Malwarebytes is finding 16/18 files either PUP.Optional.Conduit, Adware.eLex.shrClin and PUP.Optional.Conduit.Trovigo.
There are no notable symptoms of these adware but they may be being blocked by my adblocker.
Malwarebytes quarantines and removes them but they reappear (I think whenever I use chrome although I am not certain).
Any help identifying how to remove these permanently would be much appreciated.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-06-2020
Ran by cgrog (administrator) on DESKTOP-263AI8E (Gigabyte Technology Co., Ltd. Z270-Gaming K3) (27-06-2020 16:45:38)
Running from C:\Users\cgrog\Downloads
Loaded Profiles: cgrog
Platform: Windows 10 Home Version 1903 18362.836 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Discord Inc. -> Discord Inc.) C:\Users\cgrog\AppData\Local\Discord\app-0.0.306\Discord.exe <4>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\cgrog\AppData\Local\FluxSoftware\Flux\flux.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) [File not signed] [File is in use] C:\Program Files (x86)\netis\PCIE Wireless LAN\RtWLan.exe
(Realtek) [File not signed] [File is in use] C:\Program Files (x86)\netis\PCIE Wireless LAN\RtlService.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-06-24] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2237256 2020-03-13] (voidtools -> voidtools)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Run: [Spotify] => C:\Users\cgrog\AppData\Roaming\Spotify\Spotify.exe [22151072 2020-01-09] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Run: [Discord] => C:\Users\cgrog\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Run: [Ubisoft Game Launcher] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe [471360 2020-06-26] (Ubisoft Entertainment Sweden AB -> Ubisoft)
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [8030280 2020-03-30] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Run: [f.lux] => C:\Users\cgrog\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35960720 2019-11-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91585088 2020-03-31] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\MountPoints2: {0031cdd9-0d4f-11ea-9b15-e0d55e2ddd38} - "F:\setup.exe"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\MountPoints2: {0031cdf7-0d4f-11ea-9b15-e0d55e2ddd38} - "F:\setup.exe"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\MountPoints2: {13336801-0009-11ea-9b05-e0d55e2ddd38} - "F:\setup.exe"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\MountPoints2: {1bf507ee-0ccf-11ea-9b13-503eaa619505} - "F:\setup.exe"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\MountPoints2: {3c5aadea-f25a-11e9-9afe-e0d55e2ddd38} - "F:\setup.exe"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\MountPoints2: {576ca0fe-120b-11ea-9b15-e0d55e2ddd38} - "F:\setup.exe"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\MountPoints2: {5ca27a4f-e304-11e9-9af6-e0d55e2ddd38} - "F:\setup.exe"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\MountPoints2: {5ca27acf-e304-11e9-9af6-e0d55e2ddd38} - "F:\setup.exe"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\MountPoints2: {8e7dfc87-18f1-11ea-9b18-e0d55e2ddd38} - "F:\setup.exe"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\MountPoints2: {d81490d1-02cb-11ea-9b08-e0d55e2ddd38} - "F:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-27] (Google LLC -> Google LLC)
Startup: C:\Users\cgrog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-04-19]
ShortcutTarget: MEGAsync.lnk -> C:\Users\cgrog\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1BF7AA37-D79D-4E9A-AB40-1E3DF606AB3D} - System32\Tasks\ExclusiveTool => C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe [19968 2016-10-04] (InputMapper) [File not signed] [File is in use]
Task: {390B94F7-43B1-497F-B67E-5D89C9756E21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3EF687A2-5813-4190-BE08-75F96C6681EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-02] (Google Inc -> Google Inc.)
Task: {66E56C01-8DAC-4C10-A287-6C2BD08F0D36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70175117-96E3-4EFB-BDB8-BB3C261FE8C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-02] (Google Inc -> Google Inc.)
Task: {83518E0E-E3B2-4F62-8334-33C6BE812C95} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-124992116-1282473561-228682095-1001 => C:\Users\cgrog\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited)
Task: {997D49D9-2ED0-46B6-B82A-5C90958F5B54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C00CBED4-F8A9-4549-8205-3DA500394C75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F12B2978-0D4A-4D83-A4A6-AD25A1D1A2CD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{214a5e8e-2231-430e-9244-233f0e0dcd38}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4512021b-51b8-4399-aaed-eac94017d9ef}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{68d0d5ac-6623-46c7-8027-d0af370dcd59}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e2b89edd-c989-4abd-8735-0403cd6265b6}: [DhcpNameServer] 192.168.0.254 192.168.0.254
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-05] (Oracle America, Inc. -> Oracle Corporation)
Edge:
======
Edge Profile: C:\Users\cgrog\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-27]
FireFox:
========
FF DefaultProfile: u6s9dvft.default
FF ProfilePath: C:\Users\cgrog\AppData\Roaming\Mozilla\Firefox\Profiles\u6s9dvft.default [2020-04-13]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-30] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-124992116-1282473561-228682095-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\cgrog\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-13] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default [2020-06-27]
CHR Notifications: Default -> hxxps://calendar.google.com
CHR HomePage: Default -> hxxp://www.reddit.com/
CHR StartupUrls: Default -> "hxxp://www.trovigo.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP55C94456-270B-49D0-8F2C-C2D8B4343377&SSPV=SE1CG2_sp_ch","hxxp://www.mystartsearch.com/?type=hp&ts=1429455458&from=wpc&uid=HitachiXHTS541010A9E680_J5400071HHSK7CHHSK7CX","hxxps://www.google.com/"
CHR Extension: (Slides) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-02]
CHR Extension: (Docs) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-02]
CHR Extension: (Google Drive) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-02]
CHR Extension: (YouTube) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-02]
CHR Extension: (uBlock Origin) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-06-27]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2020-06-26]
CHR Extension: (Sheets) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-02]
CHR Extension: (Google Keep - Notes and Lists) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2020-06-26]
CHR Extension: (gScholar for Google Apps & Chrome) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnecgbocmpbaikjjielniibkjcbiaeao [2018-02-02]
CHR Extension: (Dropbox) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2018-03-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-28]
CHR Extension: (Chrome Media Router) - C:\Users\cgrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-26]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-04-22] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2019-12-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-12-12] (Foxit Software Incorporated -> Foxit Software Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1242696 2020-03-30] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-03-30] (GOG Sp. z o.o. -> GOG.com)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Realtek88EE; C:\Program Files (x86)\netis\PCIE Wireless LAN\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed] [File is in use]
S2 RTLDHCPService; C:\Program Files (x86)\netis\PCIE Wireless LAN\RTLDHCP.exe [261848 2013-11-12] (Realtek Semiconductor Corp -> Realtek)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9824296 2020-06-24] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-15] (Microsoft Corporation) [File not signed] [File is in use]
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [33592 2020-03-17] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [229432 2020-03-17] (DEV47 APPS -> Dev47Apps)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2019-03-19] (Microsoft Windows -> Qualcomm Atheros, Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2020-06-27] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvlddmkm.sys [23439288 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [9860088 2019-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 SaiK5263; C:\WINDOWS\system32\DRIVERS\SaiK5263.sys [182224 2017-02-07] (Mad Catz Inc -> Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23760 2017-02-07] (Mad Catz Inc -> Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51408 2017-02-07] (Mad Catz Inc -> Saitek)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6472256 2020-06-24] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [401120 2020-06-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-26] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-27 16:46 - 2020-06-27 16:46 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-27 16:45 - 2020-06-27 16:47 - 000021599 _____ C:\Users\cgrog\Downloads\FRST.txt
2020-06-27 16:36 - 2020-06-27 16:47 - 000000000 ____D C:\FRST
2020-06-27 16:35 - 2020-06-27 16:36 - 002291200 _____ (Farbar) C:\Users\cgrog\Downloads\FRST64.exe
2020-06-27 16:23 - 2020-06-27 16:40 - 000000000 ____D C:\AdwCleaner
2020-06-27 16:23 - 2020-06-27 16:23 - 008402608 _____ (Malwarebytes) C:\Users\cgrog\Downloads\adwcleaner_8.0.5.exe
2020-06-27 16:08 - 2020-06-27 16:08 - 000000907 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2020-06-27 16:08 - 2020-06-27 16:08 - 000000907 _____ C:\ProgramData\Desktop\qBittorrent.lnk
2020-06-27 16:08 - 2020-06-27 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-06-27 16:08 - 2020-06-27 16:08 - 000000000 ____D C:\Program Files\qBittorrent
2020-06-27 16:07 - 2020-06-27 16:07 - 000425304 _____ (Secure By Design Inc.) C:\Users\cgrog\Downloads\Ninite Everything qBittorrent Installer.exe
2020-06-27 16:07 - 2020-06-27 16:07 - 000001094 _____ C:\Users\cgrog\Desktop\Search Everything.lnk
2020-06-27 16:07 - 2020-06-27 16:07 - 000000000 ____D C:\Users\cgrog\AppData\Roaming\Everything
2020-06-27 16:07 - 2020-06-27 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everything
2020-06-27 16:07 - 2020-06-27 16:07 - 000000000 ____D C:\Program Files\Everything
2020-06-27 16:02 - 2020-06-27 16:02 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-27 16:02 - 2020-06-27 16:02 - 000002332 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-27 16:01 - 2020-06-27 16:01 - 001295576 _____ (Google LLC) C:\Users\cgrog\Downloads\ChromeSetup.exe
2020-06-27 15:33 - 2020-06-27 15:34 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-27 15:33 - 2020-06-27 15:33 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-27 15:33 - 2020-06-27 15:33 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-26 15:58 - 2020-06-26 16:12 - 723080330 _____ C:\Users\cgrog\Downloads\signs-of-the-sojourner-win.zip
2020-06-26 15:54 - 2020-06-26 15:54 - 000007597 _____ C:\Users\cgrog\AppData\Local\Resmon.ResmonCfg
2020-06-26 10:20 - 2020-06-26 10:20 - 000140686 _____ C:\Users\cgrog\Downloads\Jobseekers Notification_{0_dd_MM_yy}.pdf
2020-06-26 10:16 - 2020-06-26 10:28 - 000000000 ____D C:\Users\cgrog\Desktop\Clean up 26.062020
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-27 16:46 - 2018-02-21 23:42 - 000000000 ____D C:\Users\cgrog\AppData\Roaming\discord
2020-06-27 16:44 - 2020-04-15 20:57 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2020-06-27 16:43 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-27 16:42 - 2019-08-03 01:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-27 16:41 - 2020-04-06 17:08 - 000017207 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-06-27 16:41 - 2020-04-06 17:08 - 000011410 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-06-27 16:41 - 2020-04-06 17:08 - 000008589 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-06-27 16:41 - 2020-04-06 17:08 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-06-27 16:41 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-06-27 16:30 - 2018-02-02 18:40 - 000000000 ____D C:\Users\cgrog\AppData\Roaming\qBittorrent
2020-06-27 16:13 - 2018-02-02 18:40 - 000000000 ____D C:\Users\cgrog\AppData\Local\qBittorrent
2020-06-27 16:02 - 2018-02-02 17:28 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-27 16:02 - 2018-02-02 17:28 - 000000000 ____D C:\Program Files (x86)\Google
2020-06-27 15:59 - 2019-01-26 17:35 - 000000000 ____D C:\Users\cgrog\AppData\Local\Rockstar Games
2020-06-27 15:59 - 2018-02-02 17:41 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-06-27 15:58 - 2018-04-09 18:58 - 000000000 ____D C:\Games
2020-06-27 15:49 - 2018-02-02 17:29 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-27 15:46 - 2019-03-09 17:23 - 000000000 ____D C:\Users\cgrog\AppData\Local\ElevatedDiagnostics
2020-06-27 15:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-27 15:39 - 2019-08-03 01:24 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-27 15:39 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-27 15:32 - 2020-04-15 19:45 - 000000000 ____D C:\Program Files\Riot Vanguard
2020-06-26 19:00 - 2020-04-09 00:48 - 000011525 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-06-26 18:52 - 2019-08-03 01:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-26 17:00 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-26 16:36 - 2018-02-02 17:22 - 000000000 ____D C:\Users\cgrog\AppData\Local\Packages
2020-06-26 16:23 - 2018-02-20 03:46 - 000000000 ____D C:\Users\cgrog\AppData\Local\Ubisoft Game Launcher
2020-06-26 16:14 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-26 15:51 - 2019-08-03 01:27 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-124992116-1282473561-228682095-1001
2020-06-26 15:49 - 2019-08-02 20:49 - 000002363 _____ C:\Users\cgrog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-26 15:49 - 2018-02-02 17:24 - 000000000 ___RD C:\Users\cgrog\OneDrive
2020-06-26 10:36 - 2020-04-06 23:14 - 000016843 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-06-26 10:27 - 2019-08-03 01:27 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-06-26 10:22 - 2018-09-03 19:02 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-26 10:15 - 2018-02-28 14:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-25 17:59 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-06-25 17:58 - 2019-06-18 19:41 - 000000000 ____D C:\Program Files\UNP
2020-06-25 17:55 - 2018-02-02 17:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-25 17:55 - 2018-02-02 17:22 - 000000000 ___RD C:\Users\cgrog\3D Objects
2020-06-05 22:03 - 2019-03-19 05:56 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 22:03 - 2019-03-19 05:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories ========
2019-05-21 18:24 - 2019-05-21 18:24 - 000000731 _____ () C:\Users\cgrog\AppData\Local\recently-used.xbel
2020-06-26 15:54 - 2020-06-26 15:54 - 000007597 _____ () C:\Users\cgrog\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-06-2020
Ran by cgrog (27-06-2020 16:48:59)
Running from C:\Users\cgrog\Downloads
Windows 10 Home Version 1903 18362.836 (X64) (2019-08-03 00:28:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-124992116-1282473561-228682095-500 - Administrator - Disabled)
cgrog (S-1-5-21-124992116-1282473561-228682095-1001 - Administrator - Enabled) => C:\Users\cgrog
DefaultAccount (S-1-5-21-124992116-1282473561-228682095-503 - Limited - Disabled)
Guest (S-1-5-21-124992116-1282473561-228682095-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-124992116-1282473561-228682095-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.4 - Electronic Arts, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Cultist Simulator (HKLM-x32\...\1456702644_is1) (Version: v2018.x.9 - GOG.com)
Cultist Simulator: Perpetual Edition (HKLM-x32\...\1556868113_is1) (Version: v2018.x.9 - GOG.com)
Deep Sky Derelicts (HKLM-x32\...\1629258827_is1) (Version: 1.5.1 - GOG.com)
Disco Elysium (HKLM-x32\...\Disco Elysium_is1) (Version: - )
Discord (HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Enter the Gungeon (HKLM-x32\...\1456912569_is1) (Version: 2.11.0.13 - GOG.com)
Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Everything 1.4.1.969 (x64) (HKLM\...\Everything) (Version: 1.4.1.969 - David Carpenter)
f.lux (HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Flux) (Version: - f.lux Software LLC)
foobar2000 v1.5.3 (HKLM-x32\...\foobar2000) (Version: 1.5.3 - Peter Pawlowski)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.1.1049 - Foxit Software Inc.)
Frostpunk (HKLM-x32\...\1648559910_is1) (Version: 1.1.0 - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM\...\{D8BAA38A-97E1-3BD9-A877-673E81553618}) (Version: 83.0.4103.116 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Inkscape 0.92.4 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.92.4.0 - Inkscape project)
InputMapper (HKLM-x32\...\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}) (Version: 1.6.10.19991 - DSDCS)
Into the Breach (HKLM-x32\...\2004253604_is1) (Version: 1.0.16 - GOG.com)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Metal Gear Solid V - The Phantom Pain (HKLM-x32\...\Metal Gear Solid V - The Phantom Pain_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 81.0.416.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.127.15 - )
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 66.0.3 (x64 en-US)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2 - Mozilla)
netis Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0193 - netis Systems Co.,Ltd.)
netis Wireless LAN Driver and Utility (HKLM-x32\...\{526BEFE2-30FF-4123-98F4-01554316DF3B}) (Version: 1.00.0242 - netis Systems Co.,Ltd.)
NVIDIA Graphics Driver 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.55.33574 - Electronic Arts, Inc.)
Outer Wilds (HKLM-x32\...\Outer Wilds_is1) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Skype version 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Spotify) (Version: 1.1.22.633.g1bab253a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteamWorld Quest Hand of Gilgamech (HKLM-x32\...\SteamWorld Quest Hand of Gilgamech_is1) (Version: - )
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
The Outer Worlds (HKLM-x32\...\The Outer Worlds_is1) (Version: - )
TP-Link TL-WN725N (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 2.1.0 - TP-Link)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.0 - VideoLAN)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinDirStat 1.1.2 (HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\WinDirStat) (Version: - )
Xenonauts (HKLM-x32\...\1207664803_is1) (Version: 2.3.0.13 - GOG.com)
Ziggurat (HKLM-x32\...\1437564865_is1) (Version: 2018-05-08 - GOG.com)
Zoom (HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.10.5.0_x86__kgqvnymyfvs32 [2020-06-26] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.170.800.0_x86__kgqvnymyfvs32 [2020-06-26] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.1.2.2_x86__h6adky7gbf63m [2020-06-26] (Gameloft SE)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.9.0.7_x86__h6adky7gbf63m [2020-06-26] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-26] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-124992116-1282473561-228682095-1001_Classes\CLSID\{89B6C5DC-C8D4-4ADA-AC74-9F4939D563C6} -> [MEGAsync] => C:\Users\cgrog\Documents\MEGAsync [2018-04-19 20:19]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\cgrog\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\cgrog\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\cgrog\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\cgrog\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\cgrog\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\cgrog\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] [File is in use]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed] [File is in use]
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\cgrog\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] [File is in use]
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] [File is in use]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\cgrog\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] [File is in use]
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] [File is in use]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\cgrog\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] [File is in use]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed] [File is in use]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\cgrog\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [File not signed] [File is in use]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvshext.dll [2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed] [File is in use]
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] [File is in use]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2018-02-02 17:41 - 2012-08-08 22:56 - 000863232 _____ ( Realtek Semiconductor Corp.) [File not signed] [File is in use] C:\Program Files (x86)\netis\PCIE Wireless LAN\P2PLib.dll
2018-02-02 17:41 - 2013-02-27 18:17 - 000221184 _____ () [File not signed] [File is in use] C:\Program Files (x86)\netis\PCIE Wireless LAN\EnumDevLib.dll
2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () [File not signed] [File is in use] C:\Users\cgrog\AppData\Local\MEGAsync\ShellExtX64.dll
2018-02-02 17:41 - 2013-12-23 12:26 - 000528384 _____ (Realtek Semiconductor Corp.) [File not signed] [File is in use] C:\Program Files (x86)\netis\PCIE Wireless LAN\RtlLib.dll
2018-02-02 17:41 - 2012-09-13 10:25 - 000200704 _____ (Realtek) [File not signed] [File is in use] C:\Program Files (x86)\netis\PCIE Wireless LAN\IpLib.dll
2018-02-02 17:41 - 2012-05-07 15:23 - 000040960 _____ (Realtek) [File not signed] [File is in use] C:\Program Files (x86)\netis\PCIE Wireless LAN\RtlICS.dll
2018-02-02 17:41 - 2014-02-27 21:12 - 000272384 _____ (Realtek) [File not signed] [File is in use] C:\Program Files (x86)\netis\PCIE Wireless LAN\RtlIhvOid.dll
2018-02-02 17:41 - 2012-06-22 17:01 - 000044544 _____ (Realtek) [File not signed] [File is in use] C:\Program Files (x86)\netis\PCIE Wireless LAN\RtlQRCode.dll
2018-02-02 17:41 - 2009-07-23 18:32 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] [File is in use] C:\Program Files (x86)\netis\PCIE Wireless LAN\LIBEAY32.dll
2019-02-10 14:45 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] [File is in use] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-10 14:45 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] [File is in use] C:\Program Files (x86)\Origin\ssleay32.dll
2019-02-10 14:45 - 2019-07-12 09:23 - 001611264 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-11-22 18:58 - 2019-07-12 09:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-11-22 18:58 - 2019-07-12 09:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-11-22 18:58 - 2019-07-12 09:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-11-22 18:58 - 2019-07-12 09:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-11-22 18:58 - 2019-07-12 09:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] [File is in use] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\cgrog\AppData\Local\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Public\AppData:CSM [470]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-124992116-1282473561-228682095-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\cgrog\Desktop\zzz Christinas World Andrew Wyeth large image.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_0FC2B3BE4D0F00F8BA033BFC24C7AF01"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\StartupApproved\Run: => "Ubisoft Game Launcher"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-124992116-1282473561-228682095-1001\...\StartupApproved\Run: => "Skype for Desktop"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A8F80316-1A05-4EA3-881C-023A02344382}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Project Winter\ProjectWinter.exe () [File not signed] [File is in use]
FirewallRules: [{67FD5410-2498-45D1-B4D8-C0F320B4E2D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Project Winter\ProjectWinter.exe () [File not signed] [File is in use]
FirewallRules: [{4ACC308C-3A59-4F94-8788-F38095291BD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eternal Card Game\Eternal.exe (Dire Wolf Digital, LLC -> )
FirewallRules: [{D5F5C5A0-5B84-4DD5-BFB6-B0AB157F046B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eternal Card Game\Eternal.exe (Dire Wolf Digital, LLC -> )
FirewallRules: [{87FF93B4-2D27-4B4C-B29F-39BCC3EC5C13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Offworld Trading Company\StardockLauncher.exe (STARDOCK SYSTEMS, INC. -> Stardock Corporation)
FirewallRules: [{DA5992A0-66A6-43DF-8CDB-7BFE466A0D51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Offworld Trading Company\StardockLauncher.exe (STARDOCK SYSTEMS, INC. -> Stardock Corporation)
FirewallRules: [{15799708-3C6C-4A6C-BF58-3C4FBBAC2EEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{035470DD-25B5-4F12-9BB6-4A3753B0A0C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{E76E2D2D-8DC7-4341-89D5-3F0F58F4659D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [{B23B85BD-46B7-4902-86B5-56AECD2BEBD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [{3778951F-5F3C-40E2-B04A-27CD34BFC5E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed] [File is in use]
FirewallRules: [{EBFF36BE-7FFE-4D16-A73C-BA2D2928CBDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baba Is You\Baba Is You.exe (None) [File not signed] [File is in use]
FirewallRules: [{724D099F-235E-4028-8BC6-8E8A3B9857EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe => No File
FirewallRules: [{71A4F3F4-621E-46B9-A7FB-02E74AB9ACA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe => No File
FirewallRules: [{8726181A-950A-4B4E-A8C3-2DE1533EF74E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe => No File
FirewallRules: [{5EC866B4-ACDE-4EF1-A779-C278EABE81FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe => No File
FirewallRules: [{A102ED61-1B9E-4720-A463-674F7C5F2A39}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{871C6D7E-2889-41D8-B564-F1C31C53F2A0}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [UDP Query User{AA8540F3-58CB-424E-9025-20CD40BC23A0}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{D9E890E3-45BF-46C9-BDFA-C62BD842C828}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [{8BE78954-5A50-449B-8376-0F6B2AC09D8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe => No File
FirewallRules: [{BA51373E-1B7B-43D0-9FA1-55BD7EBDDA1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe => No File
FirewallRules: [UDP Query User{52526D01-EF1E-4E31-8597-0ED08AC03037}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{DA459C3B-FF08-477C-9D5F-57C641884E59}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe => No File
FirewallRules: [{144DAF60-1DBA-48E7-ACE6-A42415E71071}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BD96E0B5-9737-467B-B9C1-F52E6FDCC670}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EB80720E-8EB7-4376-B30B-E2697BC4B2C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{E5C83A79-49EA-4357-895D-707976D563EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{15578956-749E-4832-BADE-32BDCEE753BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C4214449-FC09-4B4C-B8BF-2F2B32E9367B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{C7B74EFB-3FD8-4999-92DA-F454DCEABDC6}C:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe (Crytek GmbH -> Crytek GmbH)
FirewallRules: [TCP Query User{CBFFF17B-4D51-4785-8D84-5B3AB7D569FE}C:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe (Crytek GmbH -> Crytek GmbH)
FirewallRules: [{5366FA31-A836-4CAA-A4AA-5EFC2F0219E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hunt Showdown\hunt.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E199E926-2D19-4773-B90E-DD3D365D5B1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hunt Showdown\hunt.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{1B52CFE3-AF8C-420D-9C4C-99E2B6045730}C:\games\mr dj\xcom 2 war of the chosen\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\mr dj\xcom 2 war of the chosen\xcom2-warofthechosen\binaries\win64\xcom2.exe => No File
FirewallRules: [TCP Query User{9ACD6349-BD45-46BC-A49A-C126CDB806D0}C:\games\mr dj\xcom 2 war of the chosen\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\mr dj\xcom 2 war of the chosen\xcom2-warofthechosen\binaries\win64\xcom2.exe => No File
FirewallRules: [{8E7E6576-B8CB-4A88-86D1-F86B2161EC1B}] => (Allow) C:\Games\Mr DJ\XCOM 2 War of the Chosen\Binaries\Win64\Launcher\ModLauncherWPF.exe => No File
FirewallRules: [{9F64C4CA-AB76-4CF0-8A3D-B7F8DC2CD5C8}] => (Allow) C:\Games\Mr DJ\XCOM 2 War of the Chosen\Binaries\Win64\Launcher\ModLauncherWPF.exe => No File
FirewallRules: [UDP Query User{3D2F3DCE-7434-40E9-A00D-8F3D265BDBA2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{FC29B90F-FE9D-4813-8A12-F3FDEF79C64B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe => No File
FirewallRules: [{561F02BD-F56A-4EF3-AD84-E9C0EC634DD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed] [File is in use]
FirewallRules: [{E8AF65C0-31A6-4EEC-8241-AD00C4A21F0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\SlayTheSpire.exe () [File not signed] [File is in use]
FirewallRules: [UDP Query User{514CD0F5-761D-4649-B178-3574C459D977}C:\games\dishonored - goty edition\binaries\win32\dishonored.exe] => (Allow) C:\games\dishonored - goty edition\binaries\win32\dishonored.exe => No File
FirewallRules: [TCP Query User{91E1F8FB-5540-47D5-828D-928D4C905AA5}C:\games\dishonored - goty edition\binaries\win32\dishonored.exe] => (Allow) C:\games\dishonored - goty edition\binaries\win32\dishonored.exe => No File
FirewallRules: [{F405894C-0278-4206-9B6B-53D12DC36CCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{65F9148D-DE14-45A0-A65C-3375BD9391F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{4FA1A890-4B66-4B90-B7D9-023F68E707ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C05AEF40-E98F-4DBA-BA4C-31CA8875B6FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{4B4E5391-DEBF-45E9-8B63-0F11DC9C81F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EE723586-791D-4812-A7C6-D8E5D19928EF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E9068F93-EEDA-46DE-99F2-425C9DAD283C}] => (Allow) LPort=53
FirewallRules: [{2CBAB189-FE2E-4CB5-BB2B-0B565CF9BBCF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{541C3CAF-E36D-46CB-B4F9-C7DF2005E4EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{07D0EBDE-FDC5-49B2-AB84-97DCCBB6EBD6}C:\users\cgrog\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cgrog\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{FE1F484F-1471-4F46-A6B6-4FE3564DF829}C:\users\cgrog\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cgrog\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D69876D-B357-4521-9F83-C244C58A7BDF}] => (Block) C:\users\cgrog\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9CEA6EEA-D89D-4327-BF10-7D7A60B4BBC9}] => (Block) C:\users\cgrog\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DDCA5B73-5CFA-42E6-8265-36CE90F13EEB}] => (Allow) C:\Program Files (x86)\netis\PCIE Wireless LAN\RtWLan.exe (Realtek Semiconductor Corp.) [File not signed] [File is in use]
FirewallRules: [{C9D463EE-4D86-478E-96DC-7C1F36B3B1BB}] => (Allow) LPort=1542
FirewallRules: [{A73CF471-03ED-41E3-ADF6-9C7429E57B3C}] => (Allow) LPort=1542
FirewallRules: [{1A517CE8-F5AD-449C-8E58-1DF91986AD95}] => (Allow) LPort=53
FirewallRules: [{8FB0DB24-CC7F-4FBB-8D72-12AD07A83207}] => (Allow) C:\Program Files (x86)\netis\PCIE Wireless LAN\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{43D13F8E-893B-4800-A08F-BF3684CD08A5}] => (Allow) C:\Program Files (x86)\netis\PCIE Wireless LAN\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{FA29F2A5-3A37-4F01-8993-80B7DB0D6F40}] => (Allow) C:\Program Files (x86)\netis\PCIE Wireless LAN\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{61376F53-8479-4F82-9B3A-1F30865F34F4}] => (Allow) C:\Program Files (x86)\netis\PCIE Wireless LAN\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{DA36ED88-48AB-4948-937E-418DDDACB991}] => (Allow) C:\Program Files (x86)\netis\PCIE Wireless LAN\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{01E691E9-4A29-4F44-8E40-29E47C464370}] => (Allow) C:\Program Files (x86)\netis\PCIE Wireless LAN\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{9327C384-7B71-4948-9EFE-9F03E37AE8A4}] => (Allow) C:\Program Files (x86)\netis\PCIE Wireless LAN\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{4C2AA4F6-AFD5-4F5A-A151-FA32926DCB96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{2FFEE081-DC1B-4F7D-A86A-63DF5E6938E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [TCP Query User{B0AFC1AE-4B27-4E7D-BB67-51EDCA467B0D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6F61CB23-2999-4B58-B2B8-4622759F6280}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{60BD4778-3BAF-4B55-8392-7A105E9CF299}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{134A6C46-A5DD-40E1-B267-188181744EDD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{1510BB1F-FD8C-4971-BC6A-4BF954C5CAE8}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{EEB37B5C-68CB-4A2B-A02C-2D374E80B79F}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{C5CBD237-FCD3-4F3F-9CE9-08497ED184D9}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed] [File is in use]
FirewallRules: [UDP Query User{6257F8B9-9ABF-44F7-AD78-B665F21C65BB}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed] [File is in use]
FirewallRules: [TCP Query User{686F427D-6101-4768-96BF-A0DC21FDCD6C}C:\users\cgrog\videos\subnautica.v58064\subnautica.v58064\subnautica.exe] => (Allow) C:\users\cgrog\videos\subnautica.v58064\subnautica.v58064\subnautica.exe => No File
FirewallRules: [UDP Query User{61A75CD5-ED94-45C5-BADB-A9A6FA46086F}C:\users\cgrog\videos\subnautica.v58064\subnautica.v58064\subnautica.exe] => (Allow) C:\users\cgrog\videos\subnautica.v58064\subnautica.v58064\subnautica.exe => No File
FirewallRules: [TCP Query User{7D34718A-BF0A-4184-92FD-27D87BAA98C7}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{55FB3F21-1E27-4D2B-A5DA-99B8D8E49ADD}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{DDB8F511-FE43-4477-9FCC-072AFAAB68F9}C:\gog games\into the breach\breach.exe] => (Allow) C:\gog games\into the breach\breach.exe () [File not signed] [File is in use]
FirewallRules: [UDP Query User{DC6956DC-440D-4B01-9003-7C966C4BCD1F}C:\gog games\into the breach\breach.exe] => (Allow) C:\gog games\into the breach\breach.exe () [File not signed] [File is in use]
FirewallRules: [TCP Query User{246E1017-DF9B-469A-AF21-564F856B19D8}C:\program files (x86)\doom\doomx64.exe] => (Block) C:\program files (x86)\doom\doomx64.exe => No File
FirewallRules: [UDP Query User{976F9502-5DE9-49A2-9C7B-E5028B28341F}C:\program files (x86)\doom\doomx64.exe] => (Block) C:\program files (x86)\doom\doomx64.exe => No File
FirewallRules: [TCP Query User{D9FAC373-AAB3-43AE-B3BB-01D49F5BF91E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{084EBF22-C126-42F2-84E7-F83923834FAF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{8E489763-6473-4C7B-A8F2-A104A839BD2C}C:\programdata\battle.net\agent\agent.6155\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6155\agent.exe => No File
FirewallRules: [UDP Query User{11F56EAF-F6D8-452F-AFF9-1B415C3B01F6}C:\programdata\battle.net\agent\agent.6155\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6155\agent.exe => No File
FirewallRules: [TCP Query User{56617D50-DCC4-4DBF-8859-CCE1DF2FF9B5}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File
FirewallRules: [UDP Query User{752AB1B0-233F-4805-997D-D6A338AAB622}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File
FirewallRules: [{E6C302A7-CA39-455B-960D-BD98E421E186}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed] [File is in use]
FirewallRules: [{3B1BFFCC-BEDA-4BA2-BEA8-B62C5F50F3E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed] [File is in use]
FirewallRules: [TCP Query User{5529911E-A797-4264-BB30-96D5A48BD762}C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed] [File is in use]
FirewallRules: [UDP Query User{6792506F-D98D-4DB2-8443-AF6BB264DB0E}C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed] [File is in use]
FirewallRules: [{AAA71EE9-BD46-4962-BEFE-69311747C602}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{D190A23D-13C7-4BD7-B2D0-E5AF17B81EAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman™\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [TCP Query User{0F3877C7-9EE9-4572-B98C-AC2E7FE60E34}C:\program files\epic games\johnwickhex\john wick hex.exe] => (Allow) C:\program files\epic games\johnwickhex\john wick hex.exe () [File not signed] [File is in use]
FirewallRules: [UDP Query User{C3FAB759-62FF-44BF-BD40-492BFAA3FAE8}C:\program files\epic games\johnwickhex\john wick hex.exe] => (Allow) C:\program files\epic games\johnwickhex\john wick hex.exe () [File not signed] [File is in use]
FirewallRules: [{6E58C9FE-CEBD-4031-88A5-3817071047D3}] => (Block) C:\program files\epic games\johnwickhex\john wick hex.exe () [File not signed] [File is in use]
FirewallRules: [{B53F2E76-1FC8-4829-8976-2196C8B741EF}] => (Block) C:\program files\epic games\johnwickhex\john wick hex.exe () [File not signed] [File is in use]
FirewallRules: [TCP Query User{A2F39AF8-4057-428F-A52E-753DA02C5F10}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{2DAC261F-D2D5-4F42-AD51-F6DEB290FECF}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{EEABE256-D226-4E21-A5BE-197C226E10F1}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{9836FA66-C0A0-4AB6-8CEF-64298DF518BD}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{0C8CFDB4-F3FF-45C7-9D9B-C6C059F4B049}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Noita\noita.exe () [File not signed] [File is in use]
FirewallRules: [{EC8AFA49-3B72-45A9-B69B-1D1E8ABDC1C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Noita\noita.exe () [File not signed] [File is in use]
FirewallRules: [TCP Query User{C0A00263-D4BA-4317-881A-C1C8B7315159}C:\program files\epic games\batmanarkhamcity\binaries\win32\batmanac.exe] => (Allow) C:\program files\epic games\batmanarkhamcity\binaries\win32\batmanac.exe (Rocksteady Studios Ltd.) [File not signed] [File is in use]
FirewallRules: [UDP Query User{75913ADD-F09B-424E-AED8-EAA990255BF7}C:\program files\epic games\batmanarkhamcity\binaries\win32\batmanac.exe] => (Allow) C:\program files\epic games\batmanarkhamcity\binaries\win32\batmanac.exe (Rocksteady Studios Ltd.) [File not signed] [File is in use]
FirewallRules: [{79DB18DF-73CD-4E78-B32A-87C0C80BF13C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed] [File is in use]
FirewallRules: [{85EB7AA3-3CBC-409E-BD85-CB02C84EA7CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe () [File not signed] [File is in use]
FirewallRules: [{22F9F5F5-4748-40C2-8CBF-907FF3B4EE56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War For The Overworld\WFTO.exe (BRIGHTROCK GAMES LIMITED -> )
FirewallRules: [{5DE9C338-DF04-4F0C-8937-451DC3533489}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War For The Overworld\WFTO.exe (BRIGHTROCK GAMES LIMITED -> )
FirewallRules: [TCP Query User{0E459B0B-B681-4AAC-B702-FD8C1CD02962}C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe () [File not signed] [File is in use]
FirewallRules: [UDP Query User{AB638387-C4AD-49CE-BF34-A22DD8162168}C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe () [File not signed] [File is in use]
FirewallRules: [TCP Query User{31CCCA15-A99D-45AE-8DEF-520B92AC75E7}F:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) F:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [UDP Query User{56275C57-5634-498E-A70E-89983E0F36D2}F:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) F:\codex\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [TCP Query User{76BCE5AC-626B-4F9B-B517-4F94D6CB63F5}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [UDP Query User{75972760-BC9A-4767-9F8C-551C305153E1}C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) C:\program files (x86)\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe => No File
FirewallRules: [{A429533A-D83A-4585-9926-5EDD2144EAE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [{05BC1E45-A0C5-4152-B3B0-EAB38E665968}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [TCP Query User{6A6E5B58-A246-4B94-8E44-E49E0758B006}C:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe (Crytek GmbH -> Crytek GmbH)
FirewallRules: [UDP Query User{CA51D4F2-827E-4054-823E-960CED09FCCE}C:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe (Crytek GmbH -> Crytek GmbH)
FirewallRules: [{55470A04-941F-4EB4-A502-2C9181AA2962}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pathologic\Pathologic.exe () [File not signed] [File is in use]
FirewallRules: [{02FCEAB2-B8D8-4EA3-AACD-C41C7F982B48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pathologic\Pathologic.exe () [File not signed] [File is in use]
FirewallRules: [TCP Query User{9AFA1826-627C-4423-A2E4-8320274476F2}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C7AB5364-F447-455D-872E-39941BDAE00A}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe => No File
FirewallRules: [{9ACDDD0B-5F6B-4AA0-BD8C-689A484AB9FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [{FF42E987-4A15-4CE3-95F7-66325DBD7D6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [{3446BAB3-D856-42C4-999A-EBD583909109}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{107D66ED-97FC-46F0-98F4-ABCD2C91591C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{E6F840B7-9116-4E71-A38E-938E0DEAA1D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{80803894-BEF6-445F-8FD5-60670071BB57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{B592ABCE-CE21-4EC0-984D-C0C28C8E10CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mythgard\Mythgard.exe () [File not signed] [File is in use]
FirewallRules: [{850969C5-C29F-4E00-A673-D5B63E0F0FD5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mythgard\Mythgard.exe () [File not signed] [File is in use]
FirewallRules: [{D73D2F8F-D63A-4D9C-B9C5-9564C2A07949}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed] [File is in use]
FirewallRules: [{61256816-7E16-416D-8E5A-A9E508423705}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [File not signed] [File is in use]
FirewallRules: [{44B47753-B7F5-4AC9-BEDB-7D35502D049A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thumper\THUMPER_win8.exe () [File not signed] [File is in use]
FirewallRules: [{5EB73DED-3F8B-45AE-9AC3-C6AB62C59813}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thumper\THUMPER_win8.exe () [File not signed] [File is in use]
FirewallRules: [{9366A6CA-98DE-41D9-A4F4-9545AC153EC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thumper\THUMPER_dx9.exe () [File not signed] [File is in use]
FirewallRules: [{F615C8E5-C3D0-4C5C-8FD3-C68FFEC8F1E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thumper\THUMPER_dx9.exe () [File not signed] [File is in use]
FirewallRules: [{1CFA9348-12CF-423F-809A-2A7221FBCBAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Decadence\AoD64.exe (Iron Tower Studio) [File not signed] [File is in use]
FirewallRules: [{192A3D2F-4FF8-4F0C-B8C4-9D563BDEC298}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Decadence\AoD64.exe (Iron Tower Studio) [File not signed] [File is in use]
FirewallRules: [{D2BFF5CA-D0D6-4132-9A51-6EAFE820BCEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Decadence\AoD.exe (Iron Tower Studio) [File not signed] [File is in use]
FirewallRules: [{C4567230-FC3C-4502-BE99-BA06D52A3302}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Decadence\AoD.exe (Iron Tower Studio) [File not signed] [File is in use]
FirewallRules: [{F25D9852-0603-49C8-90C7-56F268509BDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Throne of Lies\ThroneOfLies.exe () [File not signed] [File is in use]
FirewallRules: [{CE38D3B3-F2C3-4FC0-86CB-31DF700E72A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Throne of Lies\ThroneOfLies.exe () [File not signed] [File is in use]
FirewallRules: [{59327B78-17E7-4C8C-B116-173B72E2D2DD}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{744630DA-3069-465A-983F-E5CC19BEAA08}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{AEE02136-4C3E-40DB-966F-10EF267AF14D}] => (Allow) C:\Users\cgrog\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6717BAD2-7DA8-48B3-AD79-036FCF45BA56}] => (Allow) C:\Users\cgrog\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{35A76CBF-D34B-4418-A9A7-0B43407D34C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed] [File is in use]
FirewallRules: [{748599B4-8639-445B-8D1F-2368197D0AB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [File not signed] [File is in use]
FirewallRules: [{FC835F5E-EACA-4A27-95D7-2760431816E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{299D6EF2-2F3F-4D56-888E-3B6FDCE9775D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{657EBCBD-82AC-41E8-B698-0A1BD402EF0C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC397F52-16B7-4E65-B984-3623D6B5EA79}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{70B107E0-C59B-45EC-AF9E-F78AAA92630F}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{79AC8B87-C98A-42D0-A742-E40F6A78B56C}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{F1597A83-A3A3-4942-9A70-0BF6C7E48AD7}] => (Block) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{FA4FB4E8-CBA2-49BA-B044-647E2931C138}] => (Block) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{6C40E889-EEC7-4DD3-BD84-F770EE326691}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Artifact\game\bin\win64\dcg.exe (Valve -> Valve Software)
FirewallRules: [{FE8F992D-7B06-4659-86FE-94E7A4D200E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Artifact\game\bin\win64\dcg.exe (Valve -> Valve Software)
FirewallRules: [{00F22E30-3CAF-4B7B-A051-C743C49F5CC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
FirewallRules: [{E4B89C8C-0880-4833-AF4D-45B0BEC83632}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
FirewallRules: [{5628201D-6D22-44D8-A3D3-3F17880ED563}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{34F9B5D5-873F-4914-AD93-7478190A3DFA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] [File is in use]
FirewallRules: [{A5AEFB7C-68C8-4686-B472-2D31C9A60BD1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] [File is in use]
==================== Restore Points =========================
02-05-2020 12:51:19 Scheduled Checkpoint
26-05-2020 23:21:09 Windows Update
26-06-2020 16:08:02 Windows Update
27-06-2020 16:38:17 27.06.2020 restore point
==================== Faulty Device Manager Devices ============
Name: Realtek RTL8188EU Wireless LAN 802.11n USB 2.0 Network Adapter
Description: Realtek RTL8188EU Wireless LAN 802.11n USB 2.0 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RtlWlanu
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/27/2020 04:18:46 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8728,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (06/27/2020 04:13:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4568,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (06/27/2020 04:01:01 PM) (Source: MsiInstaller) (EventID: 11730) (User: DESKTOP-263AI8E)
Description: Product: The Witcher 3 Mod Manager -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.
Error: (06/27/2020 03:36:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 3.1.0.1840, time stamp: 0x5d5c13ae
Faulting module name: Qt5Core.dll, version: 5.11.1.0, time stamp: 0x5cba0161
Exception code: 0xc0000005
Fault offset: 0x0018dc19
Faulting process ID: 0x2908
Faulting application start time: 0x01d64c904dc3b7d5
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report ID: faacb24b-e443-44cd-b440-dc9d4ab0de5a
Faulting package full name:
Faulting package-relative application ID:
Error: (06/26/2020 07:00:54 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (06/26/2020 07:00:54 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (06/26/2020 05:05:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8508,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (06/26/2020 04:59:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5044,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (06/27/2020 04:43:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek DHCP Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/27/2020 04:40:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/27/2020 04:40:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Origin Web Helper Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/27/2020 04:40:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Foxit Reader Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/27/2020 04:40:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Office Software Protection Platform service terminated unexpectedly. It has done this 1 time(s).
Error: (06/27/2020 04:40:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/27/2020 04:40:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek88EE service terminated unexpectedly. It has done this 1 time(s).
Error: (06/27/2020 04:40:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Windows Defender:
===================================
Date: 2020-06-27 15:47:28.592
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {059B01D7-857F-40F0-9271-0D4DB30998E9}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-05-07 16:42:13.681
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {481088D5-C6B3-4A92-A320-0289864E92EE}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-04-18 20:34:39.364
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {26CAB7CF-1892-4896-A7BF-6C171CD64543}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-06-26 10:22:13.911
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.319.173.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2020-06-26 10:16:13.813
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.150.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17200.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2020-06-25 17:55:46.435
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.150.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2020-06-25 17:55:46.435
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.150.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2020-06-25 17:55:46.435
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.150.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
==================== Memory info ===========================
BIOS: American Megatrends Inc. F8 07/06/2017
Motherboard: Gigabyte Technology Co., Ltd. Z270-Gaming K3
Processor: Intel(R) Core(TM) i5-7600K CPU @ 3.80GHz
Percentage of memory in use: 44%
Total physical RAM: 8146.21 MB
Available physical RAM: 4512.1 MB
Total Virtual: 32722.21 MB
Available Virtual: 27529.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.47 GB) (Free:297.66 GB) NTFS
\\?\Volume{a3385d6f-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{a3385d6f-0000-0000-0000-40c0e8000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A3385D6F)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=519 MB) - (Type=27)
==================== End of Addition.txt =======================