe

FirewallRules: [TCP Query User81D25692-B211-4955-8535-01FE77547CC0C:program files (x86)vbvoicemeetervoicemeeter.exe] => (Allow) C:program files (x86)vbvoicemeetervoicemeeter.exe (Vincent Burel -> VB-AUDIO Software)

FirewallRules: [UDP Query User17A0D93F-7765-4790-9008-8D1CD259517AC:program files (x86)vbvoicemeetervoicemeeter.exe] => (Allow) C:program files (x86)vbvoicemeetervoicemeeter.exe (Vincent Burel -> VB-AUDIO Software)

FirewallRules: [TCP Query User358E5365-A68B-418C-A198-362A0AF7E8A7C:program filesjavajre1.8.0_291binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_291binjavaw.exe

FirewallRules: [UDP Query UserF66CC8F5-8B2D-4397-8A98-160E2FE37B52C:program filesjavajre1.8.0_291binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_291binjavaw.exe

FirewallRules: [TCP Query User484F18AE-AFDF-4FA7-8A4B-13ABED36D422D:genshin impactgenshin impact gamegenshinimpact.exe] => (Allow) D:genshin impactgenshin impact gamegenshinimpact.exe (miHoYo Co.,Ltd. -> )

FirewallRules: [UDP Query UserB130759A-08AD-45D9-88F4-2451D71B7B98D:genshin impactgenshin impact gamegenshinimpact.exe] => (Allow) D:genshin impactgenshin impact gamegenshinimpact.exe (miHoYo Co.,Ltd. -> )

FirewallRules: [TCP Query UserB402FFA6-0DDB-49D4-98DB-3C2F082A3AF2C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe

FirewallRules: [UDP Query User4DF77F43-F5CB-4F25-B98D-1C0DF1B82F35C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe

FirewallRules: [TCP Query User95B2408D-598C-49EE-839E-B734203C7BABC:program filesjavajdk-15.0.2binjavaw.exe] => (Allow) C:program filesjavajdk-15.0.2binjavaw.exe => No File

FirewallRules: [UDP Query User7B53BB70-F5BE-49FF-B1E7-242AE9E7C835C:program filesjavajdk-15.0.2binjavaw.exe] => (Allow) C:program filesjavajdk-15.0.2binjavaw.exe => No File

FirewallRules: [F30E1C50-C722-4766-94A2-4DBFC2D9EC94] => (Allow) C:Program FilesCloudflareCloudflare WARPwarp-svc.exe (Cloudflare, Inc. -> )

FirewallRules: [TCP Query User3AAE31F8-4992-4F8C-A1B0-9F937D48BB18C:programdatabadlionclientjre1.16.0_1binjavaw.exe] => (Allow) C:programdatabadlionclientjre1.16.0_1binjavaw.exe

FirewallRules: [UDP Query UserF01C3CDD-7AD3-4EC9-849C-C6FEA8AAFD5BC:programdatabadlionclientjre1.16.0_1binjavaw.exe] => (Allow) C:programdatabadlionclientjre1.16.0_1binjavaw.exe

FirewallRules: [TCP Query User5905F596-A570-443D-A142-DB38450D671AC:usersdan.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe] => (Allow) C:usersdan.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe

FirewallRules: [UDP Query User8CEF8322-4B3C-4FDF-9F57-D575E691D805C:usersdan.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe] => (Allow) C:usersdan.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe

FirewallRules: [TCP Query User39B86EB7-72D2-4BB5-AE31-058B7F59C3C0C:usersdanappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe] => (Allow) C:usersdanappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe

FirewallRules: [UDP Query User8A6D0B85-97DF-4F11-B6C7-76A29BFB9176C:usersdanappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe] => (Allow) C:usersdanappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe

FirewallRules: [TCP Query UserA111351F-0C3A-42CF-A813-B19A726C537CC:program filesjavajdk1.8.0_202binjava.exe] => (Allow) C:program filesjavajdk1.8.0_202binjava.exe => No File

FirewallRules: [UDP Query User8CF79C8B-48B2-4F28-B8C9-EF22939BCEF6C:program filesjavajdk1.8.0_202binjava.exe] => (Allow) C:program filesjavajdk1.8.0_202binjava.exe => No File

FirewallRules: [A2D4D694-1845-4B91-8E33-C67ED81183E3] => (Allow) C:Program Files (x86)Popcorn TimeUpdater.exe (Popcorn Time) [File not signed]

FirewallRules: [54607048-4CBF-4068-B1C1-E1E0CFA58BC3] => (Allow) C:Program Files (x86)Popcorn TimeUpdater.exe (Popcorn Time) [File not signed]

FirewallRules: [E9F26B9C-ABB2-4346-BAB4-702360CD1413] => (Allow) C:Program Files (x86)Popcorn TimePopcornTimeDesktop.exe () [File not signed]

FirewallRules: [707B90D1-ECC9-4EEE-903C-CF359CA9DC22] => (Allow) C:Program Files (x86)Popcorn TimePopcornTimeDesktop.exe () [File not signed]

FirewallRules: [0751F015-42A6-4E2A-BD09-CF0971CC4B58] => (Allow) C:Program Files (x86)Popcorn Timenodejsnode.exe (Node.js Foundation -> Node.js)

FirewallRules: [01B16CF0-06C1-4937-A0A3-3EE4EDC40733] => (Allow) C:Program Files (x86)Popcorn Timenodejsnode.exe (Node.js Foundation -> Node.js)

FirewallRules: [28AE559B-7A66-45BE-9F1E-6B9A7F7BAF94] => (Allow) C:Program Files (x86)Popcorn Timechromecastnode.exe (Joyent Inc -> Joyent, Inc)

FirewallRules: [54B7B241-7135-43FE-B05E-D6FBF2940B4B] => (Allow) C:Program Files (x86)Popcorn Timechromecastnode.exe (Joyent Inc -> Joyent, Inc)

FirewallRules: [8AD5CE36-F95F-4746-9DFB-5DF0E47EC201] => (Allow) C:UsersAdministratorAppDataLocalProgramssafe-watchsafe-watch.exe (OPEN VIDEO, TOV -> GitHub, Inc.)

FirewallRules: [D1ACD2F1-0803-4A4B-B201-D3187BA16F2F] => (Allow) C:UsersDanAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [9B554836-B400-4586-AC5E-35F7DBDDC78C] => (Allow) C:UsersDanAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [TCP Query UserB13AD28E-B8AD-4BDB-86A9-8C0FD795D969C:program fileslghublghub_agent.exe] => (Allow) C:program fileslghublghub_agent.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [UDP Query User92F11454-FB65-4992-A3FC-57B9F1C75B17C:program fileslghublghub_agent.exe] => (Allow) C:program fileslghublghub_agent.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [TCP Query User7C4F8552-A042-4F4F-BA3A-D094109899B9C:riot gamesriot clientriotclientservices.exe] => (Allow) C:riot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [UDP Query User77595358-752F-48B9-9276-C7BB6603DB59C:riot gamesriot clientriotclientservices.exe] => (Allow) C:riot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [E82079CD-4734-4826-93AE-E0D69D0CF311] => (Allow) C:UsersAdministratorAppDataLocalProgramsOpera GX77.0.4054.257opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [074DE57F-277F-4634-BCB9-EE18A97EF834] => (Allow) C:UsersAdministratorAppDataLocalProgramsOpera GX77.0.4054.275opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [DB23CF69-B880-4D2D-9252-DDFA50F6D684] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [07DC1FFC-D517-4E02-A03B-6112821CBEB5] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [2FAF489C-A90E-4B37-A625-019211D9FD91] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [52437639-0069-4B02-A7C1-BFCDD0FEC29B] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User80389905-651C-4512-B015-C0D7740FF5D7C:usersdanappdataroaming.minecraftruntimejre-legacywindowsjre-legacybinjavaw.exe] => (Allow) C:usersdanappdataroaming.minecraftruntimejre-legacywindowsjre-legacybinjavaw.exe

FirewallRules: [UDP Query UserA0A247F6-3D4B-4E38-BE9A-47B456A8F514C:usersdanappdataroaming.minecraftruntimejre-legacywindowsjre-legacybinjavaw.exe] => (Allow) C:usersdanappdataroaming.minecraftruntimejre-legacywindowsjre-legacybinjavaw.exe

FirewallRules: [TCP Query User97931313-7068-4409-A822-4A89619EBB31C:usersdandownloadspenumbra launcherruntimejre1.8.0_51binjava.exe] => (Allow) C:usersdandownloadspenumbra launcherruntimejre1.8.0_51binjava.exe

FirewallRules: [UDP Query User455C86D3-85FF-48F5-9529-94C726F61BE5C:usersdandownloadspenumbra launcherruntimejre1.8.0_51binjava.exe] => (Allow) C:usersdandownloadspenumbra launcherruntimejre1.8.0_51binjava.exe

FirewallRules: [E1E1BB9E-3068-432F-96DB-7E452C91CDBD] => (Allow) C:Program FilesBraveSoftwareBrave-BrowserApplicationbrave.exe (Brave Software, Inc. -> Brave Software, Inc.)

FirewallRules: [TCP Query User3E33F74B-53C6-49F8-BADF-7F7F3E8D4728C:usersdanappdatalocalprogramsopera gx77.0.4054.275opera.exe] => (Allow) C:usersdanappdatalocalprogramsopera gx77.0.4054.275opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [UDP Query User036B6833-1918-4B8B-98E6-6D46B9238AF6C:usersdanappdatalocalprogramsopera gx77.0.4054.275opera.exe] => (Allow) C:usersdanappdatalocalprogramsopera gx77.0.4054.275opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [45979927-7BC2-492D-AA17-5F410A47E6DE] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication92.0.902.62msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [64D80890-A07D-4733-81BA-F96F2E82E5A9] => (Allow) C:UsersAdministratorAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [893BA1DE-0408-436F-BC80-9686BD4BDAD9] => (Allow) C:UsersAdministratorAppDataRoamingZoombinairhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [02B3AD38-2F9D-4528-B84B-89A6DBA53864] => (Allow) C:UsersAdministratorAppDataRoamingZoombinairhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [6A0265D9-130B-497D-B864-55FB027BBF66] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

 

==================== Restore Points =========================

 

25-07-2021 09:28:36 rsre

25-07-2021 19:04:47 Windows Modules Installer

26-07-2021 10:28:39 Windows Modules Installer

27-07-2021 11:44:18 Installed DirectX

05-08-2021 09:10:26 restorepoint

 

==================== Faulty Device Manager Devices ============

 

Name: High precision event timer

Description: High precision event timer

Class Guid: 4d36e97d-e325-11ce-bfc1-08002be10318

Manufacturer: (Standard system devices)

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: NordLynx Tunnel

Description: NordLynx Tunnel

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (08/05/2021 09:49:41 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2021-08-06T01:04:41Z. Error Code: 0x80070002.

 

Error: (08/05/2021 09:49:11 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2021-08-06T01:05:11Z. Error Code: 0x80070002.

 

Error: (08/05/2021 09:48:41 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2021-08-06T01:04:41Z. Error Code: 0x80070002.

 

Error: (08/05/2021 09:48:11 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2021-08-06T01:05:11Z. Error Code: 0x80070002.

 

Error: (08/05/2021 09:47:41 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2021-08-06T01:04:41Z. Error Code: 0x80070002.

 

Error: (08/05/2021 09:47:11 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2021-08-06T01:05:11Z. Error Code: 0x80070002.

 

Error: (08/05/2021 09:46:41 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2021-08-06T01:04:41Z. Error Code: 0x80070002.

 

Error: (08/05/2021 09:46:11 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )

Description: Failed to schedule Software Protection service for re-start at 2021-08-06T01:05:11Z. Error Code: 0x80070002.

 

 

System errors:

=============

Error: (08/05/2021 09:26:43 AM) (Source: DCOM) (EventID: 10010) (User: WIN-KGJ2DPDON1K)

Description: The server 7022A3B3-D004-4F52-AF11-E9E987FEE25F did not register with DCOM within the required timeout.

 

Error: (08/05/2021 09:24:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Perception Service service terminated unexpectedly.  It has done this 5 time(s).  The following corrective action will be taken in 1000 milliseconds: Run the configured recovery program.

 

Error: (08/05/2021 09:24:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Perception Service service terminated unexpectedly.  It has done this 4 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

 

Error: (08/05/2021 09:24:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Perception Service service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

 

Error: (08/05/2021 09:24:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Perception Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

 

Error: (08/05/2021 09:24:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Perception Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

 

Error: (08/05/2021 09:24:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Ds3Service service failed to start due to the following error: 

The system cannot find the file specified.

 

Error: (08/05/2021 09:23:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The OpenSSH SSH Server service terminated unexpectedly.  It has done this 1 time(s).

 

 

Windows Defender:

================

Date: 2021-07-25 06:58:27.332

Description: 

Windows Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: HackTool:Win64/AutoKMS

Severity: High

Category: Tool

Path: file:_C:WindowsSECOH-QAD.dll; file:_C:WindowsSECOH-QAD.exe

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: System

Process Name: Unknown

Security intelligence Version: AV: 1.343.1565.0, AS: 1.343.1565.0, NIS: 1.343.1565.0

Engine Version: AM: 1.1.18300.4, NIS: 1.1.18300.4

 

Date: 2021-07-22 14:30:17.075

Description: 

Windows Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: TrojanDropper:BAT/MalVbsDrper.C

Severity: Severe

Category: Trojan Dropper

Path: file:_D:DownloadsGCApplicationsBatch_ReachcLEANER.bat

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: Real-Time Protection

Process Name: C:Windowsexplorer.exe

Security intelligence Version: AV: 1.343.1433.0, AS: 1.343.1433.0, NIS: 1.343.1433.0

Engine Version: AM: 1.1.18300.4, NIS: 1.1.18300.4

 

Date: 2021-07-17 15:29:10.717

Description: 

Windows Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: HackTool:Win64/AutoKMS

Severity: High

Category: Tool

Path: file:_C:WindowsSECOH-QAD.dll; file:_C:WindowsSECOH-QAD.exe

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: User

Process Name: Unknown

Security intelligence Version: AV: 1.343.1149.0, AS: 1.343.1149.0, NIS: 1.343.1149.0

Engine Version: AM: 1.1.18300.4, NIS: 1.1.18300.4

 

Date: 2021-07-31 17:16:07.822

Description: 

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.343.1963.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.18300.4

Error code: 0x80072ee7

Error description: The server name or address could not be resolved 

 

Date: 2021-07-31 17:16:07.821

Description: 

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.343.1963.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiSpyware

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.18300.4

Error code: 0x80072ee7

Error description: The server name or address could not be resolved 

 

Date: 2021-07-31 17:16:07.820

Description: 

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.343.1963.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.18300.4

Error code: 0x80072ee7

Error description: The server name or address could not be resolved 

 

Date: 2021-07-31 17:16:07.813

Description: 

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.343.1963.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.18300.4

Error code: 0x80072ee7

Error description: The server name or address could not be resolved 

 

Date: 2021-07-31 17:16:07.813

Description: 

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version: 

Previous security intelligence Version: 1.343.1963.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiSpyware

Update Type: Full

Current Engine Version: 

Previous Engine Version: 1.1.18300.4

Error code: 0x80072ee7

Error description: The server name or address could not be resolved 

 

==================== Memory info =========================== 

 

BIOS: American Megatrends Inc. P3.30 07/31/2019

Motherboard: ASRock A320M-HDV R4.0

Processor: AMD Ryzen 3 3200G with Radeon Vega Graphics 

Percentage of memory in use: 37%

Total physical RAM: 14264.89 MB

Available physical RAM: 8948.35 MB

Total Virtual: 17592.89 MB

Available Virtual: 10872.48 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:111.18 GB) (Free:18.38 GB) NTFS

Drive d: (Games) (Fixed) (Total:465.75 GB) (Free:175.55 GB) NTFS

 

\?Volume311d18b5-4eec-4494-9c4e-c23e4bd8fb6b () (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS

\?Volumef7c123fe-6972-406b-a451-77a60fa84741 () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

 

Partition: GPT.

 

==========================================================

Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

 

Partition: GPT.

 

==================== End of Addition.txt =======================

Next Post

Best internet service provider in El Paso 2021

If you’re a resident of El Paso, you’re in luck: as the 20th largest city in the U.S., El Paso has multiple internet service providers (ISPs) competing for your business. Finding the best one for your own particular needs requires some research — starting with this review.  You can choose […]