Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    The Week in Ransomware - May 20th 2022 - Another one bites the dust

Featured Deal: Get more from Microsoft Office with this training suite deal

Generic User Avatar

Weird popup at start

Started by makki , Mar 15 2021 03:49 PM

  • This topic is locked This topic is locked
11 replies to this topic

#1 makki

makki

  • Avatar image
  • Members
  • 6 posts
  • OFFLINE
    •  
  • Local time:11:02 AM

Posted 15 March 2021 - 03:49 PM

Hello all, 

 

And thank you for this forum !

When I booted up my desktop PC tonight, I had this very weird popup from the start :

 

Attached File  210315-0001.jpg   168.54KB   1 downloads

 

First time I see this and isn't that suspicious ? I clicked on "No", and unplugged the comp from the internet. (I'm writing here from a macbook)

Maybe I hallucinated, but my mouse felt weird for some seconds right after (but it might be a wrong impression).

 

I've looked in my AppData/Local/Temp folder and don't find a trace of this 0c95b49928... folder

 

Is that some kind of windows thing or might that be a virus ? what should I do ?

(I ran a malwarebytes scan that found nothing).

 

Thanks in advance for your help !


BC AdBot (Login to Remove)

 

#2 0lds0d

0lds0d

  • Avatar image
  • Members
  • 1,180 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Canada
  • Local time:06:02 AM

Posted 15 March 2021 - 04:17 PM

Very strange and possible malware.

See and follow the advice given here https://www.bleepingcomputer.com/forums/t/746441/laptop-involved-in-phishing-scam/?p=5146731 for getting help to remove any malware on the PC.


#3 makki

makki
  • Topic Starter

  • Avatar image
  • Members
  • 6 posts
  • OFFLINE
    •  
  • Local time:11:02 AM

Posted 15 March 2021 - 05:12 PM

Thank you for your reply ! just ran a FRST scan, here are the results :

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2021
Ran by Baz (administrator) on DESKTOP-98NK5H6 (15-03-2021 22:57:30)
Running from C:\Users\Baz\Desktop
Loaded Profiles: Baz
Platform: Windows 10 Pro Version 1803 17134.48 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe <2>
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Figma, Inc. -> ) C:\Users\Baz\AppData\Local\FigmaAgent\figma_agent.exe
(Figma, Inc. -> Figma, Inc.) C:\Users\Baz\AppData\Local\Programs\FigmaHelper\figma-helper.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® INTELND1617S2 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Red Giant   LLC -> Red Giant LLC) C:\Program Files\Red Giant\Services\Red Giant Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [321096 2017-06-20] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992032 2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [19930608 2020-04-29] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\Run: [electron.app.FontBase] => C:\Users\Baz\AppData\Local\Programs\FontBase\FontBase.exe [104457640 2020-12-10] (Dominik Levitsky Studio, LLC -> Dominik Levitsky Studio, LLC)
HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-09-04] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5536424 2021-03-06] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\Run: [Figma Agent] => C:\Users\Baz\AppData\Local\FigmaAgent\figma_agent.exe [6098120 2020-07-18] (Figma, Inc. -> )
HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\Run: [Figma Helper] => C:\Users\Baz\AppData\Local\Programs\FigmaHelper\figma-helper.exe [17064760 2018-07-25] (Figma, Inc. -> Figma, Inc.)
HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\FAHScreensaver.scr
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [19930608 2020-04-29] (Plex, Inc. -> Plex, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\IppMon: C:\WINDOWS\system32\IPPMon.dll [251392 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-15] (Google LLC -> Google LLC)
Startup: C:\Users\Baz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2020-03-15]
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe (No File)
Startup: C:\Users\Baz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Seer.lnk [2017-11-17]
ShortcutTarget: Seer.lnk -> C:\Program Files (x86)\Seer\Seer.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02459B02-44E2-481C-8901-4117F7592D5A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {19F721BC-0444-4719-943E-F131EB51FF9F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-19] (Dropbox, Inc -> Dropbox, Inc.)
Task: {23CCB3CB-DC0E-4393-BC1A-4C9876ADC279} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-17] (Google Inc -> Google Inc.)
Task: {26244577-6E1A-4AB8-AEA0-A43BAF0D0FD4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {30006342-C6B7-4383-AA9C-D49A515D9C52} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4BFA81C2-B29E-49E5-B28E-522AE87B604B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {54396A28-84E9-4CEE-842F-B4CFCD9C00B2} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {552BDAB8-67ED-4AB9-A7BE-AE5717D86270} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {55FEE141-0320-4590-A616-ECFC3E548040} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-11-17] (Google Inc -> Google Inc.)
Task: {5E930E0E-949E-4910-8D5A-4B2A3BA8AC57} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A5E6B19-940E-47A4-9DA7-F8751DF406FD} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-98NK5H6-Baz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6A6DABFD-71F3-43B5-B9F6-009F7E0553FD} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate
Task: {728A1570-91A1-4D56-90DD-47DB8067EEC1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {73BB5A84-D016-48F6-84D6-C5AF3B07E520} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {7B055D8C-A584-43E9-ABDE-80C349D67053} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel® Trust Services -> Intel® Corporation)
Task: {86322727-8A0C-4C0B-B049-58749E9EF0BD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {872A0D39-7EB9-483C-9FD3-4CDC754A5C20} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-19] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B043E221-BD20-4CE7-8EB0-C17C03667473} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B0A3F08C-CC4C-4D70-A525-97397EC98229} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {C1AF8C75-5B01-48A7-A000-C6173086CE76} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D1EAE499-6456-43CB-B034-7957519B5E58} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD01E5B4-C3A0-4C5B-848E-1E0AA0CC4B25} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {DDD518F1-B318-4693-830B-95F6DF70BE21} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E1B85063-7696-4574-9E93-BE8F0E504636} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E3D7331C-2143-497B-9BAF-580AACB6AA9C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {EAE6CA88-6E61-40C1-BA9C-0A214DA2F9E0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EAEAC49E-FF1E-4E6E-A7C3-19652ED4D2B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [468616 2018-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB74ED3C-A196-45B7-A0E8-05C00BDD8608} - System32\Tasks\update-S-1-5-21-3592542235-2043277170-2684174653-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3592542235-2043277170-2684174653-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: 127.0.0.1 www.overloud.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{37af7195-6d55-4d49-81c7-aec9982c36a8}: [DhcpNameServer] 192.168.1.1
 
Edge: 
=======
DownloadDir: F:\DOWNLOADS
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default [2021-03-15]
CHR DownloadDir: F:\DOWNLOADS
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> google.fr__
CHR Session Restore: Default -> is enabled.
CHR Extension: (Google Drive) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20]
CHR Extension: (YouTube) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-17]
CHR Extension: (OneTab) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2021-03-07]
CHR Extension: (Google Keep) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilembjdkfgodjkcjnpgpaenohkicgjd [2021-02-04]
CHR Extension: (Fonts Ninja) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2021-02-16]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-27]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2021-03-07]
CHR Extension: (Imagus) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2020-06-01]
CHR Extension: (Window Resizer) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2020-03-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Transcribe: transcribe audio/interviews fast!) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm [2019-01-20]
CHR Extension: (Gmail) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Baz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-13]
CHR HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-19] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-19] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-02] (Malwarebytes Inc -> Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1508336 2020-04-29] (Plex, Inc. -> Plex, Inc.)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2018-01-10] (Even Balance, Inc. -> )
R2 Red Giant Service; C:\Program Files\Red Giant\Services\Red Giant Service.exe [5976136 2020-03-24] (Red Giant   LLC -> Red Giant LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-10] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] (ASUSTeK Computer Inc. -> )
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [33784 2020-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-12-12] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-12-12] (Disc Soft Ltd -> Disc Soft Ltd)
R3 FocusriteUSB; C:\WINDOWS\System32\drivers\FocusriteUSB.sys [96400 2018-01-09] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBAudio; C:\WINDOWS\system32\drivers\FocusriteUSBAudio.sys [54416 2018-01-09] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [97936 2018-01-09] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [57728 2021-03-02] (SurfRight B.V. -> )
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-03] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl4b3f161a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{772BAB78-3AF2-4970-B918-B486CE8FF4B9}\MpKslDrv.sys [90360 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [50152 2017-04-07] (Intel® INTELND1617 -> Intel Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
S3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 wovad_micarray; C:\WINDOWS\system32\drivers\womic.sys [34496 2020-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S3 VBAudioVACMME; \SystemRoot\system32\DRIVERS\vbaudio_cable64_win7.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\system32\DRIVERS\vbaudio_vmvaio64_win10.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-03-15 22:57 - 2021-03-15 22:57 - 000030118 _____ C:\Users\Baz\Desktop\FRST.txt
2021-03-15 22:54 - 2021-03-15 22:57 - 000000000 ____D C:\FRST
2021-03-15 22:54 - 2021-03-15 22:49 - 002300928 _____ (Farbar) C:\Users\Baz\Desktop\FRST64.exe
2021-03-12 01:31 - 2021-03-12 01:31 - 000140204 _____ C:\Users\Baz\Desktop\OnTheIce.mp3.asd
2021-03-12 01:12 - 2021-03-12 01:12 - 000175169 _____ C:\Users\Baz\Desktop\Flight.mp3.asd
2021-03-12 00:21 - 2021-03-12 00:22 - 000205165 _____ C:\Users\Baz\Desktop\Herbie.mp3.asd
2021-03-11 00:25 - 2021-03-11 00:25 - 000000575 _____ C:\ProgramData\Desktop\Hearthstone.lnk
2021-03-11 00:25 - 2021-03-11 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2021-03-07 23:08 - 2021-03-07 23:08 - 000000000 ____D C:\Users\Baz\Documents\discoDSP
2021-03-07 23:08 - 2021-03-07 23:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\discoDSP
2021-03-07 23:08 - 2021-03-07 23:08 - 000000000 ____D C:\Program Files\discoDSP
2021-03-07 21:18 - 2021-03-07 21:18 - 000000000 ____D C:\Users\Baz\Documents\u-he
2021-03-04 23:14 - 2021-03-04 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-03-04 19:06 - 2021-03-04 19:06 - 000001303 _____ C:\Users\Baz\Desktop\Dropbox.lnk
2021-03-03 18:41 - 2021-03-03 18:41 - 000000000 ____D C:\ProgramData\Sophos
2021-03-03 04:12 - 2021-03-03 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-03-03 04:12 - 2021-03-03 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-03-03 04:12 - 2021-03-03 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-03-03 04:12 - 2021-03-03 04:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
2021-03-03 04:12 - 2021-03-03 04:12 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-03-03 03:42 - 2021-03-15 10:06 - 116391936 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-03-02 20:56 - 2021-03-02 20:56 - 000000000 ____D C:\Users\Baz\AppData\Local\ESET
2021-03-02 19:54 - 2021-03-02 20:52 - 000000000 ____D C:\KVRT2020_Data
2021-03-02 19:38 - 2021-03-02 19:52 - 000000000 ____D C:\ProgramData\HitmanPro
2021-03-02 19:38 - 2021-03-02 19:38 - 000057728 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2021-03-02 19:37 - 2021-03-02 19:37 - 000001972 _____ C:\Users\Baz\Desktop\MalwareBytesResults.txt
2021-03-02 19:20 - 2021-03-03 09:34 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-02 19:20 - 2021-03-02 19:20 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-03-02 19:20 - 2021-03-02 19:20 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-03-02 19:20 - 2021-03-02 19:20 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-26 19:18 - 2021-03-07 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synapse Audio
2021-02-25 23:46 - 2021-02-25 23:46 - 000000000 ____D C:\Program Files\Common Files\Native Instruments
2021-02-25 23:03 - 2021-02-25 23:03 - 000000218 _____ C:\Users\Baz\AppData\Local\recently-used.xbel
2021-02-25 01:09 - 2021-03-07 21:44 - 000000000 ____D C:\Users\Baz\Documents\Synapse Audio
2021-02-23 19:07 - 2021-02-24 00:02 - 000000000 ____D C:\Users\Baz\Documents\Vital
2021-02-23 19:07 - 2021-02-24 00:02 - 000000000 ____D C:\Users\Baz\AppData\Roaming\vital
2021-02-19 20:20 - 2021-02-19 20:20 - 000002294 _____ C:\Users\Baz\Desktop\Unreal Engine.lnk
2021-02-19 19:52 - 2021-02-19 20:20 - 000000000 ____D C:\Program Files\UE_4.26
2021-02-18 19:24 - 2021-02-18 19:24 - 000286586 _____ C:\Users\Baz\Desktop\NDA_BasileTournier.pdf
2021-02-16 10:11 - 2021-03-15 21:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-16 10:11 - 2021-02-16 16:47 - 000000000 ____D C:\Users\Baz\AppData\Roaming\TeamViewer
2021-02-16 10:11 - 2021-02-16 10:17 - 000000000 ____D C:\Users\Baz\AppData\Local\TeamViewer
2021-02-16 10:11 - 2021-02-16 10:11 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-02-16 10:11 - 2021-02-16 10:11 - 000001104 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2021-02-16 10:11 - 2020-06-07 16:03 - 000035112 _____ (TeamViewer GmbH) C:\WINDOWS\system32\Drivers\teamviewervpn.sys
2021-02-15 22:56 - 2021-02-16 22:21 - 000003204 _____ C:\Users\Baz\Desktop\CHERAMI.txt
2021-02-13 13:48 - 2021-02-13 13:48 - 000000000 ____D C:\ProgramData\Documents\SonicProjects
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-03-15 22:57 - 2018-02-03 13:06 - 000000000 ____D C:\Users\Baz\AppData\Roaming\FontBase
2021-03-15 22:31 - 2017-11-17 23:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2021-03-15 22:15 - 2018-09-05 11:53 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-15 22:13 - 2018-05-25 13:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-15 21:41 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-15 21:26 - 2019-10-03 18:57 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-03-15 21:12 - 2018-05-25 13:55 - 000840376 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-15 21:12 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2021-03-15 21:08 - 2017-11-17 19:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-15 21:06 - 2018-01-20 21:51 - 000000000 ____D C:\Users\Baz\AppData\Local\Plex Media Server
2021-03-15 21:05 - 2018-05-25 13:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-15 10:06 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-15 10:06 - 2017-11-17 22:52 - 000000000 ____D C:\Users\Baz\AppData\Roaming\Slack
2021-03-15 09:48 - 2018-05-18 14:51 - 000000000 ____D C:\Users\Baz\AppData\Roaming\eM Client
2021-03-15 09:44 - 2017-11-19 16:38 - 000000000 ____D C:\Users\Baz\AppData\Local\Adobe
2021-03-15 00:15 - 2018-10-27 13:50 - 000000000 ____D C:\Users\Baz\AppData\Roaming\WhatsApp
2021-03-15 00:14 - 2021-02-05 17:24 - 000000000 ____D C:\Users\Baz\AppData\Local\Battle.net
2021-03-14 19:28 - 2017-11-17 20:49 - 000000000 ____D C:\Users\Baz\AppData\Local\Blizzard Entertainment
2021-03-12 23:52 - 2017-11-18 12:53 - 000000000 ____D C:\Users\Baz\AppData\Local\Spotify
2021-03-12 23:25 - 2018-10-27 13:50 - 000000000 ____D C:\Users\Baz\AppData\Local\WhatsApp
2021-03-12 23:25 - 2017-11-17 22:52 - 000000000 ____D C:\Users\Baz\AppData\Local\SquirrelTemp
2021-03-12 22:54 - 2017-11-18 12:53 - 000000000 ____D C:\Users\Baz\AppData\Roaming\Spotify
2021-03-12 20:17 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-12 20:17 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-12 02:24 - 2021-01-19 16:06 - 000002290 _____ C:\Users\Baz\Desktop\Notion.lnk
2021-03-12 02:24 - 2020-06-07 22:54 - 000000000 ____D C:\Users\Baz\AppData\Roaming\Notion
2021-03-11 23:52 - 2020-03-18 19:10 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-03-11 23:52 - 2020-03-18 19:10 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-03-11 00:23 - 2020-04-30 23:46 - 000000000 ____D C:\ProgramData\Redshift
2021-03-10 21:53 - 2017-11-20 17:42 - 000001456 _____ C:\Users\Baz\AppData\Local\Adobe Save for Web 13.0 Prefs
2021-03-10 21:25 - 2017-11-20 17:11 - 000000000 ____D C:\Users\Baz\AppData\Roaming\OctaneRender
2021-03-10 18:57 - 2021-02-05 17:23 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-03-10 11:53 - 2020-11-19 18:52 - 000000576 _____ C:\ProgramData\droidcam-client-options-v1
2021-03-10 11:53 - 2020-11-19 18:52 - 000000091 _____ C:\ProgramData\droidcam-settings
2021-03-10 00:20 - 2020-02-06 20:43 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-09 22:04 - 2020-08-14 17:15 - 000000000 ____D C:\ProgramData\Epic
2021-03-07 23:08 - 2020-11-08 01:57 - 000000000 ____D C:\Program Files\Common Files\VST3
2021-03-07 21:44 - 2018-03-02 03:30 - 000000000 ____D C:\Program Files\VstPlugins
2021-03-07 16:46 - 2017-11-21 11:18 - 000000000 ____D C:\Users\Baz\AppData\Local\CrashDumps
2021-03-07 13:04 - 2017-11-19 16:44 - 000000000 ____D C:\ProgramData\Documents\AdobeInstalledCodecs
2021-03-05 20:57 - 2020-08-15 23:35 - 000000000 ____D C:\Users\Baz\AppData\Roaming\XnView
2021-03-05 18:58 - 2019-10-03 18:57 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-03-04 23:14 - 2017-11-19 21:43 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-03-04 19:06 - 2017-11-19 21:43 - 000000000 ____D C:\Users\Baz\AppData\Local\Dropbox
2021-03-03 22:47 - 2020-11-22 22:58 - 000000000 ____D C:\ProgramData\Documents\Audiority
2021-03-03 08:05 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-03 03:42 - 2019-12-21 10:23 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-03-02 21:56 - 2020-07-22 00:02 - 000686384 _____ C:\WINDOWS\ntbtlog.txt
2021-03-02 21:55 - 2020-07-22 00:02 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-03-02 20:53 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-03-02 18:39 - 2018-05-25 13:52 - 000000000 ____D C:\Users\Baz
2021-03-02 18:31 - 2018-05-25 13:48 - 005003904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-02 10:25 - 2018-05-25 13:55 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-03-01 01:48 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-27 17:58 - 2018-05-25 13:55 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3592542235-2043277170-2684174653-1001
2021-02-27 17:58 - 2018-05-25 13:52 - 000002406 _____ C:\Users\Baz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-27 17:58 - 2017-11-17 18:27 - 000000000 ___RD C:\Users\Baz\OneDrive
2021-02-19 22:23 - 2018-05-25 22:35 - 000000000 ____D C:\Users\Baz\AppData\Local\D3DSCache
2021-02-19 20:25 - 2021-01-31 20:32 - 000000000 ____D C:\Users\Baz\AppData\Local\UnrealEngine
2021-02-19 20:24 - 2017-11-17 18:46 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-19 19:51 - 2020-08-14 17:15 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2021-02-19 19:33 - 2020-03-26 19:15 - 000000000 ____D C:\ProgramData\CodeMeter
2021-02-19 19:33 - 2020-03-03 23:23 - 000000000 ____D C:\Users\Baz\Documents\Notch
2021-02-16 23:39 - 2019-10-31 11:49 - 000000000 ____D C:\Users\Baz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-02-16 23:39 - 2017-11-17 22:52 - 000000000 ____D C:\Users\Baz\AppData\Local\slack
2021-02-13 14:38 - 2017-12-21 20:27 - 000000000 ___HD C:\Users\Baz\MicrosoftEdgeBackups
 
==================== Files in the root of some directories ========
 
2017-11-19 19:39 - 2020-02-09 19:54 - 000000033 _____ () C:\Users\Baz\AppData\Roaming\AdobeWLCMCache.dat
2021-01-15 19:10 - 2021-01-15 19:10 - 000000016 _____ () C:\Users\Baz\AppData\Roaming\msregsvv.dll
2020-05-05 23:28 - 2020-05-06 01:00 - 000000209 _____ () C:\Users\Baz\AppData\Roaming\OSC-Monitor.ini
2019-01-11 16:03 - 2019-03-04 18:07 - 000005716 _____ () C:\Users\Baz\AppData\Roaming\pixplant3settings.txt
2020-09-07 17:19 - 2020-09-07 17:19 - 000000556 _____ () C:\Users\Baz\AppData\Roaming\PureRef.ini
2019-06-03 15:29 - 2019-06-03 15:30 - 000000025 ____H () C:\Users\Baz\AppData\Roaming\uninst48.log
2018-06-10 00:26 - 2020-10-08 19:10 - 000004661 _____ () C:\Users\Baz\AppData\Roaming\VoiceMeeterDefault.xml
2018-03-02 15:27 - 2018-03-02 15:27 - 000000712 ___SH () C:\Users\Baz\AppData\Local\66e66fd576a93e92862c5.59087291
2020-11-29 12:26 - 2020-11-29 12:36 - 000000606 ___SH () C:\Users\Baz\AppData\Local\6w65fts3hvyxjkh27rv3e2vffcxrqra
2017-11-20 17:42 - 2021-03-10 21:53 - 000001456 _____ () C:\Users\Baz\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-04-24 12:48 - 2019-10-28 20:15 - 000000081 _____ () C:\Users\Baz\AppData\Local\FILM_AE_LogFile.txt
2020-02-12 23:27 - 2020-02-25 01:25 - 000021923 _____ () C:\Users\Baz\AppData\Local\krita.log
2020-02-25 01:25 - 2020-02-25 01:25 - 000000152 _____ () C:\Users\Baz\AppData\Local\kritadisplayrc
2019-05-26 23:55 - 2020-02-25 01:25 - 000021541 _____ () C:\Users\Baz\AppData\Local\kritarc
2018-09-30 14:08 - 2018-09-30 14:08 - 000000000 _____ () C:\Users\Baz\AppData\Local\oobelibMkey.log
2021-02-25 23:03 - 2021-02-25 23:03 - 000000218 _____ () C:\Users\Baz\AppData\Local\recently-used.xbel
2020-04-19 14:35 - 2020-07-22 17:48 - 000007620 _____ () C:\Users\Baz\AppData\Local\resmon.resmoncfg
2019-06-03 15:29 - 2019-06-03 15:30 - 000000025 ____H () C:\Users\Baz\AppData\Local\uninst37.log
2017-12-07 19:26 - 2017-12-07 19:26 - 000000003 _____ () C:\Users\Baz\AppData\Local\updater.log
2017-12-07 19:26 - 2017-12-07 19:26 - 000000425 _____ () C:\Users\Baz\AppData\Local\UserProducts.xml
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2021
Ran by Baz (15-03-2021 22:58:07)
Running from C:\Users\Baz\Desktop
Windows 10 Pro Version 1803 17134.48 (X64) (2018-05-25 12:56:00)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3592542235-2043277170-2684174653-500 - Administrator - Disabled)
Baz (S-1-5-21-3592542235-2043277170-2684174653-1001 - Administrator - Enabled) => C:\Users\Baz
DefaultAccount (S-1-5-21-3592542235-2043277170-2684174653-503 - Limited - Disabled)
Guest (S-1-5-21-3592542235-2043277170-2684174653-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3592542235-2043277170-2684174653-1005 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3592542235-2043277170-2684174653-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Ableton Live 10 Suite (HKLM\...\{B214E563-20EC-4CD4-9C8A-9BC4ED66C08D}) (Version: 10.0.0.0 - Ableton)
Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1_3) (Version: 16.1.3 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Illustrator 2019 (HKLM-x32\...\ILST_23_1) (Version: 23.1 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_4_1) (Version: 8.4.1 - Adobe Systems Incorporated)
Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1_5) (Version: 13.1.5 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_6) (Version: 20.0.6 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_5) (Version: 13.1.5 - Adobe Systems Incorporated)
aescripts + aeplugins components (HKLM-x32\...\{58C0BFF8-3511-4EF6-A2B9-D7E85220F3C4}) (Version: 1.0.0.0 - aescripts + aeplugins)
Affinity Designer (HKLM\...\{3E33B844-8869-4A57-940E-FF9A5A11C2FC}) (Version: 1.9.0.932 - Serif (Europe) Ltd)
AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2048, 19.11.2017 - AIMP DevTeam)
Amped - Stevie T version 1.0.2 (HKLM\...\Amped - Stevie T_is1) (Version: 1.0.2 - )
ApowerREC V1.3.0 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.3.0 - Apowersoft LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Bass Station 2.3 (HKLM\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 2.3 - Novation)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitsonic Keyzone Classic 1.0 (HKLM\...\{88888ED7-TBF6-9E32-C2C5-KF14615389C8}_is1) (Version: 1.0 - Bitsonic LP)
Blender (HKLM\...\{892913E7-EB3C-43F8-ABDE-9333ABBF959A}) (Version: 2.82.0 - Blender Foundation)
Blue Cat's Chorus VST3-x64 (v4.31) (HKLM\...\{51426E23-69E4-4C81-83A1-67EB2C546D18}) (Version: 4.31 - Blue Cat Audio)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
C4DtoA for Cinema4D R21 (HKLM\...\C4DtoA_R21) (Version: 3.0.1_20191206155343_3f487729 - Solid Angle)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Chorus-WS1 version 1.0 (HKLM\...\SHD&ETRJF_is1) (Version: 1.0 - )
DC1A3 version 3.3.0.0 (HKLM\...\DC1A3_is1) (Version: 3.3.0.0 - )
Denise The Sweeper version 1.0.0 (HKLM\...\Denise The Sweeper_is1) (Version: 1.0.0 - )
discoDSP OB-Xd 2.2 (HKLM\...\OBXD_is1) (Version: 2.2 - discoDSP)
Discord (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DNxHD & ProRes Codec Components (HKLM-x32\...\DNxHD & ProRes QuickTime CODECs_is1) (Version: 2.0.0 - Team V.R)
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.3.3 - Dev47apps)
Dropbox (HKLM-x32\...\Dropbox) (Version: 117.4.378 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
eM Client (HKLM-x32\...\{90A077B4-A295-49A7-84C8-0C728B0A55A9}) (Version: 7.2.34711.0 - eM Client Inc.)
Epic Games Launcher (HKLM-x32\...\{B937FE60-4887-4C53-8C57-8821CBA819FD}) (Version: 1.1.279.0 - Epic Games, Inc.)
EQ1A version 3.4 (HKLM\...\EQ1A_is1) (Version: 3.4 - )
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.6 - Blackmagic Design)
Figma (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\Figma) (Version: 86.4.0 - Figma, Inc.)
Figma Font Helper (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\FigmaHelper) (Version: 21.0 - Figma, Inc.)
FileZilla Client 3.36.0 (HKLM-x32\...\FileZilla Client) (Version: 3.36.0 - Tim Kosse)
Focusrite USB 4.36.5.0 (HKLM\...\Focusrite USB_is1) (Version: 4.36.5.0 - Focusrite Audio Engineering Ltd.)
Fonts Ninja 0.1.35 (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\{681da0eb-374d-5be1-94a8-a3b514928885}) (Version: 0.1.35 - Fonts Ninja)
Gaea (remove only) (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\Gaea) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
HDR Light Studio 5 (HKLM-x32\...\HDR Light Studio 5) (Version: 5.2016.0810 - Lightmap LTD)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{5C0B869E-82CA-48FB-92B6-4A476984611F}) (Version: 19.0.190 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel® Network Connections 22.4.16.0 (HKLM\...\PROSetDX) (Version: 22.4.16.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.1.1015 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
LatencyMon 6.70 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Magic Bullet Suite v13.0.3 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.3 - Red Giant, LLC)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Martinic Kee Bass (HKLM-x32\...\Martinic Kee Bass) (Version: 1.0.1 - Martinic)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Microsoft OneDrive (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1104.625 - Microsoft Corporation)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
NDI 4 Runtime (HKLM\...\{71AFF296-ED43-4166-8301-4649285EE712}_is1) (Version:  - NewTek, inc.)
Notion 2.0.15 (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.15 - Notion Labs, Incorporated)
Notion 2.0.9 (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\{fcdf0d7f-424b-5f10-a1c7-a8f643f21adf}) (Version: 2.0.9 - Notion Labs, Incorporated)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.4 - OBS Project)
Obsession (HKLM\...\Obsession_is1) (Version:  - Synapse Audio Software)
obs-ndi version 4.8.0 (HKLM-x32\...\{69FA0C71-8BEB-4E0D-B5D2-53BFF9192EE2}_is1) (Version: 4.8.0 - Stephane Lepin)
PixPlant 3.0.11 (HKLM\...\PixPlant3_is1) (Version: 3.0.11 - FaronStudio)
Plex Media Server (HKLM-x32\...\{4B4D05DB-E95C-4431-B832-A4BDD0B4FF5E}) (Version: 1.19.2737 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{a95652bc-76ea-43d0-9cfa-03a21cb39b30}) (Version: 1.19.2.2737 - Plex, Inc.)
PureRef (HKLM-x32\...\PureRef) (Version: 1.9.2 - Idyllic Pixel)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8273 - Realtek Semiconductor Corp.)
ReaPlugs/x64 (HKLM\...\ReaPlugs) (Version:  - )
Red 2 & Red 3 Plug-in Suite version 1.1 (HKLM\...\Red 2 & Red 3 Plug-in Suite_is1) (Version: 1.1 - Focusrite Audio Engineering Limited)
Redshift (HKLM\...\Redshift) (Version: 3.0.28 - Redshift Rendering Technologies, Inc.)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
S-Gear2 (HKLM\...\{61918E44-002F-4E9A-84C6-347D05AFBD0B}) (Version: 2.9.7 - Scuffham Amps)
Slack (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\slack) (Version: 4.13.0 - Slack Technologies Inc.)
SonEQFree version 1.2.1 (HKLM\...\SonEQFree_is1) (Version: 1.2.1 - )
SonoBus version 1.3.2 (HKLM\...\SonoBus_is1) (Version: 1.3.2 - )
Spark Demo version 1.1.1 (HKLM\...\AB2Y_is1) (Version: 1.1.1 - )
Spotify (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\Spotify) (Version: 1.1.54.592.gc0b20638 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg VST Classics 1 64bit (HKLM\...\{AA322103-FC2B-4D86-BA6C-67D4DDB4209C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Stopping Plex (HKLM-x32\...\{5D14D525-A2E0-4615-BE67-571FEBB750E2}) (Version: 1.19.2737 - Plex, Inc.) Hidden
Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synapse Audio The Legend (HKLM\...\The Legend_is1) (Version: 1.3.1 - Synapse Audio)
TDR VOS SlickEQ version 1.3.5 (HKLM\...\TDR VOS SlickEQ_is1) (Version: 1.3.5 - Tokyo Dawn Labs)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
Togu Audio Line TAL-U-NO-LX (HKLM\...\TAL-U-NO-LX_is1) (Version: 4.2.7 - Togu Audio Line)
Trapcode Suite (HKLM\...\Trapcode Suite v15.1.8) (Version:  - Red Giant LLC)
Trapcode Suite 14 (HKLM\...\Trapcode Suite 14 v14.0.2) (Version:  - Red Giant LLC)
TreeSize Free V4.1.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.1.2 - JAM Software)
TSE BOD v3.0.0 (HKLM-x32\...\{8530D1BB-CE31-42A1-8935-7708C6DCEB74}_is1) (Version: v3.0.0 - TSE Audio)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Unfold3D VS 2018.0 (HKLM\...\Unfold3D VS 2018.0_is1) (Version:  - Rizom Lab)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{61702639-6539-473A-8FE5-618E194C0069}) (Version: 2.7.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
ValhallaSupermassive version 1.2.0v2 (HKLM-x32\...\{BDC66A59-A72C-4F4C-A7C1-F07BF597C032}_is1) (Version: 1.2.0v2 - Valhalla DSP, LLC)
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Visionneuse Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-040C-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Visual Studio Community 2017 (HKLM-x32\...\3cec5b06) (Version: 15.9.28307.770 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
WebM for Premiere (HKLM\...\{7BCAE84F-ACE9-4089-87BB-75B914551743}) (Version: 1.0.0 - fnord software)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WhatsApp (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\WhatsApp) (Version: 2.2108.8 - WhatsApp)
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WO Mic Client (HKLM-x32\...\WOMic) (Version:  - )
World Machine Professional Edition (Dev Channel) (HKLM-x32\...\World MachineDev) (Version:  - )
Zoom (HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)
ZXP Installer (HKLM-x32\...\{B94067CB-2B26-47F2-AB6F-D4AE05888710}) (Version: 1.2.7329.22135 - aescripts + aeplugins)
ZXP Installer (HKLM-x32\...\{c1ff6348-4d1c-4fe2-a9ed-464e83609075}) (Version: 1.2.7329.22135 - aescripts + aeplugins) Hidden
 
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-07-17] (Adobe Systems Incorporated)
Assistant Mobile Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1807.9.0_x64__8wekyb3d8bbwe [2018-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-11-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
QuickLook -> C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.11.0_neutral__egxr34yet59cg [2021-03-09] (Paddy Xu) [Startup Task]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2017-12-07] (Samsung Electronics Co. Ltd.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3592542235-2043277170-2684174653-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0xF35379B41B74D30153D7911E07A7D301340000005D00000000000000 => No File
CustomCLSID: HKU\S-1-5-21-3592542235-2043277170-2684174653-1001_Classes\CLSID\{95d90590-c7d8-4559-a0f4-8707a101b104}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3592542235-2043277170-2684174653-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => E:\Dropbox [2017-11-19 21:45]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-11-20] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-11-20] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)\Utilities\bin\x64\TxView.dll [2010-06-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Baz\Desktop\Google Keep.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\Baz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Keep.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\Baz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Keep – Notes et listes.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
 
==================== Loaded Modules (Whitelisted) =============
 
2020-04-24 20:53 - 2020-04-24 20:53 - 000629760 _____ () [File not signed] \\?\C:\Users\Baz\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\aac_decoder.dll
2020-04-19 14:15 - 2020-04-19 14:15 - 000336384 _____ () [File not signed] \\?\C:\Users\Baz\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\ac3_decoder.dll
2020-04-19 14:15 - 2020-04-19 14:15 - 000607232 _____ () [File not signed] \\?\C:\Users\Baz\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\dca_decoder.dll
2020-04-19 14:15 - 2020-04-19 14:15 - 001558016 _____ () [File not signed] \\?\C:\Users\Baz\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\h264_decoder.dll
2020-04-19 14:15 - 2020-04-19 14:15 - 000817152 _____ () [File not signed] \\?\C:\Users\Baz\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\hevc_decoder.dll
2020-04-19 14:15 - 2020-04-19 14:15 - 001799680 _____ () [File not signed] \\?\C:\Users\Baz\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\libx264_encoder.dll
2020-04-19 14:15 - 2020-04-19 14:15 - 000578560 _____ () [File not signed] \\?\C:\Users\Baz\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\mp3_decoder.dll
2020-04-19 14:15 - 2020-04-19 14:15 - 001267200 _____ () [File not signed] \\?\C:\Users\Baz\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\mpeg4_decoder.dll
2019-06-03 10:51 - 2015-05-08 13:26 - 000104448 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2019-06-03 10:51 - 2021-03-15 21:06 - 000042792 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-04-24 14:30 - 2017-04-24 14:30 - 000349696 _____ (Intel® Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2017-09-28 17:41 - 2017-09-28 17:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2020-03-24 19:32 - 2020-03-24 19:32 - 002080256 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Red Giant\Services\LIBEAY32.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\PACE:37077A0003115E71 [217]
AlternateDataStreams: C:\Users\Baz\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Baz\AppData\Local\Temp:com.affinity.designer.2 [320]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 12:04 - 2018-09-14 14:57 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.overloud.com
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64_win\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Baz\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Gremz.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\StartupApproved\StartupFolder: => "Seer.lnk"
HKU\S-1-5-21-3592542235-2043277170-2684174653-1001\...\StartupApproved\StartupFolder: => "Folding@home.lnk"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{5C5901B9-E2C1-4877-9E68-A05534627B62}] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe => No File
FirewallRules: [UDP Query User{C2B5A8EC-C74A-4D23-96B9-B38E9C260437}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File
FirewallRules: [TCP Query User{D8F7456E-4C78-4C2F-9078-D14BC1A58BC3}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File
FirewallRules: [UDP Query User{0C5431F3-DD17-4528-80CE-4E27AEDB28D5}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File
FirewallRules: [TCP Query User{F2DE39FC-56E3-43D6-896F-797901C93AC9}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File
FirewallRules: [UDP Query User{B43721BB-EDBE-4B16-A73C-8C3121818E85}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [TCP Query User{A9C74F60-B37F-4BB1-8BE9-8A65EC6EE887}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File
FirewallRules: [UDP Query User{8C71496F-F360-4845-BF95-39843C82C1FF}F:\games\overwatch\overwatch.exe] => (Allow) F:\games\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{9F11093F-2F92-4898-B9B8-817F686D7567}F:\games\overwatch\overwatch.exe] => (Allow) F:\games\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{BF360A13-912C-4E8F-BAEB-A1F9F997B02A}C:\program files\storyboarder\storyboarder.exe] => (Allow) C:\program files\storyboarder\storyboarder.exe => No File
FirewallRules: [TCP Query User{C2E6A262-EAA8-4A59-A05F-07B1F1C76547}C:\program files\storyboarder\storyboarder.exe] => (Allow) C:\program files\storyboarder\storyboarder.exe => No File
FirewallRules: [UDP Query User{9EAA0F2A-D8B8-488F-8521-C027F42E5EAE}F:\games\hearthstone\hearthstone.exe] => (Allow) F:\games\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{E1A37C6B-FE83-4DD1-B677-10BF4F9A75C2}F:\games\hearthstone\hearthstone.exe] => (Allow) F:\games\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{B4C6A289-73AC-445C-9308-BF4CA6219A22}F:\games\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base62347\sc2_x64.exe => No File
FirewallRules: [TCP Query User{AD296CF4-42C3-44D5-B6FC-836D108D5353}F:\games\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base62347\sc2_x64.exe => No File
FirewallRules: [UDP Query User{E17FD241-9BCD-4638-A6F2-ED3FB1136D17}F:\games\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base60321\sc2_x64.exe => No File
FirewallRules: [TCP Query User{9FD1B9D4-6CAF-40DD-9D48-0F57271BC6D0}F:\games\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base60321\sc2_x64.exe => No File
FirewallRules: [UDP Query User{83766D58-093C-47FD-AA45-773CCF5B9622}F:\games\warcraft iii 1.26 -iceblitz\war3.exe] => (Allow) F:\games\warcraft iii 1.26 -iceblitz\war3.exe => No File
FirewallRules: [TCP Query User{C38D0AF9-EA8F-4FCD-8CA2-60B86380663D}F:\games\warcraft iii 1.26 -iceblitz\war3.exe] => (Allow) F:\games\warcraft iii 1.26 -iceblitz\war3.exe => No File
FirewallRules: [UDP Query User{87C9DA71-E88A-48B4-959A-BE1859CAF6AA}F:\games\warcraft iii\war3.exe] => (Block) F:\games\warcraft iii\war3.exe => No File
FirewallRules: [TCP Query User{D8E1716E-F904-429D-851F-D1CADF73FCB5}F:\games\warcraft iii\war3.exe] => (Block) F:\games\warcraft iii\war3.exe => No File
FirewallRules: [UDP Query User{D79A9C75-4621-4B9F-8CBB-5DE8A9A1C67D}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File
FirewallRules: [TCP Query User{C8978D17-E0CC-4E27-99B9-20E81133E92B}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File
FirewallRules: [UDP Query User{0D7638D3-3CD2-497D-9719-9ACF75568A71}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe => No File
FirewallRules: [TCP Query User{D746E6C1-8B05-49BD-B3F5-988BA66C50B6}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe => No File
FirewallRules: [UDP Query User{0C2D6DEE-AC64-4708-9A59-701361A0AA84}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [TCP Query User{3B7C7AE4-AC1F-4CDB-B792-CB415A24DA18}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{13ABC41A-A1B7-4014-9E8B-70DDD58966E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{FA902ADE-90EB-4D0B-AA3E-A5C58E90F283}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A32272AD-2828-4B96-A1D1-8C56EB150D0D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{0CB8402C-C975-4668-9E08-BEFE478A5CA7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [UDP Query User{6D3B6F61-2F7C-40E1-9A02-899323C6C82F}C:\users\baz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\baz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{94676DCD-6865-4665-AF98-90A23F4F528C}C:\users\baz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\baz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AD74C761-1332-4900-A10B-51E12A4E9FD0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F32256AF-544F-404B-B03F-E6AD1476BE37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{51097D24-D48D-4EF4-A98A-62DAF5B1534F}F:\games\diablo iii\x64\diablo iii64.exe] => (Block) F:\games\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{E0A7648A-E03F-4450-93C1-6F2103DA7FEA}F:\games\diablo iii\x64\diablo iii64.exe] => (Block) F:\games\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{20449519-E598-4276-A156-709FC35B088A}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe => No File
FirewallRules: [UDP Query User{B9E6B933-A119-4E4A-BB12-A3B5027181EE}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe => No File
FirewallRules: [TCP Query User{1EF03F68-5FBD-4B5B-A6AA-2009BAF03DA9}C:\users\baz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\baz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{639ECEC9-2069-4997-9BF4-2F0D39BD20A6}C:\users\baz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\baz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{62485EA7-7375-4F23-AFF0-845DFC1B5D28}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{EF3C28AF-525A-43B9-8EE7-FCF97DF9552E}C:\program files (x86)\aimp\aimp.exe] => (Allow) C:\program files (x86)\aimp\aimp.exe (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
FirewallRules: [UDP Query User{615B19C7-0514-4456-B242-A2C2C26AC610}C:\program files (x86)\aimp\aimp.exe] => (Allow) C:\program files (x86)\aimp\aimp.exe (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
FirewallRules: [TCP Query User{E228F32E-EC5A-4935-BF06-5A5F8408173B}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe => No File
FirewallRules: [UDP Query User{4ACE5BE1-DE0B-44E6-90C9-B174B035EF86}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe => No File
FirewallRules: [TCP Query User{A21B8199-E8BA-4E3B-A31B-8716812D4E5F}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe => No File
FirewallRules: [UDP Query User{76091A43-998F-45B1-B336-1EE575911726}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe => No File
FirewallRules: [TCP Query User{01F112FA-3829-4724-BB1D-6954BA162D82}C:\program files (x86)\macaw\macaw-node.exe] => (Allow) C:\program files (x86)\macaw\macaw-node.exe => No File
FirewallRules: [UDP Query User{561ADD7D-C84C-4F3B-B925-0E81068E60B0}C:\program files (x86)\macaw\macaw-node.exe] => (Allow) C:\program files (x86)\macaw\macaw-node.exe => No File
FirewallRules: [{45CA24E4-46FB-4EE5-84BD-27647932502D}] => (Allow) F:\Games\steamapps\common\Metro Last Light\MetroLL.exe => No File
FirewallRules: [{70234B07-E9A6-47BD-9334-6DB425151D34}] => (Allow) F:\Games\steamapps\common\Metro Last Light\MetroLL.exe => No File
FirewallRules: [TCP Query User{5B59CA90-D2B9-4AB6-B423-7FBE7511CAA9}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => No File
FirewallRules: [UDP Query User{99D92890-7175-44B0-9FCF-CEA6CCD1A58D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => No File
FirewallRules: [TCP Query User{3304D14A-A327-479E-93A3-090CAD5A7628}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe => No File
FirewallRules: [UDP Query User{F3DB0C67-DEBE-4468-BA91-B36633D62027}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe => No File
FirewallRules: [TCP Query User{89B28A53-06C6-40D9-A7ED-A5495D40B464}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FAD3978D-5513-4BA6-A36A-3A4E2623C8D8}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{2E2BEFC3-FF23-4D0B-80BF-517D6AC219C9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FBAF043D-053D-4723-B09F-2F91374EFB79}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{09B300E4-5D29-4C26-960E-96AE5ADDB5AE}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{EFAC8A07-CA72-492E-A67F-300F7A10864D}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [{5261375B-20D3-43B2-9761-A23668D10655}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{61C50E7E-E07D-4351-BCBD-DBDCE5E288A1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8F24751F-5867-4336-90E0-43142A5EB10D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{159AB6AE-0C69-4AB7-BC2E-F3C8A90AC51B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DA85C6C5-9AD0-4EFF-8EF6-E24016455D4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B01C1CAD-C52B-4758-B123-9E1AFC3D3B66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{377CF757-ED7D-40BF-8D25-646C90532C70}F:\games\overwatch test\overwatch.exe] => (Allow) F:\games\overwatch test\overwatch.exe => No File
FirewallRules: [UDP Query User{6A693612-C997-464A-BC95-1A10EC806D32}F:\games\overwatch test\overwatch.exe] => (Allow) F:\games\overwatch test\overwatch.exe => No File
FirewallRules: [TCP Query User{335B8582-4DB5-4E8B-AF19-808768E428B3}F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C0C51AFC-473C-4770-8E0A-BCCFD6AEA4D1}F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File
FirewallRules: [{94BB7F87-0E8F-4BD1-98BB-4B1493E2371D}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{5C8E9078-2175-4C1D-8F5D-8DA9B80E5F3C}] => (Block) C:\ProgramData\Ableton\Live 10 Suite\Program\Ableton Live 10 Suite.exe (Ableton) [File not signed]
FirewallRules: [{064901D6-5EEA-4C59-BD08-26A14A0E5B2D}] => (Block) C:\ProgramData\Ableton\Live 10 Suite\Program\Ableton Live 10 Suite.exe (Ableton) [File not signed]
FirewallRules: [{B61555A1-1A0E-459D-9F8E-0DBE4034FCA2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0469D7B1-91E0-4D7C-9462-E8701812D520}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8E847EBE-5D6B-4C46-96DF-EE0AA2CA5E02}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C3980B3C-5BD7-45A8-A2CB-C4E2C2D9AC6B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BC723A0F-A1F3-42C6-9382-A21EBD32E9BE}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6CDD5663-C126-4ED6-A16C-7AFF5431A726}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{D38F6496-C255-4633-9C33-EF6C869B2BE4}] => (Block) %ProgramFiles%\WorldCreator\Launcher.exe => No File
FirewallRules: [{B8ABF9D4-4321-403B-BF83-E4886971FE5F}] => (Block) %ProgramFiles%\WorldCreator\WorldCreator.exe => No File
FirewallRules: [{7024B102-71E6-4F5B-BF7D-4C6E40E089A9}] => (Block) %ProgramFiles%\WorldCreator\Launcher.exe => No File
FirewallRules: [{367EEC03-12F3-4038-8A02-EFE441E478BB}] => (Block) %ProgramFiles%\WorldCreator\WorldCreator.exe => No File
FirewallRules: [TCP Query User{D9B5FFEE-902C-422D-A263-718CFE911315}C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe => No File
FirewallRules: [UDP Query User{71DB030B-8FB0-4E11-B418-69CCE46A580F}C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe => No File
FirewallRules: [TCP Query User{126D8EE5-AF82-477D-99DB-87D9AB08FBAF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{D3A3F8D1-730F-4D9D-8A5F-9DF35F8FDFF7}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{1B7A7124-2E13-45C4-8F2A-C5BAD905557C}C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe => No File
FirewallRules: [UDP Query User{7BDB1ADF-A548-4408-AEAA-DB652B87A041}C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe => No File
FirewallRules: [TCP Query User{EE189DB4-D7D2-4F35-964D-93DCB23839FF}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Block) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File
FirewallRules: [UDP Query User{B27E4911-019F-4370-90D3-907C9178B0EF}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Block) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File
FirewallRules: [TCP Query User{24E2E991-08AA-4D3D-97E7-9AFA08058721}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File
FirewallRules: [UDP Query User{AE838082-8DE0-4546-B158-786AAC192065}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File
FirewallRules: [TCP Query User{7EBEF171-5C0C-46BA-BD63-CE31CF825447}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe => No File
FirewallRules: [UDP Query User{ACF9DC30-4616-4EF6-B139-9E6BD10D50C5}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe => No File
FirewallRules: [{16D04F7C-9064-4FDB-B59E-68356145DCDF}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [TCP Query User{298D4D93-FB99-4847-9117-7C12E5C69362}C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe => No File
FirewallRules: [UDP Query User{06325B7C-8054-43B4-BE03-2591D08FE484}C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe => No File
FirewallRules: [TCP Query User{FAD56084-9220-48D1-8C8B-431323ECEF5C}C:\program files (x86)\jamkazam\jamkazam.exe] => (Allow) C:\program files (x86)\jamkazam\jamkazam.exe => No File
FirewallRules: [UDP Query User{AB10A9F7-1B84-47E3-B41A-589DD3EDAE9A}C:\program files (x86)\jamkazam\jamkazam.exe] => (Allow) C:\program files (x86)\jamkazam\jamkazam.exe => No File
FirewallRules: [TCP Query User{0064E8D6-7A85-4004-9370-CB75BC030B93}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe => No File
FirewallRules: [UDP Query User{E8C3D6C8-47A8-462B-B01E-738E9DC9D6B0}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe => No File
FirewallRules: [TCP Query User{B34C8B8F-B870-4E7D-824D-34AAB5E0A98B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe => No File
FirewallRules: [UDP Query User{66DAC450-C18A-4E6D-A81A-6B6F6B0EB9AC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe => No File
FirewallRules: [TCP Query User{2A0028FF-BB4F-4BD4-B4F7-5930E47F4B75}C:\program files\allegorithmic\substance painter\substance painter.exe] => (Block) C:\program files\allegorithmic\substance painter\substance painter.exe => No File
FirewallRules: [UDP Query User{DBA6F8F7-BA51-4469-B563-057824624B3B}C:\program files\allegorithmic\substance painter\substance painter.exe] => (Block) C:\program files\allegorithmic\substance painter\substance painter.exe => No File
FirewallRules: [TCP Query User{D4B8F25E-EEE7-4A14-8189-6B8836BAD731}C:\users\baz\downloads\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\bin\ranchsync_server.exe => No File
FirewallRules: [UDP Query User{6D3AFA54-0BFE-4F42-ADF6-4B070EDFB445}C:\users\baz\downloads\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\bin\ranchsync_server.exe => No File
FirewallRules: [TCP Query User{D261B3AA-4F86-4A40-A9EA-38A86DADB7C7}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{A89FE576-8BD5-4ADE-BA10-2B21D31286B0}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{156F890F-155F-4BD6-9B37-851EE56071B7}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{F92D406C-2A77-4140-BFB4-3B24C216BF03}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{B664610F-2920-48BD-95DB-A99E3607DC94}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F5E9D093-F5DF-4F5B-9C0F-49A959E3D22E}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{07018032-EE81-48AE-A0D4-9755587AE924}C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [UDP Query User{49B5C48A-631E-41E7-92B5-38A5613A1F72}C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [TCP Query User{FB5D3AC4-3A51-4858-BF0D-2B0D2C95BC81}C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [UDP Query User{4A723D70-3F22-4A3C-AF0C-88C107F9DF12}C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [TCP Query User{4F020FB2-5818-437F-9E26-9AEC84D07FD2}F:\games\lol\game\league of legends.exe] => (Allow) F:\games\lol\game\league of legends.exe => No File
FirewallRules: [UDP Query User{8FBCD4CD-E8E2-4C03-B467-0F843E681C6B}F:\games\lol\game\league of legends.exe] => (Allow) F:\games\lol\game\league of legends.exe => No File
FirewallRules: [TCP Query User{62060A05-CE81-4B6F-90AB-51A7073478E0}F:\games\destiny 2\destiny2.exe] => (Allow) F:\games\destiny 2\destiny2.exe => No File
FirewallRules: [UDP Query User{7878092E-8459-4847-9C62-88A2811A75E1}F:\games\destiny 2\destiny2.exe] => (Allow) F:\games\destiny 2\destiny2.exe => No File
FirewallRules: [TCP Query User{A47742C0-9589-41FE-8D2D-D106D8D5F209}F:\games\overwatch\_retail_\overwatch.exe] => (Allow) F:\games\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{5FE35E7C-777D-48D9-ADB9-F0F393EF3A1B}F:\games\overwatch\_retail_\overwatch.exe] => (Allow) F:\games\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{D790C7CC-C686-4246-AC72-58F719FC23FB}C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe => No File
FirewallRules: [UDP Query User{0D16051A-EC5F-42FB-A6FF-CAA97DB49760}C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe => No File
FirewallRules: [{C873AC69-5B8F-4674-BE66-B69483D8564D}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => No File
FirewallRules: [TCP Query User{DAEBF279-DCDD-4359-A352-04F68058424D}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => No File
FirewallRules: [UDP Query User{CC4DF210-B158-4BEC-A82F-65DDCE3DD4AC}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => No File
FirewallRules: [TCP Query User{A0A3B613-52B7-4D92-AB98-E39D52FF1249}C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe => No File
FirewallRules: [UDP Query User{05A02230-49BD-41CA-822D-FCBB294D995A}C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe => No File
FirewallRules: [{7DD01ECC-4934-4919-A6BB-0D162DFDE63C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{BED2A192-44FC-415D-A0E9-2A175E239624}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{C641B4F4-1F72-419E-BF3E-B4A6F60B8681}C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [UDP Query User{AD4FF444-5D42-4E2D-B333-C25577B3F0A8}C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe => No File
FirewallRules: [TCP Query User{DF6F6204-EFD2-45B6-8690-204CBAB1C7C4}C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe => No File
FirewallRules: [UDP Query User{F14A0190-20FB-45B8-9472-A54802B85123}C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe => No File
FirewallRules: [TCP Query User{46E88F88-6516-4C9B-AB13-53F0156737DB}C:\program files (x86)\eagle\eagle.exe] => (Allow) C:\program files (x86)\eagle\eagle.exe => No File
FirewallRules: [UDP Query User{47D59F43-E260-43D3-8679-0184CAC45BF9}C:\program files (x86)\eagle\eagle.exe] => (Allow) C:\program files (x86)\eagle\eagle.exe => No File
FirewallRules: [TCP Query User{503522F5-6197-4DBE-9D19-B622922EF4B9}C:\program files (x86)\eagle\drag_extension\dragextension.exe] => (Allow) C:\program files (x86)\eagle\drag_extension\dragextension.exe => No File
FirewallRules: [UDP Query User{BD60A289-92C2-4BC9-AD77-F9C3CEA8FD8D}C:\program files (x86)\eagle\drag_extension\dragextension.exe] => (Allow) C:\program files (x86)\eagle\drag_extension\dragextension.exe => No File
FirewallRules: [TCP Query User{149D8615-C2F5-4434-B8A4-23CEA43837D0}C:\program files\notch trial\notch_demo.exe] => (Allow) C:\program files\notch trial\notch_demo.exe => No File
FirewallRules: [UDP Query User{C56C008D-CC60-4580-B4B5-E343A73CC79C}C:\program files\notch trial\notch_demo.exe] => (Allow) C:\program files\notch trial\notch_demo.exe => No File
FirewallRules: [{CDA3A47A-6B24-45FB-9887-4FEC938D2709}] => (Block) C:\Program Files\Maxon Cinema 4D R21\Cinema 4D.exe (MAXON Computer GmbH -> MAXON Computer GmbH)
FirewallRules: [{0771B499-D83A-43D1-81C0-7EF0A9FFBDC8}] => (Block) C:\Program Files\Maxon Cinema 4D R21\Cinema 4D.exe (MAXON Computer GmbH -> MAXON Computer GmbH)
FirewallRules: [TCP Query User{F7D5C21A-2FCA-4B1D-BAA6-555DD87F08EA}C:\program files\adobe\adobe after effects cc 2019\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2019\support files\afterfx.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{0B7D9D11-3A76-4E59-BCDA-72D059F1D3A2}C:\program files\adobe\adobe after effects cc 2019\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2019\support files\afterfx.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{E8FC2AC1-2EDA-4757-877E-6FA494935C18}] => (Block) C:\Program Files\Adobe\Adobe After Effects CC 2019\Support Files\AfterFX.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{EC9DA18E-972E-4325-A16C-D1437178B387}] => (Block) C:\Program Files\Adobe\Adobe Illustrator CC 2019\Support Files\Contents\Windows\Illustrator.exe (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
FirewallRules: [{3C33F00F-E1D1-409A-94EE-98572155E6CB}] => (Block) C:\Program Files\Adobe\Adobe Media Encoder CC 2019\Adobe Media Encoder.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [{24677BA3-312F-4D3A-945A-79140E288220}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\Photoshop.exe (Adobe Inc. -> Adobe Systems Incorporated) [File not signed]
FirewallRules: [{8D563E56-D2EC-4A80-B6C3-9FEF0B45B5E2}] => (Block) C:\Program Files\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe (Adobe Inc. -> Adobe)
FirewallRules: [{683FDCEE-F6CB-467B-8DC1-C9184A9EE145}] => (Block) C:\Program Files\Adobe\Adobe Illustrator CC 2019\Support Files\Contents\Windows\Illustrator.exe (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
FirewallRules: [{8F679EFF-2CE2-47C5-A5EA-E11CF5F71D4E}] => (Block) C:\Program Files\Adobe\Adobe Media Encoder CC 2019\Adobe Media Encoder.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [{CC97B934-ACEE-415E-9C99-639F6D5F633E}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\Photoshop.exe (Adobe Inc. -> Adobe Systems Incorporated) [File not signed]
FirewallRules: [{A71E93B8-468B-42AF-8E5D-906D49125607}] => (Block) C:\Program Files\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe (Adobe Inc. -> Adobe)
FirewallRules: [TCP Query User{A2DF62F0-C55D-4D8F-9328-F31A81C76A22}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [UDP Query User{BC626AE0-6FEF-48F8-928E-15CA3268904D}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [{6596120D-2431-4C32-ACCB-DE46E3CBAE56}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File
FirewallRules: [{B5F4BF05-1DB6-4E14-B7E1-CCA75A86B333}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File
FirewallRules: [TCP Query User{547EF1C8-508A-4C7F-A7F2-99614B3376DE}C:\program files\notch\notchapp.exe] => (Allow) C:\program files\notch\notchapp.exe => No File
FirewallRules: [UDP Query User{02B7D964-6247-4C11-8A5A-5BC369F4D088}C:\program files\notch\notchapp.exe] => (Allow) C:\program files\notch\notchapp.exe => No File
FirewallRules: [TCP Query User{DDD59DBB-F6F0-4671-BE35-E05F70C71BEC}F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{8A5DC686-8FFE-4407-A943-1568ED851884}F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [{75F17DC3-7A0D-4BCF-B512-734E0EB4CE54}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{0331972C-4E27-461E-AD13-31B0BAE9A76F}] => (Allow) C:\Program Files\QuadSpinner\Gaea\Gaea.exe (QuadSpinner) [File not signed]
FirewallRules: [{A2115372-F442-41F7-B54F-BA1EF7CBB42F}] => (Allow) C:\Program Files\QuadSpinner\Gaea\Gaea.exe (QuadSpinner) [File not signed]
FirewallRules: [{0C7D0137-D60C-4FD8-BEC3-5E0961EA46C6}] => (Allow) C:\Program Files\QuadSpinner\Gaea\Archon.exe () [File not signed]
FirewallRules: [{D2E1E14C-8F19-4E43-A4EF-59D3AF18ED4A}] => (Allow) C:\Program Files\QuadSpinner\Gaea\Archon.exe () [File not signed]
FirewallRules: [{E1DF519B-261F-446A-97AF-3840BA8B32AE}] => (Allow) C:\Program Files\QuadSpinner\Gaea\Watson.exe () [File not signed]
FirewallRules: [{90C42B73-91CA-4164-937C-B1449F16340D}] => (Allow) C:\Program Files\QuadSpinner\Gaea\Watson.exe () [File not signed]
FirewallRules: [{4978CF51-3506-4C3B-8B86-743A0A8C37C8}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File
FirewallRules: [{61AFB30E-FD9B-4856-A790-6A893D243E06}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File
FirewallRules: [{C7435025-4C04-4AB5-BEFD-AB11DB8F7A87}] => (Allow) E:\Dropbox\WORK\GAEA\Gaea.exe (Daksh Pandhi -> QuadSpinner)
FirewallRules: [{5A8EF7AB-1117-42B8-9167-F9BBD260AF4B}] => (Allow) E:\Dropbox\WORK\GAEA\Gaea.exe (Daksh Pandhi -> QuadSpinner)
FirewallRules: [{3806DF65-875B-4442-AE4A-ECDD8FAC73F1}] => (Allow) E:\Dropbox\WORK\GAEA\Archon.exe () [File not signed]
FirewallRules: [{AC491BE5-07A5-4932-A5C5-D0C5FF7DBE6E}] => (Allow) E:\Dropbox\WORK\GAEA\Archon.exe () [File not signed]
FirewallRules: [{4361D030-51D5-46E7-963C-7BD4B2C73AD3}] => (Allow) E:\Dropbox\WORK\GAEA\Watson.exe () [File not signed]
FirewallRules: [{6C9C16FE-AA5C-4FA9-BFE7-72A68D9439E6}] => (Allow) E:\Dropbox\WORK\GAEA\Watson.exe () [File not signed]
FirewallRules: [{6CDD0328-2D6F-4D1F-8101-2556428E1B41}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [TCP Query User{4B9FA57F-986C-4F49-9B39-65108A0BE6D3}F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe => No File
FirewallRules: [UDP Query User{59ABE5C5-D4AB-4A68-AF4A-530FD00FC09B}F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe => No File
FirewallRules: [TCP Query User{A3D73256-CDEC-4C62-93EF-41AF6EC8441C}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [UDP Query User{11A20144-7422-4FB1-8BD8-DE1967CBB9F6}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{69C75B75-4A7A-4B4C-A4C6-4B189090BA0E}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{E4A6BBC9-34BA-471A-A863-B2CFA4FB6856}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{0CAB3D72-0E3A-4508-B58A-52C1195D0A00}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{9340488A-44FD-490E-9876-72E3A585737F}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [TCP Query User{E8C70FCC-8475-46F7-9FCC-FBA4D503BB07}C:\program files\derivative\touchdesigner\bin\touchdesigner.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchdesigner.exe => No File
FirewallRules: [UDP Query User{FCD15E21-C510-4F48-8ABD-12DE805F19EE}C:\program files\derivative\touchdesigner\bin\touchdesigner.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchdesigner.exe => No File
FirewallRules: [TCP Query User{13D0B9A1-4D73-4A7F-AC81-C29B45AA0AFF}F:\downloads\oscmonitor\oscmonitor.exe] => (Allow) F:\downloads\oscmonitor\oscmonitor.exe => No File
FirewallRules: [UDP Query User{6A6181A5-442B-49D0-8850-1E6E5A051097}F:\downloads\oscmonitor\oscmonitor.exe] => (Allow) F:\downloads\oscmonitor\oscmonitor.exe => No File
FirewallRules: [TCP Query User{153B59B7-1CD0-432A-A41A-C802E87F7336}F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe => No File
FirewallRules: [UDP Query User{E53E6466-3839-4016-AD43-9004C3D14F6F}F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe => No File
FirewallRules: [TCP Query User{6616D779-ECF1-4DE3-BBD0-5D7F2F0151A1}C:\program files\derivative\touchdesigner\bin\touchplayer.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchplayer.exe => No File
FirewallRules: [UDP Query User{273772ED-0882-4716-87FB-EF06CA5FE7EC}C:\program files\derivative\touchdesigner\bin\touchplayer.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchplayer.exe => No File
FirewallRules: [TCP Query User{A5C7DA6C-C2FF-4AC4-B26B-1A2E411D6BB0}C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe => No File
FirewallRules: [UDP Query User{17D98DA6-1A88-4AFA-A26C-11E23E72DAA2}C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe => No File
FirewallRules: [TCP Query User{BF2B8A34-710C-424D-9F07-E7DB77B3BF1C}F:\games\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) F:\games\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [UDP Query User{3BDF8F1D-F801-4F73-BD7E-DFD095D860D7}F:\games\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) F:\games\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe (Ghost Ship Games) [File not signed]
FirewallRules: [TCP Query User{1DC8A068-2A8D-4D2F-9283-463390C885D7}F:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{A1F688A1-D62F-427D-9FEB-3558A8B0F74C}F:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{00429A07-0633-4B41-BC20-83E2699179DA}C:\program files\allegorithmic\substance designer\substance designer.exe] => (Allow) C:\program files\allegorithmic\substance designer\substance designer.exe => No File
FirewallRules: [UDP Query User{434132B6-347D-481D-AE42-F7C184AE47C3}C:\program files\allegorithmic\substance designer\substance designer.exe] => (Allow) C:\program files\allegorithmic\substance designer\substance designer.exe => No File
FirewallRules: [{C42A314D-2670-42DF-93B1-6D02AAEEFC01}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [TCP Query User{9315194B-E9C4-4B2B-837E-05C16AEDC701}F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [UDP Query User{004D6BD7-6DA6-44A0-AA1A-7B71BADA46B4}F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File
FirewallRules: [TCP Query User{DE4607A5-E06C-42A8-96D2-29E509047AC6}C:\program files\adobe\adobe photoshop cc 2019\required\dynamiclinkmediaserver\amecommand.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2019\required\dynamiclinkmediaserver\amecommand.exe (Adobe Inc. -> Adobe Systems, Incorporated)
FirewallRules: [UDP Query User{610BF6DF-8ADC-4B32-B12E-9B24B6F55FF0}C:\program files\adobe\adobe photoshop cc 2019\required\dynamiclinkmediaserver\amecommand.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2019\required\dynamiclinkmediaserver\amecommand.exe (Adobe Inc. -> Adobe Systems, Incorporated)
FirewallRules: [TCP Query User{6034D99F-DC3C-4431-BB7F-F617599FF230}F:\games\warehousedemo\base\binaries\win64\thps12demo.exe] => (Allow) F:\games\warehousedemo\base\binaries\win64\thps12demo.exe => No File
FirewallRules: [UDP Query User{658BEF23-E129-4FB0-99F5-678B9AF7C757}F:\games\warehousedemo\base\binaries\win64\thps12demo.exe] => (Allow) F:\games\warehousedemo\base\binaries\win64\thps12demo.exe => No File
FirewallRules: [TCP Query User{302D0401-068D-4E5C-8D1F-3675B71C7F81}F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe] => (Allow) F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe => No File
FirewallRules: [UDP Query User{942B2E77-E2FA-4612-95C7-C4FBDC63213E}F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe] => (Allow) F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe => No File
FirewallRules: [{FCCEF52C-C019-4A0C-8519-53DF13F88755}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{BDB81CAF-3739-4C6F-84FA-E8C7483794FA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{98AE1798-89B2-452C-9D2D-4A8302AE99F4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{1456491B-033F-47A8-8DA1-0017FDFF6B73}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{D5FAFF77-7A08-4598-8FD7-4FED3CA8661A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{2465097F-5A41-4C4C-A2AB-311310572F0E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{C892172A-BBE8-423C-8666-78B547EDD339}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{ECF8B534-900D-470D-BFF5-6DC334389C78}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{E8460538-5AC1-47AE-A209-BC15F9E60FD3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe => No File
FirewallRules: [{F36F2170-40D4-4E74-86E3-EA2D99A0F5E4}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [{9CE146A5-D2F5-4D5F-AFA8-AA960A53F478}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{5BB39D51-0C72-4397-930C-5FBE7E2DD9E6}F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe => No File
FirewallRules: [UDP Query User{4108E4B0-C336-4112-AA2C-9643A460A148}F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe => No File
FirewallRules: [{5D4A1614-CA52-4C68-B13E-DA549BBAA8F3}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{41F841DE-6A73-4DF9-B213-6B6164876BF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6E5B0053-8F29-49B8-8041-671864D2943A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6E019018-42FC-4177-A367-D4A67B1078D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95735CFF-77B0-4542-B44B-D19BD4E7A26F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{35469E4E-AB09-46E5-AC19-7F2F1BBCC675}] => (Allow) F:\Games\SteamLibrary\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{BE7A8633-9AA7-4544-AE2E-986F93A9D504}] => (Allow) F:\Games\SteamLibrary\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{A30297DC-7E09-42EE-A2B5-575CEF329898}C:\program files\imaginando\drc\drc.exe] => (Allow) C:\program files\imaginando\drc\drc.exe => No File
FirewallRules: [UDP Query User{A7AF4E82-85FE-42F3-9330-AC2887AC2223}C:\program files\imaginando\drc\drc.exe] => (Allow) C:\program files\imaginando\drc\drc.exe => No File
FirewallRules: [TCP Query User{E34D77A3-A451-4095-B5B9-81BADBAA8C55}C:\program files\blackmagic design\davinci resolve\vstscanner.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\vstscanner.exe => No File
FirewallRules: [UDP Query User{9E77A909-DA7A-468C-A34F-33BA95A0D044}C:\program files\blackmagic design\davinci resolve\vstscanner.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\vstscanner.exe => No File
FirewallRules: [{5E49F3AA-7A8E-4B04-9329-D0A258A52021}] => (Allow) C:\Users\Baz\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D06DF51A-A1A0-4D9B-A432-F51F7A9C579D}] => (Allow) C:\Users\Baz\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{B5BD1840-AB29-4C28-893F-BAE9E1AF8CAF}] => (Allow) C:\Users\Baz\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{B3F3BE62-A3A5-4A6A-B463-CEFD14CCA00A}C:\program files\sonobus\sonobus.exe] => (Allow) C:\program files\sonobus\sonobus.exe (Sonosaurus LLC -> Sonosaurus)
FirewallRules: [UDP Query User{4E42D937-E034-49C7-B74B-E3B298810D06}C:\program files\sonobus\sonobus.exe] => (Allow) C:\program files\sonobus\sonobus.exe (Sonosaurus LLC -> Sonosaurus)
FirewallRules: [{87AFF17B-22D4-48CC-8723-26852AB25AB1}] => (Allow) F:\Games\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{09CCB6AB-FA4D-434A-B66D-901F9FE57035}] => (Allow) F:\Games\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [TCP Query User{4092AEBE-FC5F-450E-B663-F6DB99069F89}C:\program files\ue_4.26\engine\binaries\win64\ue4editor.exe] => (Block) C:\program files\ue_4.26\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6B131480-12A2-4DC8-BCB6-BEC6EFBB03F6}C:\program files\ue_4.26\engine\binaries\win64\ue4editor.exe] => (Block) C:\program files\ue_4.26\engine\binaries\win64\ue4editor.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E3C5CA46-9D20-41C5-8824-7DC75C19FF6A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{95CF38BF-5C23-4497-8393-2F910D531DF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EB7287F9-DF2D-4711-82FC-B70E07681726}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{908416F3-D663-4E58-BE5D-8B1E18BE641B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6CFC7146-9F8E-4FB7-B09A-6DE8D78FA459}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{CCA7CC0C-23F2-4C39-B447-D4FB85300F70}C:\program files\ue_4.26\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\ue_4.26\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{805B9C2F-6254-4C0B-9D78-824014DD956B}C:\program files\ue_4.26\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\ue_4.26\engine\binaries\dotnet\swarmagent.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{426AFF65-8EC4-4832-9B69-2D8CD1EFB678}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
12-03-2021 22:14:20 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (03/15/2021 10:31:03 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-98NK5H6)
Description: httphttp-2147467263
 
Error: (03/15/2021 09:14:48 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-98NK5H6)
Description: httphttp-2147467263
 
Error: (03/15/2021 09:07:24 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80004005, "file:///E:\[7f36c4b4-28e2-479b-9267-601f1535f7c0]\TEMPSHARING\">.
 
Error: (03/15/2021 09:06:37 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
 
Error: (03/15/2021 09:06:37 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
 
Error: (03/15/2021 09:06:37 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
 
Error: (03/15/2021 09:06:37 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
 
Error: (03/15/2021 09:06:30 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
 
 
System errors:
=============
Error: (03/15/2021 09:08:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscDataProtection
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/15/2021 09:08:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/15/2021 09:06:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-98NK5H6)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-98NK5H6\Baz SID (S-1-5-21-3592542235-2043277170-2684174653-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/15/2021 09:06:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Red Giant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (03/15/2021 09:06:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (03/15/2021 10:06:30 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-98NK5H6)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (03/15/2021 10:06:30 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-98NK5H6)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
Error: (03/15/2021 10:06:30 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-98NK5H6)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
Windows Defender:
================
Date: 2021-03-15 21:38:26.421
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Cracking!MSR
Severity: High
Category: Tool
Path: containerfile:_E:\Dropbox\SOFTZ\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso; containerfile:_F:\SOFTWARE\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso; containerfile:_F:\SOFTWARE\Master.Collection.2020\Adobe.Master.Collection.2020.v2.RU-EN.iso; file:_E:\Dropbox\SOFTZ\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso->Adobe 2019\products\APRO\crack.exe; file:_F:\SOFTWARE\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso->Adobe 2019\products\APRO\crack.exe; file:_F:\SOFTWARE\Master.Collection.2020\Adobe.Master.Collection.2020.v2.RU-EN.iso->Adobe 2020\products\APRO\crack.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.333.417.0, AS: 1.333.417.0, NIS: 1.333.417.0
Engine Version: AM: 1.1.17900.7, NIS: 1.1.17900.7
 
Date: 2021-03-15 21:38:26.421
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Casdet!rfn
Severity: Severe
Category: Trojan
Path: containerfile:_F:\SOFTWARE\Master.Collection.2020\Adobe.Master.Collection.2020.v2.RU-EN.iso; file:_F:\SOFTWARE\Master.Collection.2020\Adobe.Master.Collection.2020.v2.RU-EN.iso->Adobe 2020\packages\setup.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.333.417.0, AS: 1.333.417.0, NIS: 1.333.417.0
Engine Version: AM: 1.1.17900.7, NIS: 1.1.17900.7
 
Date: 2021-03-14 18:54:04.254
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Cracking!MSR
Severity: High
Category: Tool
Path: containerfile:_E:\Dropbox\SOFTZ\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso; containerfile:_F:\SOFTWARE\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso; containerfile:_F:\SOFTWARE\Master.Collection.2020\Adobe.Master.Collection.2020.v2.RU-EN.iso; file:_E:\Dropbox\SOFTZ\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso->Adobe 2019\products\APRO\crack.exe; file:_F:\SOFTWARE\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso->Adobe 2019\products\APRO\crack.exe; file:_F:\SOFTWARE\Master.Collection.2020\Adobe.Master.Collection.2020.v2.RU-EN.iso->Adobe 2020\products\APRO\crack.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.333.396.0, AS: 1.333.396.0, NIS: 1.333.396.0
Engine Version: AM: 1.1.17900.7, NIS: 1.1.17900.7
 
Date: 2021-03-14 18:54:04.253
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Casdet!rfn
Severity: Severe
Category: Trojan
Path: containerfile:_F:\SOFTWARE\Master.Collection.2020\Adobe.Master.Collection.2020.v2.RU-EN.iso; file:_F:\SOFTWARE\Master.Collection.2020\Adobe.Master.Collection.2020.v2.RU-EN.iso->Adobe 2020\packages\setup.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.333.396.0, AS: 1.333.396.0, NIS: 1.333.396.0
Engine Version: AM: 1.1.17900.7, NIS: 1.1.17900.7
 
Date: 2021-03-14 12:35:07.860
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Cracking!MSR
Severity: High
Category: Tool
Path: containerfile:_E:\Dropbox\SOFTZ\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso; containerfile:_F:\SOFTWARE\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso; containerfile:_F:\SOFTWARE\Master.Collection.2020\Adobe.Master.Collection.2020.v2.RU-EN.iso; file:_E:\Dropbox\SOFTZ\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso->Adobe 2019\products\APRO\crack.exe; file:_F:\SOFTWARE\Master.Collection.2019\Adobe.Master.Collection.2019.v7.RU-EN.vol1.iso->Adobe 2019\products\APRO\crack.exe; file:_F:\SOFTWARE\Master.Collection.2020\Adobe.Master.Collection.2020.v2.RU-EN.iso->Adobe 2020\products\APRO\crack.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.333.342.0, AS: 1.333.342.0, NIS: 1.333.342.0
Engine Version: AM: 1.1.17900.7, NIS: 1.1.17900.7
 
Date: 2021-03-15 21:16:03.291
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.333.417.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17900.7
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2021-03-03 08:19:49.456
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.331.2123.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17800.5
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2021-03-02 19:28:10.568
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.331.2123.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17800.5
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
 
Date: 2021-03-02 19:18:08.824
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2021-03-02 18:53:13.271
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.331.2123.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17800.5
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 1009 07/23/2017
Motherboard: ASUSTeK COMPUTER INC. PRIME Z270-A
Processor: Intel® Core™ i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 12%
Total physical RAM: 32705.07 MB
Available physical RAM: 28532.05 MB
Total Virtual: 37569.07 MB
Available Virtual: 31547.37 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:254.79 GB) (Free:78.93 GB) NTFS
Drive e: (MAIN) (Fixed) (Total:931.39 GB) (Free:188.38 GB) NTFS
Drive f: (DATA) (Fixed) (Total:931.39 GB) (Free:284.13 GB) NTFS
Drive g: (ESD-USB) (Removable) (Total:7.48 GB) (Free:2.92 GB) FAT32
 
\\?\Volume{ac4c49a0-aea8-42df-bbaf-9f71730d1716}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{3c9741ab-01b3-4069-8541-9109b39479bd}\ () (Fixed) (Total:0.83 GB) (Free:0.45 GB) NTFS
\\?\Volume{0d60dbe7-829f-4c95-96c5-ad842c69b2d3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 256.2 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 7.5 GB) (Disk ID: ED0AFC63)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)
 
==================== End of Addition.txt =======================

#4 JSntgRvr

JSntgRvr

    Malware Fighter


  • Avatar image
  • Malware Response Team
  • 15,212 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:02 AM

Posted 15 March 2021 - 06:57 PM

Hi
 
Welcome :)
 
I'll be helping you with your computer.
 
Please read this post completely before beginning. If there's anything that you do not understand, please don't hesitate to ask before proceeding.
 
Please take note of the guidelines for this fix:

  • Please note that I am a volunteer. I do have a family, a career, and other endeavors that may prevent immediate responses that meet your schedule. Do note that the differences in time zones could present a problem as well. Your patience and understanding will be greatly appreciated.
  • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
  • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
  • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
  • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
  • Continue to read and follow my instructions until I tell you that your machine is clean.
  • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you, and please wait for my reply before you proceed.
  • Scanning with programs and reading the logs do take a fair amount of time. Again, your patience will be necessary. :)

Let's begin... :)

  • Highlight the entire content of the quote box below.

Start:: 
CloseProcesses: 
AlternateDataStreams: C:\ProgramData\PACE:37077A0003115E71 [217] 
AlternateDataStreams: C:\Users\Baz\AppData\Local\Temp:$DATA​ [16] 
AlternateDataStreams: C:\Users\Baz\AppData\Local\Temp:com.affinity.designer.2 [320] 
HKLM-x32\...\Run: [] => [X] 
S3 VBAudioVACMME; \SystemRoot\system32\DRIVERS\vbaudio_cable64_win7.sys [X] 
S3 VBAudioVMVAIOMME; \SystemRoot\system32\DRIVERS\vbaudio_vmvaio64_win10.sys [X] 
FirewallRules: [{F36F2170-40D4-4E74-86E3-EA2D99A0F5E4}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File 
GroupPolicy: Restriction ? <==== ATTENTION 
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION 
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe (No File) 
ShortcutTarget: Seer.lnk -> C:\Program Files (x86)\Seer\Seer.exe (No File) 
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File] 
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File] 
CustomCLSID: HKU\S-1-5-21-3592542235-2043277170-2684174653-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0xF35379B41B74D30153D7911E07A7D301340000005D00000000000000 => No File 
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File 
FirewallRules: [{5C5901B9-E2C1-4877-9E68-A05534627B62}] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe => No File 
FirewallRules: [UDP Query User{C2B5A8EC-C74A-4D23-96B9-B38E9C260437}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File 
FirewallRules: [TCP Query User{D8F7456E-4C78-4C2F-9078-D14BC1A58BC3}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File 
FirewallRules: [UDP Query User{0C5431F3-DD17-4528-80CE-4E27AEDB28D5}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File 
FirewallRules: [TCP Query User{F2DE39FC-56E3-43D6-896F-797901C93AC9}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File 
FirewallRules: [UDP Query User{B43721BB-EDBE-4B16-A73C-8C3121818E85}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File 
FirewallRules: [TCP Query User{A9C74F60-B37F-4BB1-8BE9-8A65EC6EE887}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File 
FirewallRules: [UDP Query User{8C71496F-F360-4845-BF95-39843C82C1FF}F:\games\overwatch\overwatch.exe] => (Allow) F:\games\overwatch\overwatch.exe => No File 
FirewallRules: [TCP Query User{9F11093F-2F92-4898-B9B8-817F686D7567}F:\games\overwatch\overwatch.exe] => (Allow) F:\games\overwatch\overwatch.exe => No File 
FirewallRules: [UDP Query User{BF360A13-912C-4E8F-BAEB-A1F9F997B02A}C:\program files\storyboarder\storyboarder.exe] => (Allow) C:\program files\storyboarder\storyboarder.exe => No File 
FirewallRules: [TCP Query User{C2E6A262-EAA8-4A59-A05F-07B1F1C76547}C:\program files\storyboarder\storyboarder.exe] => (Allow) C:\program files\storyboarder\storyboarder.exe => No File 
FirewallRules: [UDP Query User{B4C6A289-73AC-445C-9308-BF4CA6219A22}F:\games\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base62347\sc2_x64.exe => No File 
FirewallRules: [TCP Query User{AD296CF4-42C3-44D5-B6FC-836D108D5353}F:\games\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base62347\sc2_x64.exe => No File 
FirewallRules: [UDP Query User{E17FD241-9BCD-4638-A6F2-ED3FB1136D17}F:\games\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base60321\sc2_x64.exe => No File 
FirewallRules: [TCP Query User{9FD1B9D4-6CAF-40DD-9D48-0F57271BC6D0}F:\games\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base60321\sc2_x64.exe => No File 
FirewallRules: [UDP Query User{83766D58-093C-47FD-AA45-773CCF5B9622}F:\games\warcraft iii 1.26 -iceblitz\war3.exe] => (Allow) F:\games\warcraft iii 1.26 -iceblitz\war3.exe => No File 
FirewallRules: [TCP Query User{C38D0AF9-EA8F-4FCD-8CA2-60B86380663D}F:\games\warcraft iii 1.26 -iceblitz\war3.exe] => (Allow) F:\games\warcraft iii 1.26 -iceblitz\war3.exe => No File 
FirewallRules: [UDP Query User{87C9DA71-E88A-48B4-959A-BE1859CAF6AA}F:\games\warcraft iii\war3.exe] => (Block) F:\games\warcraft iii\war3.exe => No File 
FirewallRules: [TCP Query User{D8E1716E-F904-429D-851F-D1CADF73FCB5}F:\games\warcraft iii\war3.exe] => (Block) F:\games\warcraft iii\war3.exe => No File 
FirewallRules: [UDP Query User{D79A9C75-4621-4B9F-8CBB-5DE8A9A1C67D}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File 
FirewallRules: [TCP Query User{C8978D17-E0CC-4E27-99B9-20E81133E92B}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File 
FirewallRules: [UDP Query User{0D7638D3-3CD2-497D-9719-9ACF75568A71}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe => No File 
FirewallRules: [TCP Query User{D746E6C1-8B05-49BD-B3F5-988BA66C50B6}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe => No File 
FirewallRules: [UDP Query User{0C2D6DEE-AC64-4708-9A59-701361A0AA84}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File 
FirewallRules: [TCP Query User{3B7C7AE4-AC1F-4CDB-B792-CB415A24DA18}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File 
FirewallRules: [TCP Query User{51097D24-D48D-4EF4-A98A-62DAF5B1534F}F:\games\diablo iii\x64\diablo iii64.exe] => (Block) F:\games\diablo iii\x64\diablo iii64.exe => No File 
FirewallRules: [UDP Query User{E0A7648A-E03F-4450-93C1-6F2103DA7FEA}F:\games\diablo iii\x64\diablo iii64.exe] => (Block) F:\games\diablo iii\x64\diablo iii64.exe => No File 
FirewallRules: [TCP Query User{20449519-E598-4276-A156-709FC35B088A}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe => No File 
FirewallRules: [UDP Query User{B9E6B933-A119-4E4A-BB12-A3B5027181EE}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe => No File 
FirewallRules: [TCP Query User{E228F32E-EC5A-4935-BF06-5A5F8408173B}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe => No File 
FirewallRules: [UDP Query User{4ACE5BE1-DE0B-44E6-90C9-B174B035EF86}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe => No File 
FirewallRules: [TCP Query User{A21B8199-E8BA-4E3B-A31B-8716812D4E5F}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe => No File 
FirewallRules: [UDP Query User{76091A43-998F-45B1-B336-1EE575911726}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe => No File 
FirewallRules: [TCP Query User{01F112FA-3829-4724-BB1D-6954BA162D82}C:\program files (x86)\macaw\macaw-node.exe] => (Allow) C:\program files (x86)\macaw\macaw-node.exe => No File 
FirewallRules: [UDP Query User{561ADD7D-C84C-4F3B-B925-0E81068E60B0}C:\program files (x86)\macaw\macaw-node.exe] => (Allow) C:\program files (x86)\macaw\macaw-node.exe => No File 
FirewallRules: [{45CA24E4-46FB-4EE5-84BD-27647932502D}] => (Allow) F:\Games\steamapps\common\Metro Last Light\MetroLL.exe => No File 
FirewallRules: [{70234B07-E9A6-47BD-9334-6DB425151D34}] => (Allow) F:\Games\steamapps\common\Metro Last Light\MetroLL.exe => No File 
FirewallRules: [TCP Query User{5B59CA90-D2B9-4AB6-B423-7FBE7511CAA9}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => No File 
FirewallRules: [UDP Query User{99D92890-7175-44B0-9FCF-CEA6CCD1A58D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => No File 
FirewallRules: [TCP Query User{3304D14A-A327-479E-93A3-090CAD5A7628}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe => No File 
FirewallRules: [UDP Query User{F3DB0C67-DEBE-4468-BA91-B36633D62027}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe => No File 
FirewallRules: [TCP Query User{09B300E4-5D29-4C26-960E-96AE5ADDB5AE}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File 
FirewallRules: [UDP Query User{EFAC8A07-CA72-492E-A67F-300F7A10864D}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File 
FirewallRules: [TCP Query User{377CF757-ED7D-40BF-8D25-646C90532C70}F:\games\overwatch test\overwatch.exe] => (Allow) F:\games\overwatch test\overwatch.exe => No File 
FirewallRules: [UDP Query User{6A693612-C997-464A-BC95-1A10EC806D32}F:\games\overwatch test\overwatch.exe] => (Allow) F:\games\overwatch test\overwatch.exe => No File 
FirewallRules: [TCP Query User{335B8582-4DB5-4E8B-AF19-808768E428B3}F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File 
FirewallRules: [UDP Query User{C0C51AFC-473C-4770-8E0A-BCCFD6AEA4D1}F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File 
FirewallRules: [{D38F6496-C255-4633-9C33-EF6C869B2BE4}] => (Block) %ProgramFiles%\WorldCreator\Launcher.exe => No File 
FirewallRules: [{B8ABF9D4-4321-403B-BF83-E4886971FE5F}] => (Block) %ProgramFiles%\WorldCreator\WorldCreator.exe => No File 
FirewallRules: [{7024B102-71E6-4F5B-BF7D-4C6E40E089A9}] => (Block) %ProgramFiles%\WorldCreator\Launcher.exe => No File 
FirewallRules: [{367EEC03-12F3-4038-8A02-EFE441E478BB}] => (Block) %ProgramFiles%\WorldCreator\WorldCreator.exe => No File 
FirewallRules: [TCP Query User{D9B5FFEE-902C-422D-A263-718CFE911315}C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe => No File 
FirewallRules: [UDP Query User{71DB030B-8FB0-4E11-B418-69CCE46A580F}C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe => No File 
FirewallRules: [TCP Query User{1B7A7124-2E13-45C4-8F2A-C5BAD905557C}C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe => No File 
FirewallRules: [UDP Query User{7BDB1ADF-A548-4408-AEAA-DB652B87A041}C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe => No File 
FirewallRules: [TCP Query User{EE189DB4-D7D2-4F35-964D-93DCB23839FF}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Block) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File 
FirewallRules: [UDP Query User{B27E4911-019F-4370-90D3-907C9178B0EF}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Block) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File 
FirewallRules: [TCP Query User{24E2E991-08AA-4D3D-97E7-9AFA08058721}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File 
FirewallRules: [UDP Query User{AE838082-8DE0-4546-B158-786AAC192065}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File 
FirewallRules: [TCP Query User{7EBEF171-5C0C-46BA-BD63-CE31CF825447}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe => No File 
FirewallRules: [UDP Query User{ACF9DC30-4616-4EF6-B139-9E6BD10D50C5}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe => No File 
FirewallRules: [TCP Query User{298D4D93-FB99-4847-9117-7C12E5C69362}C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe => No File 
FirewallRules: [UDP Query User{06325B7C-8054-43B4-BE03-2591D08FE484}C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe => No File 
FirewallRules: [TCP Query User{FAD56084-9220-48D1-8C8B-431323ECEF5C}C:\program files (x86)\jamkazam\jamkazam.exe] => (Allow) C:\program files (x86)\jamkazam\jamkazam.exe => No File 
FirewallRules: [UDP Query User{AB10A9F7-1B84-47E3-B41A-589DD3EDAE9A}C:\program files (x86)\jamkazam\jamkazam.exe] => (Allow) C:\program files (x86)\jamkazam\jamkazam.exe => No File 
FirewallRules: [TCP Query User{0064E8D6-7A85-4004-9370-CB75BC030B93}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe => No File 
FirewallRules: [UDP Query User{E8C3D6C8-47A8-462B-B01E-738E9DC9D6B0}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe => No File 
FirewallRules: [TCP Query User{B34C8B8F-B870-4E7D-824D-34AAB5E0A98B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe => No File 
FirewallRules: [UDP Query User{66DAC450-C18A-4E6D-A81A-6B6F6B0EB9AC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe => No File 
FirewallRules: [TCP Query User{2A0028FF-BB4F-4BD4-B4F7-5930E47F4B75}C:\program files\allegorithmic\substance painter\substance painter.exe] => (Block) C:\program files\allegorithmic\substance painter\substance painter.exe => No File 
FirewallRules: [UDP Query User{DBA6F8F7-BA51-4469-B563-057824624B3B}C:\program files\allegorithmic\substance painter\substance painter.exe] => (Block) C:\program files\allegorithmic\substance painter\substance painter.exe => No File 
FirewallRules: [TCP Query User{D4B8F25E-EEE7-4A14-8189-6B8836BAD731}C:\users\baz\downloads\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\bin\ranchsync_server.exe => No File 
FirewallRules: [UDP Query User{6D3AFA54-0BFE-4F42-ADF6-4B070EDFB445}C:\users\baz\downloads\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\bin\ranchsync_server.exe => No File 
FirewallRules: [TCP Query User{D261B3AA-4F86-4A40-A9EA-38A86DADB7C7}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File 
FirewallRules: [UDP Query User{A89FE576-8BD5-4ADE-BA10-2B21D31286B0}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File 
FirewallRules: [TCP Query User{156F890F-155F-4BD6-9B37-851EE56071B7}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File 
FirewallRules: [UDP Query User{F92D406C-2A77-4140-BFB4-3B24C216BF03}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File 
FirewallRules: [TCP Query User{07018032-EE81-48AE-A0D4-9755587AE924}C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [UDP Query User{49B5C48A-631E-41E7-92B5-38A5613A1F72}C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [TCP Query User{FB5D3AC4-3A51-4858-BF0D-2B0D2C95BC81}C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [UDP Query User{4A723D70-3F22-4A3C-AF0C-88C107F9DF12}C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [TCP Query User{4F020FB2-5818-437F-9E26-9AEC84D07FD2}F:\games\lol\game\league of legends.exe] => (Allow) F:\games\lol\game\league of legends.exe => No File 
FirewallRules: [UDP Query User{8FBCD4CD-E8E2-4C03-B467-0F843E681C6B}F:\games\lol\game\league of legends.exe] => (Allow) F:\games\lol\game\league of legends.exe => No File 
FirewallRules: [TCP Query User{62060A05-CE81-4B6F-90AB-51A7073478E0}F:\games\destiny 2\destiny2.exe] => (Allow) F:\games\destiny 2\destiny2.exe => No File 
FirewallRules: [UDP Query User{7878092E-8459-4847-9C62-88A2811A75E1}F:\games\destiny 2\destiny2.exe] => (Allow) F:\games\destiny 2\destiny2.exe => No File 
FirewallRules: [TCP Query User{A47742C0-9589-41FE-8D2D-D106D8D5F209}F:\games\overwatch\_retail_\overwatch.exe] => (Allow) F:\games\overwatch\_retail_\overwatch.exe => No File 
FirewallRules: [UDP Query User{5FE35E7C-777D-48D9-ADB9-F0F393EF3A1B}F:\games\overwatch\_retail_\overwatch.exe] => (Allow) F:\games\overwatch\_retail_\overwatch.exe => No File 
FirewallRules: [TCP Query User{D790C7CC-C686-4246-AC72-58F719FC23FB}C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe => No File 
FirewallRules: [UDP Query User{0D16051A-EC5F-42FB-A6FF-CAA97DB49760}C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe => No File 
FirewallRules: [{C873AC69-5B8F-4674-BE66-B69483D8564D}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => No File 
FirewallRules: [TCP Query User{DAEBF279-DCDD-4359-A352-04F68058424D}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => No File 
FirewallRules: [UDP Query User{CC4DF210-B158-4BEC-A82F-65DDCE3DD4AC}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => No File 
FirewallRules: [TCP Query User{A0A3B613-52B7-4D92-AB98-E39D52FF1249}C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe => No File 
FirewallRules: [UDP Query User{05A02230-49BD-41CA-822D-FCBB294D995A}C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe => No File 
FirewallRules: [{7DD01ECC-4934-4919-A6BB-0D162DFDE63C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File 
FirewallRules: [{BED2A192-44FC-415D-A0E9-2A175E239624}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File 
FirewallRules: [TCP Query User{C641B4F4-1F72-419E-BF3E-B4A6F60B8681}C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [UDP Query User{AD4FF444-5D42-4E2D-B333-C25577B3F0A8}C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [TCP Query User{DF6F6204-EFD2-45B6-8690-204CBAB1C7C4}C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe => No File 
FirewallRules: [UDP Query User{F14A0190-20FB-45B8-9472-A54802B85123}C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe => No File 
FirewallRules: [TCP Query User{46E88F88-6516-4C9B-AB13-53F0156737DB}C:\program files (x86)\eagle\eagle.exe] => (Allow) C:\program files (x86)\eagle\eagle.exe => No File 
FirewallRules: [UDP Query User{47D59F43-E260-43D3-8679-0184CAC45BF9}C:\program files (x86)\eagle\eagle.exe] => (Allow) C:\program files (x86)\eagle\eagle.exe => No File 
FirewallRules: [TCP Query User{503522F5-6197-4DBE-9D19-B622922EF4B9}C:\program files (x86)\eagle\drag_extension\dragextension.exe] => (Allow) C:\program files (x86)\eagle\drag_extension\dragextension.exe => No File 
FirewallRules: [UDP Query User{BD60A289-92C2-4BC9-AD77-F9C3CEA8FD8D}C:\program files (x86)\eagle\drag_extension\dragextension.exe] => (Allow) C:\program files (x86)\eagle\drag_extension\dragextension.exe => No File 
FirewallRules: [TCP Query User{149D8615-C2F5-4434-B8A4-23CEA43837D0}C:\program files\notch trial\notch_demo.exe] => (Allow) C:\program files\notch trial\notch_demo.exe => No File 
FirewallRules: [UDP Query User{C56C008D-CC60-4580-B4B5-E343A73CC79C}C:\program files\notch trial\notch_demo.exe] => (Allow) C:\program files\notch trial\notch_demo.exe => No File 
FirewallRules: [TCP Query User{A2DF62F0-C55D-4D8F-9328-F31A81C76A22}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File 
FirewallRules: [UDP Query User{BC626AE0-6FEF-48F8-928E-15CA3268904D}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File 
FirewallRules: [{6596120D-2431-4C32-ACCB-DE46E3CBAE56}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File 
FirewallRules: [{B5F4BF05-1DB6-4E14-B7E1-CCA75A86B333}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File 
FirewallRules: [TCP Query User{547EF1C8-508A-4C7F-A7F2-99614B3376DE}C:\program files\notch\notchapp.exe] => (Allow) C:\program files\notch\notchapp.exe => No File 
FirewallRules: [UDP Query User{02B7D964-6247-4C11-8A5A-5BC369F4D088}C:\program files\notch\notchapp.exe] => (Allow) C:\program files\notch\notchapp.exe => No File 
FirewallRules: [TCP Query User{DDD59DBB-F6F0-4671-BE35-E05F70C71BEC}F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File 
FirewallRules: [UDP Query User{8A5DC686-8FFE-4407-A943-1568ED851884}F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File 
FirewallRules: [{4978CF51-3506-4C3B-8B86-743A0A8C37C8}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File 
FirewallRules: [{61AFB30E-FD9B-4856-A790-6A893D243E06}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File 
FirewallRules: [TCP Query User{4B9FA57F-986C-4F49-9B39-65108A0BE6D3}F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe => No File 
FirewallRules: [UDP Query User{59ABE5C5-D4AB-4A68-AF4A-530FD00FC09B}F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe => No File 
FirewallRules: [TCP Query User{E8C70FCC-8475-46F7-9FCC-FBA4D503BB07}C:\program files\derivative\touchdesigner\bin\touchdesigner.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchdesigner.exe => No File 
FirewallRules: [UDP Query User{FCD15E21-C510-4F48-8ABD-12DE805F19EE}C:\program files\derivative\touchdesigner\bin\touchdesigner.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchdesigner.exe => No File 
FirewallRules: [TCP Query User{13D0B9A1-4D73-4A7F-AC81-C29B45AA0AFF}F:\downloads\oscmonitor\oscmonitor.exe] => (Allow) F:\downloads\oscmonitor\oscmonitor.exe => No File 
FirewallRules: [UDP Query User{6A6181A5-442B-49D0-8850-1E6E5A051097}F:\downloads\oscmonitor\oscmonitor.exe] => (Allow) F:\downloads\oscmonitor\oscmonitor.exe => No File 
FirewallRules: [TCP Query User{153B59B7-1CD0-432A-A41A-C802E87F7336}F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe => No File 
FirewallRules: [UDP Query User{E53E6466-3839-4016-AD43-9004C3D14F6F}F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe => No File 
FirewallRules: [TCP Query User{6616D779-ECF1-4DE3-BBD0-5D7F2F0151A1}C:\program files\derivative\touchdesigner\bin\touchplayer.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchplayer.exe => No File 
FirewallRules: [UDP Query User{273772ED-0882-4716-87FB-EF06CA5FE7EC}C:\program files\derivative\touchdesigner\bin\touchplayer.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchplayer.exe => No File 
FirewallRules: [TCP Query User{A5C7DA6C-C2FF-4AC4-B26B-1A2E411D6BB0}C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe => No File 
FirewallRules: [UDP Query User{17D98DA6-1A88-4AFA-A26C-11E23E72DAA2}C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe => No File 
FirewallRules: [TCP Query User{1DC8A068-2A8D-4D2F-9283-463390C885D7}F:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\games\call of duty modern warfare\modernwarfare.exe => No File 
FirewallRules: [UDP Query User{A1F688A1-D62F-427D-9FEB-3558A8B0F74C}F:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\games\call of duty modern warfare\modernwarfare.exe => No File 
FirewallRules: [TCP Query User{00429A07-0633-4B41-BC20-83E2699179DA}C:\program files\allegorithmic\substance designer\substance designer.exe] => (Allow) C:\program files\allegorithmic\substance designer\substance designer.exe => No File 
FirewallRules: [UDP Query User{434132B6-347D-481D-AE42-F7C184AE47C3}C:\program files\allegorithmic\substance designer\substance designer.exe] => (Allow) C:\program files\allegorithmic\substance designer\substance designer.exe => No File 
FirewallRules: [TCP Query User{9315194B-E9C4-4B2B-837E-05C16AEDC701}F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File 
FirewallRules: [UDP Query User{004D6BD7-6DA6-44A0-AA1A-7B71BADA46B4}F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File 
FirewallRules: [TCP Query User{6034D99F-DC3C-4431-BB7F-F617599FF230}F:\games\warehousedemo\base\binaries\win64\thps12demo.exe] => (Allow) F:\games\warehousedemo\base\binaries\win64\thps12demo.exe => No File 
FirewallRules: [UDP Query User{658BEF23-E129-4FB0-99F5-678B9AF7C757}F:\games\warehousedemo\base\binaries\win64\thps12demo.exe] => (Allow) F:\games\warehousedemo\base\binaries\win64\thps12demo.exe => No File 
FirewallRules: [TCP Query User{302D0401-068D-4E5C-8D1F-3675B71C7F81}F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe] => (Allow) F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe => No File 
FirewallRules: [UDP Query User{942B2E77-E2FA-4612-95C7-C4FBDC63213E}F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe] => (Allow) F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe => No File 
FirewallRules: [{FCCEF52C-C019-4A0C-8519-53DF13F88755}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File 
FirewallRules: [{BDB81CAF-3739-4C6F-84FA-E8C7483794FA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File 
FirewallRules: [{98AE1798-89B2-452C-9D2D-4A8302AE99F4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File 
FirewallRules: [{1456491B-033F-47A8-8DA1-0017FDFF6B73}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File 
FirewallRules: [{D5FAFF77-7A08-4598-8FD7-4FED3CA8661A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File 
FirewallRules: [{2465097F-5A41-4C4C-A2AB-311310572F0E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File 
FirewallRules: [{C892172A-BBE8-423C-8666-78B547EDD339}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File 
FirewallRules: [{ECF8B534-900D-470D-BFF5-6DC334389C78}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File 
FirewallRules: [{E8460538-5AC1-47AE-A209-BC15F9E60FD3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe => No File 
FirewallRules: [{F36F2170-40D4-4E74-86E3-EA2D99A0F5E4}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File 
FirewallRules: [TCP Query User{5BB39D51-0C72-4397-930C-5FBE7E2DD9E6}F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe => No File 
FirewallRules: [UDP Query User{4108E4B0-C336-4112-AA2C-9643A460A148}F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe => No File 
FirewallRules: [TCP Query User{A30297DC-7E09-42EE-A2B5-575CEF329898}C:\program files\imaginando\drc\drc.exe] => (Allow) C:\program files\imaginando\drc\drc.exe => No File 
FirewallRules: [UDP Query User{A7AF4E82-85FE-42F3-9330-AC2887AC2223}C:\program files\imaginando\drc\drc.exe] => (Allow) C:\program files\imaginando\drc\drc.exe => No File 
FirewallRules: [TCP Query User{E34D77A3-A451-4095-B5B9-81BADBAA8C55}C:\program files\blackmagic design\davinci resolve\vstscanner.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\vstscanner.exe => No File 
FirewallRules: [UDP Query User{9E77A909-DA7A-468C-A34F-33BA95A0D044}C:\program files\blackmagic design\davinci resolve\vstscanner.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\vstscanner.exe => No File 
FirewallRules: [{D06DF51A-A1A0-4D9B-A432-F51F7A9C579D}] => (Allow) C:\Users\Baz\AppData\Roaming\Zoom\bin\airhost.exe => No File 
FirewallRules: [{B5BD1840-AB29-4C28-893F-BAE9E1AF8CAF}] => (Allow) C:\Users\Baz\AppData\Roaming\Zoom\bin\airhost.exe => No File 
EMPTYTEMP: 
Folder: C:\Users\Baz\AppData\Local\Temp
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
 
Download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan Now ...
  • When the scan has finished a Scan Results window will open.
  • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Files tab ...
  • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
  • A Notepad file will open containing the results of the scan.

Please post the contents of the file in your next reply.
 
 


No request for help throughout private messaging will be attended.

Unactive logs for mor more than four (4) days will be closed

#5 makki

makki
  • Topic Starter

  • Avatar image
  • Members
  • 6 posts
  • OFFLINE
    •  
  • Local time:11:02 AM

Posted 16 March 2021 - 02:31 AM

Thanks for your reply, will proceed with frst fix and adwcleaner.

 

But do I have a virus or malware and if so, which one and what does it do ?


#6 makki

makki
  • Topic Starter

  • Avatar image
  • Members
  • 6 posts
  • OFFLINE
    •  
  • Local time:11:02 AM

Posted 16 March 2021 - 03:30 AM

Here are the logs :

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-03-2021
Ran by Baz (16-03-2021 09:06:07) Run:1
Running from C:\Users\Baz\Desktop
Loaded Profiles: Baz
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
 
CloseProcesses: 
AlternateDataStreams: C:\ProgramData\PACE:37077A0003115E71 [217] 
AlternateDataStreams: C:\Users\Baz\AppData\Local\Temp:$DATA​ [16] 
AlternateDataStreams: C:\Users\Baz\AppData\Local\Temp:com.affinity.designer.2 [320] 
HKLM-x32\...\Run: [] => [X] 
S3 VBAudioVACMME; \SystemRoot\system32\DRIVERS\vbaudio_cable64_win7.sys [X] 
S3 VBAudioVMVAIOMME; \SystemRoot\system32\DRIVERS\vbaudio_vmvaio64_win10.sys [X] 
FirewallRules: [{F36F2170-40D4-4E74-86E3-EA2D99A0F5E4}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File 
GroupPolicy: Restriction ? <==== ATTENTION 
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION 
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe (No File) 
ShortcutTarget: Seer.lnk -> C:\Program Files (x86)\Seer\Seer.exe (No File) 
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File] 
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File] 
CustomCLSID: HKU\S-1-5-21-3592542235-2043277170-2684174653-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0xF35379B41B74D30153D7911E07A7D301340000005D00000000000000 => No File 
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File 
FirewallRules: [{5C5901B9-E2C1-4877-9E68-A05534627B62}] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CC 2017\Support Files\AfterFX.exe => No File 
FirewallRules: [UDP Query User{C2B5A8EC-C74A-4D23-96B9-B38E9C260437}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File 
FirewallRules: [TCP Query User{D8F7456E-4C78-4C2F-9078-D14BC1A58BC3}C:\programdata\battle.net\agent\agent.6160\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.6160\agent.exe => No File 
FirewallRules: [UDP Query User{0C5431F3-DD17-4528-80CE-4E27AEDB28D5}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File 
FirewallRules: [TCP Query User{F2DE39FC-56E3-43D6-896F-797901C93AC9}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File 
FirewallRules: [UDP Query User{B43721BB-EDBE-4B16-A73C-8C3121818E85}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File 
FirewallRules: [TCP Query User{A9C74F60-B37F-4BB1-8BE9-8A65EC6EE887}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe => No File 
FirewallRules: [UDP Query User{8C71496F-F360-4845-BF95-39843C82C1FF}F:\games\overwatch\overwatch.exe] => (Allow) F:\games\overwatch\overwatch.exe => No File 
FirewallRules: [TCP Query User{9F11093F-2F92-4898-B9B8-817F686D7567}F:\games\overwatch\overwatch.exe] => (Allow) F:\games\overwatch\overwatch.exe => No File 
FirewallRules: [UDP Query User{BF360A13-912C-4E8F-BAEB-A1F9F997B02A}C:\program files\storyboarder\storyboarder.exe] => (Allow) C:\program files\storyboarder\storyboarder.exe => No File 
FirewallRules: [TCP Query User{C2E6A262-EAA8-4A59-A05F-07B1F1C76547}C:\program files\storyboarder\storyboarder.exe] => (Allow) C:\program files\storyboarder\storyboarder.exe => No File 
FirewallRules: [UDP Query User{B4C6A289-73AC-445C-9308-BF4CA6219A22}F:\games\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base62347\sc2_x64.exe => No File 
FirewallRules: [TCP Query User{AD296CF4-42C3-44D5-B6FC-836D108D5353}F:\games\starcraft ii\versions\base62347\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base62347\sc2_x64.exe => No File 
FirewallRules: [UDP Query User{E17FD241-9BCD-4638-A6F2-ED3FB1136D17}F:\games\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base60321\sc2_x64.exe => No File 
FirewallRules: [TCP Query User{9FD1B9D4-6CAF-40DD-9D48-0F57271BC6D0}F:\games\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) F:\games\starcraft ii\versions\base60321\sc2_x64.exe => No File 
FirewallRules: [UDP Query User{83766D58-093C-47FD-AA45-773CCF5B9622}F:\games\warcraft iii 1.26 -iceblitz\war3.exe] => (Allow) F:\games\warcraft iii 1.26 -iceblitz\war3.exe => No File 
FirewallRules: [TCP Query User{C38D0AF9-EA8F-4FCD-8CA2-60B86380663D}F:\games\warcraft iii 1.26 -iceblitz\war3.exe] => (Allow) F:\games\warcraft iii 1.26 -iceblitz\war3.exe => No File 
FirewallRules: [UDP Query User{87C9DA71-E88A-48B4-959A-BE1859CAF6AA}F:\games\warcraft iii\war3.exe] => (Block) F:\games\warcraft iii\war3.exe => No File 
FirewallRules: [TCP Query User{D8E1716E-F904-429D-851F-D1CADF73FCB5}F:\games\warcraft iii\war3.exe] => (Block) F:\games\warcraft iii\war3.exe => No File 
FirewallRules: [UDP Query User{D79A9C75-4621-4B9F-8CBB-5DE8A9A1C67D}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File 
FirewallRules: [TCP Query User{C8978D17-E0CC-4E27-99B9-20E81133E92B}C:\program files\maxon\cinema 4d r19\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r19\cinema 4d.exe => No File 
FirewallRules: [UDP Query User{0D7638D3-3CD2-497D-9719-9ACF75568A71}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe => No File 
FirewallRules: [TCP Query User{D746E6C1-8B05-49BD-B3F5-988BA66C50B6}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe => No File 
FirewallRules: [UDP Query User{0C2D6DEE-AC64-4708-9A59-701361A0AA84}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File 
FirewallRules: [TCP Query User{3B7C7AE4-AC1F-4CDB-B792-CB415A24DA18}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File 
FirewallRules: [TCP Query User{51097D24-D48D-4EF4-A98A-62DAF5B1534F}F:\games\diablo iii\x64\diablo iii64.exe] => (Block) F:\games\diablo iii\x64\diablo iii64.exe => No File 
FirewallRules: [UDP Query User{E0A7648A-E03F-4450-93C1-6F2103DA7FEA}F:\games\diablo iii\x64\diablo iii64.exe] => (Block) F:\games\diablo iii\x64\diablo iii64.exe => No File 
FirewallRules: [TCP Query User{20449519-E598-4276-A156-709FC35B088A}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe => No File 
FirewallRules: [UDP Query User{B9E6B933-A119-4E4A-BB12-A3B5027181EE}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe => No File 
FirewallRules: [TCP Query User{E228F32E-EC5A-4935-BF06-5A5F8408173B}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe => No File 
FirewallRules: [UDP Query User{4ACE5BE1-DE0B-44E6-90C9-B174B035EF86}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe => No File 
FirewallRules: [TCP Query User{A21B8199-E8BA-4E3B-A31B-8716812D4E5F}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe => No File 
FirewallRules: [UDP Query User{76091A43-998F-45B1-B336-1EE575911726}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe => No File 
FirewallRules: [TCP Query User{01F112FA-3829-4724-BB1D-6954BA162D82}C:\program files (x86)\macaw\macaw-node.exe] => (Allow) C:\program files (x86)\macaw\macaw-node.exe => No File 
FirewallRules: [UDP Query User{561ADD7D-C84C-4F3B-B925-0E81068E60B0}C:\program files (x86)\macaw\macaw-node.exe] => (Allow) C:\program files (x86)\macaw\macaw-node.exe => No File 
FirewallRules: [{45CA24E4-46FB-4EE5-84BD-27647932502D}] => (Allow) F:\Games\steamapps\common\Metro Last Light\MetroLL.exe => No File 
FirewallRules: [{70234B07-E9A6-47BD-9334-6DB425151D34}] => (Allow) F:\Games\steamapps\common\Metro Last Light\MetroLL.exe => No File 
FirewallRules: [TCP Query User{5B59CA90-D2B9-4AB6-B423-7FBE7511CAA9}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => No File 
FirewallRules: [UDP Query User{99D92890-7175-44B0-9FCF-CEA6CCD1A58D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => No File 
FirewallRules: [TCP Query User{3304D14A-A327-479E-93A3-090CAD5A7628}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe => No File 
FirewallRules: [UDP Query User{F3DB0C67-DEBE-4468-BA91-B36633D62027}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Block) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe => No File 
FirewallRules: [TCP Query User{09B300E4-5D29-4C26-960E-96AE5ADDB5AE}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File 
FirewallRules: [UDP Query User{EFAC8A07-CA72-492E-A67F-300F7A10864D}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File 
FirewallRules: [TCP Query User{377CF757-ED7D-40BF-8D25-646C90532C70}F:\games\overwatch test\overwatch.exe] => (Allow) F:\games\overwatch test\overwatch.exe => No File 
FirewallRules: [UDP Query User{6A693612-C997-464A-BC95-1A10EC806D32}F:\games\overwatch test\overwatch.exe] => (Allow) F:\games\overwatch test\overwatch.exe => No File 
FirewallRules: [TCP Query User{335B8582-4DB5-4E8B-AF19-808768E428B3}F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File 
FirewallRules: [UDP Query User{C0C51AFC-473C-4770-8E0A-BCCFD6AEA4D1}F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File 
FirewallRules: [{D38F6496-C255-4633-9C33-EF6C869B2BE4}] => (Block) %ProgramFiles%\WorldCreator\Launcher.exe => No File 
FirewallRules: [{B8ABF9D4-4321-403B-BF83-E4886971FE5F}] => (Block) %ProgramFiles%\WorldCreator\WorldCreator.exe => No File 
FirewallRules: [{7024B102-71E6-4F5B-BF7D-4C6E40E089A9}] => (Block) %ProgramFiles%\WorldCreator\Launcher.exe => No File 
FirewallRules: [{367EEC03-12F3-4038-8A02-EFE441E478BB}] => (Block) %ProgramFiles%\WorldCreator\WorldCreator.exe => No File 
FirewallRules: [TCP Query User{D9B5FFEE-902C-422D-A263-718CFE911315}C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe => No File 
FirewallRules: [UDP Query User{71DB030B-8FB0-4E11-B418-69CCE46A580F}C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe => No File 
FirewallRules: [TCP Query User{1B7A7124-2E13-45C4-8F2A-C5BAD905557C}C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe => No File 
FirewallRules: [UDP Query User{7BDB1ADF-A548-4408-AEAA-DB652B87A041}C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe] => (Block) C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe => No File 
FirewallRules: [TCP Query User{EE189DB4-D7D2-4F35-964D-93DCB23839FF}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Block) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File 
FirewallRules: [UDP Query User{B27E4911-019F-4370-90D3-907C9178B0EF}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Block) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File 
FirewallRules: [TCP Query User{24E2E991-08AA-4D3D-97E7-9AFA08058721}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File 
FirewallRules: [UDP Query User{AE838082-8DE0-4546-B158-786AAC192065}C:\program files\maxon\cinema 4d r20\cinema 4d.exe] => (Allow) C:\program files\maxon\cinema 4d r20\cinema 4d.exe => No File 
FirewallRules: [TCP Query User{7EBEF171-5C0C-46BA-BD63-CE31CF825447}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe => No File 
FirewallRules: [UDP Query User{ACF9DC30-4616-4EF6-B139-9E6BD10D50C5}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe => No File 
FirewallRules: [TCP Query User{298D4D93-FB99-4847-9117-7C12E5C69362}C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe => No File 
FirewallRules: [UDP Query User{06325B7C-8054-43B4-BE03-2591D08FE484}C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe => No File 
FirewallRules: [TCP Query User{FAD56084-9220-48D1-8C8B-431323ECEF5C}C:\program files (x86)\jamkazam\jamkazam.exe] => (Allow) C:\program files (x86)\jamkazam\jamkazam.exe => No File 
FirewallRules: [UDP Query User{AB10A9F7-1B84-47E3-B41A-589DD3EDAE9A}C:\program files (x86)\jamkazam\jamkazam.exe] => (Allow) C:\program files (x86)\jamkazam\jamkazam.exe => No File 
FirewallRules: [TCP Query User{0064E8D6-7A85-4004-9370-CB75BC030B93}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe => No File 
FirewallRules: [UDP Query User{E8C3D6C8-47A8-462B-B01E-738E9DC9D6B0}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe => No File 
FirewallRules: [TCP Query User{B34C8B8F-B870-4E7D-824D-34AAB5E0A98B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe => No File 
FirewallRules: [UDP Query User{66DAC450-C18A-4E6D-A81A-6B6F6B0EB9AC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe => No File 
FirewallRules: [TCP Query User{2A0028FF-BB4F-4BD4-B4F7-5930E47F4B75}C:\program files\allegorithmic\substance painter\substance painter.exe] => (Block) C:\program files\allegorithmic\substance painter\substance painter.exe => No File 
FirewallRules: [UDP Query User{DBA6F8F7-BA51-4469-B563-057824624B3B}C:\program files\allegorithmic\substance painter\substance painter.exe] => (Block) C:\program files\allegorithmic\substance painter\substance painter.exe => No File 
FirewallRules: [TCP Query User{D4B8F25E-EEE7-4A14-8189-6B8836BAD731}C:\users\baz\downloads\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\bin\ranchsync_server.exe => No File 
FirewallRules: [UDP Query User{6D3AFA54-0BFE-4F42-ADF6-4B070EDFB445}C:\users\baz\downloads\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\bin\ranchsync_server.exe => No File 
FirewallRules: [TCP Query User{D261B3AA-4F86-4A40-A9EA-38A86DADB7C7}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File 
FirewallRules: [UDP Query User{A89FE576-8BD5-4ADE-BA10-2B21D31286B0}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe => No File 
FirewallRules: [TCP Query User{156F890F-155F-4BD6-9B37-851EE56071B7}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File 
FirewallRules: [UDP Query User{F92D406C-2A77-4140-BFB4-3B24C216BF03}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File 
FirewallRules: [TCP Query User{07018032-EE81-48AE-A0D4-9755587AE924}C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [UDP Query User{49B5C48A-631E-41E7-92B5-38A5613A1F72}C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [TCP Query User{FB5D3AC4-3A51-4858-BF0D-2B0D2C95BC81}C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [UDP Query User{4A723D70-3F22-4A3C-AF0C-88C107F9DF12}C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [TCP Query User{4F020FB2-5818-437F-9E26-9AEC84D07FD2}F:\games\lol\game\league of legends.exe] => (Allow) F:\games\lol\game\league of legends.exe => No File 
FirewallRules: [UDP Query User{8FBCD4CD-E8E2-4C03-B467-0F843E681C6B}F:\games\lol\game\league of legends.exe] => (Allow) F:\games\lol\game\league of legends.exe => No File 
FirewallRules: [TCP Query User{62060A05-CE81-4B6F-90AB-51A7073478E0}F:\games\destiny 2\destiny2.exe] => (Allow) F:\games\destiny 2\destiny2.exe => No File 
FirewallRules: [UDP Query User{7878092E-8459-4847-9C62-88A2811A75E1}F:\games\destiny 2\destiny2.exe] => (Allow) F:\games\destiny 2\destiny2.exe => No File 
FirewallRules: [TCP Query User{A47742C0-9589-41FE-8D2D-D106D8D5F209}F:\games\overwatch\_retail_\overwatch.exe] => (Allow) F:\games\overwatch\_retail_\overwatch.exe => No File 
FirewallRules: [UDP Query User{5FE35E7C-777D-48D9-ADB9-F0F393EF3A1B}F:\games\overwatch\_retail_\overwatch.exe] => (Allow) F:\games\overwatch\_retail_\overwatch.exe => No File 
FirewallRules: [TCP Query User{D790C7CC-C686-4246-AC72-58F719FC23FB}C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe => No File 
FirewallRules: [UDP Query User{0D16051A-EC5F-42FB-A6FF-CAA97DB49760}C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe] => (Allow) C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe => No File 
FirewallRules: [{C873AC69-5B8F-4674-BE66-B69483D8564D}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => No File 
FirewallRules: [TCP Query User{DAEBF279-DCDD-4359-A352-04F68058424D}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => No File 
FirewallRules: [UDP Query User{CC4DF210-B158-4BEC-A82F-65DDCE3DD4AC}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe => No File 
FirewallRules: [TCP Query User{A0A3B613-52B7-4D92-AB98-E39D52FF1249}C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe => No File 
FirewallRules: [UDP Query User{05A02230-49BD-41CA-822D-FCBB294D995A}C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe => No File 
FirewallRules: [{7DD01ECC-4934-4919-A6BB-0D162DFDE63C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File 
FirewallRules: [{BED2A192-44FC-415D-A0E9-2A175E239624}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File 
FirewallRules: [TCP Query User{C641B4F4-1F72-419E-BF3E-B4A6F60B8681}C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [UDP Query User{AD4FF444-5D42-4E2D-B333-C25577B3F0A8}C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe => No File 
FirewallRules: [TCP Query User{DF6F6204-EFD2-45B6-8690-204CBAB1C7C4}C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe => No File 
FirewallRules: [UDP Query User{F14A0190-20FB-45B8-9472-A54802B85123}C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe] => (Allow) C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe => No File 
FirewallRules: [TCP Query User{46E88F88-6516-4C9B-AB13-53F0156737DB}C:\program files (x86)\eagle\eagle.exe] => (Allow) C:\program files (x86)\eagle\eagle.exe => No File 
FirewallRules: [UDP Query User{47D59F43-E260-43D3-8679-0184CAC45BF9}C:\program files (x86)\eagle\eagle.exe] => (Allow) C:\program files (x86)\eagle\eagle.exe => No File 
FirewallRules: [TCP Query User{503522F5-6197-4DBE-9D19-B622922EF4B9}C:\program files (x86)\eagle\drag_extension\dragextension.exe] => (Allow) C:\program files (x86)\eagle\drag_extension\dragextension.exe => No File 
FirewallRules: [UDP Query User{BD60A289-92C2-4BC9-AD77-F9C3CEA8FD8D}C:\program files (x86)\eagle\drag_extension\dragextension.exe] => (Allow) C:\program files (x86)\eagle\drag_extension\dragextension.exe => No File 
FirewallRules: [TCP Query User{149D8615-C2F5-4434-B8A4-23CEA43837D0}C:\program files\notch trial\notch_demo.exe] => (Allow) C:\program files\notch trial\notch_demo.exe => No File 
FirewallRules: [UDP Query User{C56C008D-CC60-4580-B4B5-E343A73CC79C}C:\program files\notch trial\notch_demo.exe] => (Allow) C:\program files\notch trial\notch_demo.exe => No File 
FirewallRules: [TCP Query User{A2DF62F0-C55D-4D8F-9328-F31A81C76A22}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File 
FirewallRules: [UDP Query User{BC626AE0-6FEF-48F8-928E-15CA3268904D}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File 
FirewallRules: [{6596120D-2431-4C32-ACCB-DE46E3CBAE56}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File 
FirewallRules: [{B5F4BF05-1DB6-4E14-B7E1-CCA75A86B333}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File 
FirewallRules: [TCP Query User{547EF1C8-508A-4C7F-A7F2-99614B3376DE}C:\program files\notch\notchapp.exe] => (Allow) C:\program files\notch\notchapp.exe => No File 
FirewallRules: [UDP Query User{02B7D964-6247-4C11-8A5A-5BC369F4D088}C:\program files\notch\notchapp.exe] => (Allow) C:\program files\notch\notchapp.exe => No File 
FirewallRules: [TCP Query User{DDD59DBB-F6F0-4671-BE35-E05F70C71BEC}F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File 
FirewallRules: [UDP Query User{8A5DC686-8FFE-4407-A943-1568ED851884}F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File 
FirewallRules: [{4978CF51-3506-4C3B-8B86-743A0A8C37C8}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File 
FirewallRules: [{61AFB30E-FD9B-4856-A790-6A893D243E06}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe => No File 
FirewallRules: [TCP Query User{4B9FA57F-986C-4F49-9B39-65108A0BE6D3}F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe => No File 
FirewallRules: [UDP Query User{59ABE5C5-D4AB-4A68-AF4A-530FD00FC09B}F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe => No File 
FirewallRules: [TCP Query User{E8C70FCC-8475-46F7-9FCC-FBA4D503BB07}C:\program files\derivative\touchdesigner\bin\touchdesigner.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchdesigner.exe => No File 
FirewallRules: [UDP Query User{FCD15E21-C510-4F48-8ABD-12DE805F19EE}C:\program files\derivative\touchdesigner\bin\touchdesigner.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchdesigner.exe => No File 
FirewallRules: [TCP Query User{13D0B9A1-4D73-4A7F-AC81-C29B45AA0AFF}F:\downloads\oscmonitor\oscmonitor.exe] => (Allow) F:\downloads\oscmonitor\oscmonitor.exe => No File 
FirewallRules: [UDP Query User{6A6181A5-442B-49D0-8850-1E6E5A051097}F:\downloads\oscmonitor\oscmonitor.exe] => (Allow) F:\downloads\oscmonitor\oscmonitor.exe => No File 
FirewallRules: [TCP Query User{153B59B7-1CD0-432A-A41A-C802E87F7336}F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe => No File 
FirewallRules: [UDP Query User{E53E6466-3839-4016-AD43-9004C3D14F6F}F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe => No File 
FirewallRules: [TCP Query User{6616D779-ECF1-4DE3-BBD0-5D7F2F0151A1}C:\program files\derivative\touchdesigner\bin\touchplayer.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchplayer.exe => No File 
FirewallRules: [UDP Query User{273772ED-0882-4716-87FB-EF06CA5FE7EC}C:\program files\derivative\touchdesigner\bin\touchplayer.exe] => (Allow) C:\program files\derivative\touchdesigner\bin\touchplayer.exe => No File 
FirewallRules: [TCP Query User{A5C7DA6C-C2FF-4AC4-B26B-1A2E411D6BB0}C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe => No File 
FirewallRules: [UDP Query User{17D98DA6-1A88-4AFA-A26C-11E23E72DAA2}C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe] => (Allow) C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe => No File 
FirewallRules: [TCP Query User{1DC8A068-2A8D-4D2F-9283-463390C885D7}F:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\games\call of duty modern warfare\modernwarfare.exe => No File 
FirewallRules: [UDP Query User{A1F688A1-D62F-427D-9FEB-3558A8B0F74C}F:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\games\call of duty modern warfare\modernwarfare.exe => No File 
FirewallRules: [TCP Query User{00429A07-0633-4B41-BC20-83E2699179DA}C:\program files\allegorithmic\substance designer\substance designer.exe] => (Allow) C:\program files\allegorithmic\substance designer\substance designer.exe => No File 
FirewallRules: [UDP Query User{434132B6-347D-481D-AE42-F7C184AE47C3}C:\program files\allegorithmic\substance designer\substance designer.exe] => (Allow) C:\program files\allegorithmic\substance designer\substance designer.exe => No File 
FirewallRules: [TCP Query User{9315194B-E9C4-4B2B-837E-05C16AEDC701}F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File 
FirewallRules: [UDP Query User{004D6BD7-6DA6-44A0-AA1A-7B71BADA46B4}F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe] => (Allow) F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe => No File 
FirewallRules: [TCP Query User{6034D99F-DC3C-4431-BB7F-F617599FF230}F:\games\warehousedemo\base\binaries\win64\thps12demo.exe] => (Allow) F:\games\warehousedemo\base\binaries\win64\thps12demo.exe => No File 
FirewallRules: [UDP Query User{658BEF23-E129-4FB0-99F5-678B9AF7C757}F:\games\warehousedemo\base\binaries\win64\thps12demo.exe] => (Allow) F:\games\warehousedemo\base\binaries\win64\thps12demo.exe => No File 
FirewallRules: [TCP Query User{302D0401-068D-4E5C-8D1F-3675B71C7F81}F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe] => (Allow) F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe => No File 
FirewallRules: [UDP Query User{942B2E77-E2FA-4612-95C7-C4FBDC63213E}F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe] => (Allow) F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe => No File 
FirewallRules: [{FCCEF52C-C019-4A0C-8519-53DF13F88755}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File 
FirewallRules: [{BDB81CAF-3739-4C6F-84FA-E8C7483794FA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File 
FirewallRules: [{98AE1798-89B2-452C-9D2D-4A8302AE99F4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File 
FirewallRules: [{1456491B-033F-47A8-8DA1-0017FDFF6B73}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File 
FirewallRules: [{D5FAFF77-7A08-4598-8FD7-4FED3CA8661A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File 
FirewallRules: [{2465097F-5A41-4C4C-A2AB-311310572F0E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File 
FirewallRules: [{C892172A-BBE8-423C-8666-78B547EDD339}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File 
FirewallRules: [{ECF8B534-900D-470D-BFF5-6DC334389C78}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File 
FirewallRules: [{E8460538-5AC1-47AE-A209-BC15F9E60FD3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe => No File 
FirewallRules: [{F36F2170-40D4-4E74-86E3-EA2D99A0F5E4}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File 
FirewallRules: [TCP Query User{5BB39D51-0C72-4397-930C-5FBE7E2DD9E6}F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe => No File 
FirewallRules: [UDP Query User{4108E4B0-C336-4112-AA2C-9643A460A148}F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe] => (Allow) F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe => No File 
FirewallRules: [TCP Query User{A30297DC-7E09-42EE-A2B5-575CEF329898}C:\program files\imaginando\drc\drc.exe] => (Allow) C:\program files\imaginando\drc\drc.exe => No File 
FirewallRules: [UDP Query User{A7AF4E82-85FE-42F3-9330-AC2887AC2223}C:\program files\imaginando\drc\drc.exe] => (Allow) C:\program files\imaginando\drc\drc.exe => No File 
FirewallRules: [TCP Query User{E34D77A3-A451-4095-B5B9-81BADBAA8C55}C:\program files\blackmagic design\davinci resolve\vstscanner.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\vstscanner.exe => No File 
FirewallRules: [UDP Query User{9E77A909-DA7A-468C-A34F-33BA95A0D044}C:\program files\blackmagic design\davinci resolve\vstscanner.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\vstscanner.exe => No File 
FirewallRules: [{D06DF51A-A1A0-4D9B-A432-F51F7A9C579D}] => (Allow) C:\Users\Baz\AppData\Roaming\Zoom\bin\airhost.exe => No File 
FirewallRules: [{B5BD1840-AB29-4C28-893F-BAE9E1AF8CAF}] => (Allow) C:\Users\Baz\AppData\Roaming\Zoom\bin\airhost.exe => No File 
EMPTYTEMP: 
Folder: C:\Users\Baz\AppData\Local\Temp
 
*****************
 
Processes closed successfully.
C:\ProgramData\PACE => ":37077A0003115E71" ADS removed successfully
C:\Users\Baz\AppData\Local\Temp => ":$DATA​" ADS removed successfully
C:\Users\Baz\AppData\Local\Temp => ":com.affinity.designer.2" ADS removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\System\CurrentControlSet\Services\VBAudioVACMME => removed successfully
VBAudioVACMME => service removed successfully
HKLM\System\CurrentControlSet\Services\VBAudioVMVAIOMME => removed successfully
VBAudioVMVAIOMME => service removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F36F2170-40D4-4E74-86E3-EA2D99A0F5E4}" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"C:\Program Files (x86)\FAHClient\HideConsole.exe" => not found
"C:\Program Files (x86)\Seer\Seer.exe" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming => removed successfully
HKU\S-1-5-21-3592542235-2043277170-2684174653-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BB FlashBack 2 => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C5901B9-E2C1-4877-9E68-A05534627B62}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C2B5A8EC-C74A-4D23-96B9-B38E9C260437}C:\programdata\battle.net\agent\agent.6160\agent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D8F7456E-4C78-4C2F-9078-D14BC1A58BC3}C:\programdata\battle.net\agent\agent.6160\agent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0C5431F3-DD17-4528-80CE-4E27AEDB28D5}C:\program files\maxon\cinema 4d r19\cinema 4d.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F2DE39FC-56E3-43D6-896F-797901C93AC9}C:\program files\maxon\cinema 4d r19\cinema 4d.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B43721BB-EDBE-4B16-A73C-8C3121818E85}C:\program files\blackmagic design\davinci resolve\fuscript.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A9C74F60-B37F-4BB1-8BE9-8A65EC6EE887}C:\program files\blackmagic design\davinci resolve\fuscript.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8C71496F-F360-4845-BF95-39843C82C1FF}F:\games\overwatch\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9F11093F-2F92-4898-B9B8-817F686D7567}F:\games\overwatch\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BF360A13-912C-4E8F-BAEB-A1F9F997B02A}C:\program files\storyboarder\storyboarder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C2E6A262-EAA8-4A59-A05F-07B1F1C76547}C:\program files\storyboarder\storyboarder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B4C6A289-73AC-445C-9308-BF4CA6219A22}F:\games\starcraft ii\versions\base62347\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AD296CF4-42C3-44D5-B6FC-836D108D5353}F:\games\starcraft ii\versions\base62347\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E17FD241-9BCD-4638-A6F2-ED3FB1136D17}F:\games\starcraft ii\versions\base60321\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9FD1B9D4-6CAF-40DD-9D48-0F57271BC6D0}F:\games\starcraft ii\versions\base60321\sc2_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{83766D58-093C-47FD-AA45-773CCF5B9622}F:\games\warcraft iii 1.26 -iceblitz\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C38D0AF9-EA8F-4FCD-8CA2-60B86380663D}F:\games\warcraft iii 1.26 -iceblitz\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{87C9DA71-E88A-48B4-959A-BE1859CAF6AA}F:\games\warcraft iii\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D8E1716E-F904-429D-851F-D1CADF73FCB5}F:\games\warcraft iii\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D79A9C75-4621-4B9F-8CBB-5DE8A9A1C67D}C:\program files\maxon\cinema 4d r19\cinema 4d.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C8978D17-E0CC-4E27-99B9-20E81133E92B}C:\program files\maxon\cinema 4d r19\cinema 4d.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0D7638D3-3CD2-497D-9719-9ACF75568A71}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D746E6C1-8B05-49BD-B3F5-988BA66C50B6}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0C2D6DEE-AC64-4708-9A59-701361A0AA84}C:\program files (x86)\origin games\battlefield 4\bf4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3B7C7AE4-AC1F-4CDB-B792-CB415A24DA18}C:\program files (x86)\origin games\battlefield 4\bf4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{51097D24-D48D-4EF4-A98A-62DAF5B1534F}F:\games\diablo iii\x64\diablo iii64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E0A7648A-E03F-4450-93C1-6F2103DA7FEA}F:\games\diablo iii\x64\diablo iii64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{20449519-E598-4276-A156-709FC35B088A}C:\program files (x86)\deluge\deluge.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B9E6B933-A119-4E4A-BB12-A3B5027181EE}C:\program files (x86)\deluge\deluge.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E228F32E-EC5A-4935-BF06-5A5F8408173B}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4ACE5BE1-DE0B-44E6-90C9-B174B035EF86}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A21B8199-E8BA-4E3B-A31B-8716812D4E5F}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{76091A43-998F-45B1-B336-1EE575911726}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{01F112FA-3829-4724-BB1D-6954BA162D82}C:\program files (x86)\macaw\macaw-node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{561ADD7D-C84C-4F3B-B925-0E81068E60B0}C:\program files (x86)\macaw\macaw-node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45CA24E4-46FB-4EE5-84BD-27647932502D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70234B07-E9A6-47BD-9334-6DB425151D34}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5B59CA90-D2B9-4AB6-B423-7FBE7511CAA9}C:\xampp\apache\bin\httpd.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{99D92890-7175-44B0-9FCF-CEA6CCD1A58D}C:\xampp\apache\bin\httpd.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3304D14A-A327-479E-93A3-090CAD5A7628}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F3DB0C67-DEBE-4468-BA91-B36633D62027}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{09B300E4-5D29-4C26-960E-96AE5ADDB5AE}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EFAC8A07-CA72-492E-A67F-300F7A10864D}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{377CF757-ED7D-40BF-8D25-646C90532C70}F:\games\overwatch test\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6A693612-C997-464A-BC95-1A10EC806D32}F:\games\overwatch test\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{335B8582-4DB5-4E8B-AF19-808768E428B3}F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C0C51AFC-473C-4770-8E0A-BCCFD6AEA4D1}F:\games\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D38F6496-C255-4633-9C33-EF6C869B2BE4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B8ABF9D4-4321-403B-BF83-E4886971FE5F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7024B102-71E6-4F5B-BF7D-4C6E40E089A9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{367EEC03-12F3-4038-8A02-EFE441E478BB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D9B5FFEE-902C-422D-A263-718CFE911315}C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{71DB030B-8FB0-4E11-B418-69CCE46A580F}C:\program files\side effects software\houdini 16.5.571\bin\houdinifx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1B7A7124-2E13-45C4-8F2A-C5BAD905557C}C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7BDB1ADF-A548-4408-AEAA-DB652B87A041}C:\program files\side effects software\houdini 16.5.571\bin\houdini.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EE189DB4-D7D2-4F35-964D-93DCB23839FF}C:\program files\maxon\cinema 4d r20\cinema 4d.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B27E4911-019F-4370-90D3-907C9178B0EF}C:\program files\maxon\cinema 4d r20\cinema 4d.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{24E2E991-08AA-4D3D-97E7-9AFA08058721}C:\program files\maxon\cinema 4d r20\cinema 4d.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AE838082-8DE0-4546-B158-786AAC192065}C:\program files\maxon\cinema 4d r20\cinema 4d.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7EBEF171-5C0C-46BA-BD63-CE31CF825447}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{ACF9DC30-4616-4EF6-B139-9E6BD10D50C5}C:\program files\adobe\adobe media encoder cc 2018\adobe media encoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{298D4D93-FB99-4847-9117-7C12E5C69362}C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{06325B7C-8054-43B4-BE03-2591D08FE484}C:\program files\adobe\adobe after effects cc 2018\support files\afterfx.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FAD56084-9220-48D1-8C8B-431323ECEF5C}C:\program files (x86)\jamkazam\jamkazam.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AB10A9F7-1B84-47E3-B41A-589DD3EDAE9A}C:\program files (x86)\jamkazam\jamkazam.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0064E8D6-7A85-4004-9370-CB75BC030B93}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E8C3D6C8-47A8-462B-B01E-738E9DC9D6B0}C:\program files\adobe\adobe premiere pro cc 2018\adobe premiere pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B34C8B8F-B870-4E7D-824D-34AAB5E0A98B}C:\xampp\mysql\bin\mysqld.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{66DAC450-C18A-4E6D-A81A-6B6F6B0EB9AC}C:\xampp\mysql\bin\mysqld.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2A0028FF-BB4F-4BD4-B4F7-5930E47F4B75}C:\program files\allegorithmic\substance painter\substance painter.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DBA6F8F7-BA51-4469-B563-057824624B3B}C:\program files\allegorithmic\substance painter\substance painter.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D4B8F25E-EEE7-4A14-8189-6B8836BAD731}C:\users\baz\downloads\bin\ranchsync_server.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6D3AFA54-0BFE-4F42-ADF6-4B070EDFB445}C:\users\baz\downloads\bin\ranchsync_server.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D261B3AA-4F86-4A40-A9EA-38A86DADB7C7}C:\program files (x86)\overwatch\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A89FE576-8BD5-4ADE-BA10-2B21D31286B0}C:\program files (x86)\overwatch\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{156F890F-155F-4BD6-9B37-851EE56071B7}C:\program files (x86)\overwatch\_retail_\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F92D406C-2A77-4140-BFB4-3B24C216BF03}C:\program files (x86)\overwatch\_retail_\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{07018032-EE81-48AE-A0D4-9755587AE924}C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{49B5C48A-631E-41E7-92B5-38A5613A1F72}C:\program files\epic games\ue_4.22\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FB5D3AC4-3A51-4858-BF0D-2B0D2C95BC81}C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4A723D70-3F22-4A3C-AF0C-88C107F9DF12}C:\program files\epic games\ue_4.23\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4F020FB2-5818-437F-9E26-9AEC84D07FD2}F:\games\lol\game\league of legends.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8FBCD4CD-E8E2-4C03-B467-0F843E681C6B}F:\games\lol\game\league of legends.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{62060A05-CE81-4B6F-90AB-51A7073478E0}F:\games\destiny 2\destiny2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7878092E-8459-4847-9C62-88A2811A75E1}F:\games\destiny 2\destiny2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A47742C0-9589-41FE-8D2D-D106D8D5F209}F:\games\overwatch\_retail_\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5FE35E7C-777D-48D9-ADB9-F0F393EF3A1B}F:\games\overwatch\_retail_\overwatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D790C7CC-C686-4246-AC72-58F719FC23FB}C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0D16051A-EC5F-42FB-A6FF-CAA97DB49760}C:\users\baz\downloads\ranchsync2_win_2.2.8\bin\ranchsync_server.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C873AC69-5B8F-4674-BE66-B69483D8564D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DAEBF279-DCDD-4359-A352-04F68058424D}C:\program files\unity hub\unity hub.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CC4DF210-B158-4BEC-A82F-65DDCE3DD4AC}C:\program files\unity hub\unity hub.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A0A3B613-52B7-4D92-AB98-E39D52FF1249}C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{05A02230-49BD-41CA-822D-FCBB294D995A}C:\program files\epic games\ue_4.23\engine\binaries\dotnet\swarmagent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7DD01ECC-4934-4919-A6BB-0D162DFDE63C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BED2A192-44FC-415D-A0E9-2A175E239624}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C641B4F4-1F72-419E-BF3E-B4A6F60B8681}C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AD4FF444-5D42-4E2D-B333-C25577B3F0A8}C:\program files\ue_4.24\engine\binaries\win64\ue4editor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DF6F6204-EFD2-45B6-8690-204CBAB1C7C4}C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F14A0190-20FB-45B8-9472-A54802B85123}C:\program files\ue_4.24\engine\binaries\win64\crashreportclienteditor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{46E88F88-6516-4C9B-AB13-53F0156737DB}C:\program files (x86)\eagle\eagle.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{47D59F43-E260-43D3-8679-0184CAC45BF9}C:\program files (x86)\eagle\eagle.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{503522F5-6197-4DBE-9D19-B622922EF4B9}C:\program files (x86)\eagle\drag_extension\dragextension.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BD60A289-92C2-4BC9-AD77-F9C3CEA8FD8D}C:\program files (x86)\eagle\drag_extension\dragextension.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{149D8615-C2F5-4434-B8A4-23CEA43837D0}C:\program files\notch trial\notch_demo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C56C008D-CC60-4580-B4B5-E343A73CC79C}C:\program files\notch trial\notch_demo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A2DF62F0-C55D-4D8F-9328-F31A81C76A22}C:\program files (x86)\fahclient\fahclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BC626AE0-6FEF-48F8-928E-15CA3268904D}C:\program files (x86)\fahclient\fahclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6596120D-2431-4C32-ACCB-DE46E3CBAE56}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5F4BF05-1DB6-4E14-B7E1-CCA75A86B333}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{547EF1C8-508A-4C7F-A7F2-99614B3376DE}C:\program files\notch\notchapp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{02B7D964-6247-4C11-8A5A-5BC369F4D088}C:\program files\notch\notchapp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DDD59DBB-F6F0-4671-BE35-E05F70C71BEC}F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8A5DC686-8FFE-4407-A943-1568ED851884}F:\games\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4978CF51-3506-4C3B-8B86-743A0A8C37C8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61AFB30E-FD9B-4856-A790-6A893D243E06}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4B9FA57F-986C-4F49-9B39-65108A0BE6D3}F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{59ABE5C5-D4AB-4A68-AF4A-530FD00FC09B}F:\downloads\ranchsync2_win_3.0.6\bin\ranchsync_server.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E8C70FCC-8475-46F7-9FCC-FBA4D503BB07}C:\program files\derivative\touchdesigner\bin\touchdesigner.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FCD15E21-C510-4F48-8ABD-12DE805F19EE}C:\program files\derivative\touchdesigner\bin\touchdesigner.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{13D0B9A1-4D73-4A7F-AC81-C29B45AA0AFF}F:\downloads\oscmonitor\oscmonitor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6A6181A5-442B-49D0-8850-1E6E5A051097}F:\downloads\oscmonitor\oscmonitor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{153B59B7-1CD0-432A-A41A-C802E87F7336}F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E53E6466-3839-4016-AD43-9004C3D14F6F}F:\downloads\oscdatamonitor-master (1)\oscdatamonitor-master\previous 2011 version applications\osc_data_monitor_windows\osc_data_monitor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6616D779-ECF1-4DE3-BBD0-5D7F2F0151A1}C:\program files\derivative\touchdesigner\bin\touchplayer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{273772ED-0882-4716-87FB-EF06CA5FE7EC}C:\program files\derivative\touchdesigner\bin\touchplayer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A5C7DA6C-C2FF-4AC4-B26B-1A2E411D6BB0}C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{17D98DA6-1A88-4AFA-A26C-11E23E72DAA2}C:\users\baz\desktop\osc_data_monitor_windows\osc_data_monitor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1DC8A068-2A8D-4D2F-9283-463390C885D7}F:\games\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A1F688A1-D62F-427D-9FEB-3558A8B0F74C}F:\games\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00429A07-0633-4B41-BC20-83E2699179DA}C:\program files\allegorithmic\substance designer\substance designer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{434132B6-347D-481D-AE42-F7C184AE47C3}C:\program files\allegorithmic\substance designer\substance designer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9315194B-E9C4-4B2B-837E-05C16AEDC701}F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{004D6BD7-6DA6-44A0-AA1A-7B71BADA46B4}F:\games\remnantfromtheashes\remnant\binaries\win64\remnant-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6034D99F-DC3C-4431-BB7F-F617599FF230}F:\games\warehousedemo\base\binaries\win64\thps12demo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{658BEF23-E129-4FB0-99F5-678B9AF7C757}F:\games\warehousedemo\base\binaries\win64\thps12demo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{302D0401-068D-4E5C-8D1F-3675B71C7F81}F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{942B2E77-E2FA-4612-95C7-C4FBDC63213E}F:\games\tonyhawksproskater\base\binaries\win64\thps12.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FCCEF52C-C019-4A0C-8519-53DF13F88755}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BDB81CAF-3739-4C6F-84FA-E8C7483794FA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{98AE1798-89B2-452C-9D2D-4A8302AE99F4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1456491B-033F-47A8-8DA1-0017FDFF6B73}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5FAFF77-7A08-4598-8FD7-4FED3CA8661A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2465097F-5A41-4C4C-A2AB-311310572F0E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C892172A-BBE8-423C-8666-78B547EDD339}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECF8B534-900D-470D-BFF5-6DC334389C78}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8460538-5AC1-47AE-A209-BC15F9E60FD3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F36F2170-40D4-4E74-86E3-EA2D99A0F5E4}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5BB39D51-0C72-4397-930C-5FBE7E2DD9E6}F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4108E4B0-C336-4112-AA2C-9643A460A148}F:\downloads\ranchsync2_win_3.0.7\bin\ranchsync_server.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A30297DC-7E09-42EE-A2B5-575CEF329898}C:\program files\imaginando\drc\drc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A7AF4E82-85FE-42F3-9330-AC2887AC2223}C:\program files\imaginando\drc\drc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E34D77A3-A451-4095-B5B9-81BADBAA8C55}C:\program files\blackmagic design\davinci resolve\vstscanner.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9E77A909-DA7A-468C-A34F-33BA95A0D044}C:\program files\blackmagic design\davinci resolve\vstscanner.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D06DF51A-A1A0-4D9B-A432-F51F7A9C579D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5BD1840-AB29-4C28-893F-BAE9E1AF8CAF}" => removed successfully
 
========================= Folder: C:\Users\Baz\AppData\Local\Temp ========================
 
2021-03-15 09:41 - 2021-03-15 09:41 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\1b0b1af8-073e-48e5-bacf-4c77e6907d5d.tmp.ico
2021-03-15 21:06 - 2021-03-15 21:06 - 000099840 ____A [46384CA022EFE1309194BCF820874F31] () C:\Users\Baz\AppData\Local\Temp\208e2fe6-98f3-4c77-bbd4-cb3a6dff770d.tmp.node
2021-03-13 17:23 - 2021-03-13 17:23 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\264df971-5a43-4b7d-a9f8-c679e756e1d8.tmp.ico
2021-03-12 09:55 - 2021-03-12 09:55 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\2af94e46-e51f-4531-81ee-54d79f732211.tmp.node
2021-03-15 21:06 - 2021-03-15 21:06 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\2bb76f9a-a011-4849-876a-0d14a001bb25.tmp.ico
2021-03-08 18:26 - 2021-03-08 18:26 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\317fdd48-71f5-48cc-b357-0058eed7b33b.tmp.ico
2021-03-12 02:16 - 2021-03-12 02:16 - 001968640 ____A [A4C5A9DC19D6E18DE92EC74C88B6E049] () C:\Users\Baz\AppData\Local\Temp\3395df24-a37d-41b1-93af-c1a1635b6cec.tmp.node
2021-03-14 18:25 - 2021-03-14 18:25 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\33d66080-f2b0-44e5-a9c4-eb715acc4b15.tmp.node
2021-03-10 18:57 - 2021-03-10 18:57 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\33e63c9a-4776-4b12-996e-519ab7edd2b4.tmp.node
2021-03-14 12:06 - 2021-03-14 12:06 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\366cff2f-96d8-4ca2-931f-b9496b1d32a7.tmp.node
2021-03-12 02:16 - 2021-03-12 02:16 - 001968640 ____A [A4C5A9DC19D6E18DE92EC74C88B6E049] () C:\Users\Baz\AppData\Local\Temp\3e10053b-fd1d-42ac-8c9b-7020de146388.tmp.node
2021-03-08 18:26 - 2021-03-08 18:26 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\48e21a25-58cc-49a6-ad74-2599eee10448.tmp.node
2021-03-13 17:23 - 2021-03-13 17:23 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\50a62465-f07f-4755-928a-80cdee920d77.tmp.node
2021-03-08 08:45 - 2021-03-08 08:45 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\527dd72d-ef15-4a46-a5fc-093c45181d52.tmp.node
2021-03-12 02:14 - 2021-03-12 02:14 - 001968640 ____A [A4C5A9DC19D6E18DE92EC74C88B6E049] () C:\Users\Baz\AppData\Local\Temp\56209676-8772-442c-b57a-73e272a08132.tmp.node
2021-03-11 10:01 - 2021-03-11 10:01 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\57b37e8a-e8c1-421e-8ad8-abcd1a84d907.tmp.node
2021-03-15 09:58 - 2021-03-15 09:58 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\59e5350c-40fc-4382-b39e-b8cb16ba8533.tmp.node
2021-03-16 08:45 - 2021-03-16 08:45 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\5b611b75-e6e1-4f73-95ae-2b181b28f441.tmp.ico
2021-03-10 09:09 - 2021-03-10 09:09 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\5f03884c-241a-47da-bdb3-4610f5e61ee3.tmp.node
2021-03-16 08:52 - 2021-03-16 08:52 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\73a52ebc-7ede-4e29-a239-20f241ab02d9.tmp.ico
2021-03-11 10:01 - 2021-03-11 10:01 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\7c2e2fda-9f66-4470-a9c8-286ce59f9ecd.tmp.ico
2021-03-10 09:09 - 2021-03-10 09:09 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\7c784a3b-f994-4e72-9bf4-d20dbea43491.tmp.ico
2021-03-12 20:14 - 2021-03-12 20:14 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\7e30f3ef-c531-4d3e-88b2-d51af3e3d85b.tmp.node
2021-03-12 02:16 - 2021-03-12 02:16 - 001968640 ____A [A4C5A9DC19D6E18DE92EC74C88B6E049] () C:\Users\Baz\AppData\Local\Temp\7fb55160-2b60-4c50-b9e6-cb47eb46024b.tmp.node
2021-03-12 02:14 - 2021-03-12 02:14 - 000132096 ____A [6F7386F10003C93B4AA4C0F0C04636C1] () C:\Users\Baz\AppData\Local\Temp\8837cf88-e50e-43e3-8aa5-0745e42ad6f8.tmp.node
2021-03-10 18:57 - 2021-03-10 18:57 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\8cda3d29-7350-4292-b39b-99136a30e408.tmp.ico
2021-03-12 02:14 - 2021-03-12 02:14 - 000124928 ____A [FEA83F6554135D49227FB7C42ABD707B] () C:\Users\Baz\AppData\Local\Temp\8e85404d-a058-47fb-ad80-189b935700be.tmp.node
2021-03-14 12:06 - 2021-03-14 12:06 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\9104479e-89ef-4fae-94d4-42ea1229cfe6.tmp.ico
2021-03-07 12:42 - 2021-03-07 12:42 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\98fcda8a-d5e5-426d-9c17-f4025d6bb6c9.tmp.node
2021-03-12 02:14 - 2021-03-12 02:14 - 001305600 ____A [39A6F08F1909159930F6C234173A1C93] () C:\Users\Baz\AppData\Local\Temp\9fd12d75-e579-4a67-bf45-5af44ebe7e09.tmp.node
2021-03-05 18:59 - 2021-03-15 21:13 - 000067572 ____A [3A79940F2B6CD3DBE695F570BBC0DE28] () C:\Users\Baz\AppData\Local\Temp\acroNGLLog.txt
2021-03-04 01:52 - 2021-03-16 09:03 - 000044300 ____A [C8700F48C775792AFD12C1B84E67C639] () C:\Users\Baz\AppData\Local\Temp\AdobeARM.log
2021-03-11 23:53 - 2021-03-11 23:53 - 000000191 ____A [3A5F70A185EA594B8F63D1C684FAA182] () C:\Users\Baz\AppData\Local\Temp\AdobeARM_NotLocked.log
2021-03-04 02:00 - 2021-03-16 09:03 - 000607090 ____A [2FBE064FFDAB0A800DF639854C838DB7] () C:\Users\Baz\AppData\Local\Temp\adobegc.log
2019-12-21 03:24 - 2021-03-16 09:06 - 000000254 ____A [1465A774C26A4158EE887534F823B4AB] () C:\Users\Baz\AppData\Local\Temp\AdobeIPCBroker.log
2021-03-12 20:14 - 2021-03-12 20:14 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\af0ef44b-c6fd-4f3b-a92d-f443d4b8fc21.tmp.ico
2021-03-12 02:14 - 2021-03-12 02:14 - 000124928 ____A [FEA83F6554135D49227FB7C42ABD707B] () C:\Users\Baz\AppData\Local\Temp\afbbd707-f4b3-4c58-8e7f-9b1a6a0c027d.tmp.node
2021-03-14 19:14 - 2021-03-14 19:14 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-1044.log
2021-03-16 08:52 - 2021-03-16 08:52 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-10956.log
2021-03-14 18:35 - 2021-03-14 18:35 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-11476.log
2021-03-15 21:06 - 2021-03-15 21:06 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-12844.log
2021-03-15 09:58 - 2021-03-15 09:58 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-12868.log
2021-03-16 08:45 - 2021-03-16 08:45 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-15224.log
2021-03-14 19:04 - 2021-03-14 19:04 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-15296.log
2021-03-15 21:16 - 2021-03-15 21:16 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-4456.log
2021-03-14 18:45 - 2021-03-14 18:45 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-6012.log
2021-03-14 19:27 - 2021-03-14 19:27 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-7140.log
2021-03-14 18:31 - 2021-03-14 18:31 - 000001272 ____A [24E1CE736FC77389CC7484932259FEC3] () C:\Users\Baz\AppData\Local\Temp\aria-debug-7772.log
2021-03-15 09:41 - 2021-03-15 09:41 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-7780.log
2021-03-16 00:21 - 2021-03-16 00:21 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-9036.log
2021-03-16 08:45 - 2021-03-16 08:45 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\aria-debug-9656.log
2021-03-16 07:48 - 2021-03-16 09:03 - 000257928 ____A [864C22FB9A1C0670EDF01C6ED3E4FBE4] () C:\Users\Baz\AppData\Local\Temp\ArmUI.ini
2021-03-11 20:08 - 2021-03-11 20:08 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\b07076d7-e68b-47e1-8537-e950733914b0.tmp.node
2021-03-12 02:14 - 2021-03-12 02:14 - 001305600 ____A [39A6F08F1909159930F6C234173A1C93] () C:\Users\Baz\AppData\Local\Temp\ba50a0b0-30fb-44c3-84d6-a4bcb1a89016.tmp.node
2021-03-12 02:16 - 2021-03-12 02:16 - 001305600 ____A [39A6F08F1909159930F6C234173A1C93] () C:\Users\Baz\AppData\Local\Temp\bc1dc00e-0da9-4032-974b-ca4b1cc7233b.tmp.node
2021-03-12 02:16 - 2021-03-12 02:16 - 001968640 ____A [A4C5A9DC19D6E18DE92EC74C88B6E049] () C:\Users\Baz\AppData\Local\Temp\bce91d0a-e644-46b8-9644-a0426786a503.tmp.node
2021-03-14 18:25 - 2021-03-14 18:25 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\c5c48f9e-b52c-4b62-9a3e-398b4dd9418d.tmp.ico
2021-03-07 13:04 - 2021-03-07 13:04 - 000000226 ____A [37FE69CAF5459AB7916E9B23AB01AA0F] () C:\Users\Baz\AppData\Local\Temp\CEP9-AEFT.log
2021-03-05 19:42 - 2021-03-10 21:52 - 000000261 ____A [BA90909BD3C92682666F8C30DB656FF8] () C:\Users\Baz\AppData\Local\Temp\CEP9-PHXS.log
2021-03-07 13:04 - 2021-03-07 14:11 - 000001339 ____A [D1BE7507E81F2F60C52B2DB8B30C63F8] () C:\Users\Baz\AppData\Local\Temp\CEPHtmlEngine9-AEFT-16.1.3-com.rendertom.flow.log
2021-03-07 13:04 - 2021-03-07 14:11 - 000000003 ____A [ECAA88F7FA0BF610A5A26CF545DCD3AA] () C:\Users\Baz\AppData\Local\Temp\CEPHtmlEngine9-AEFT-16.1.3-com.rendertom.flow-renderer.log
2021-03-05 19:42 - 2021-03-11 00:23 - 000000003 ____A [ECAA88F7FA0BF610A5A26CF545DCD3AA] () C:\Users\Baz\AppData\Local\Temp\CEPHtmlEngine9-PHXS-20.0.6-com.adobe.Butler.backend.log
2021-03-05 19:42 - 2021-03-11 00:23 - 000000003 ____A [ECAA88F7FA0BF610A5A26CF545DCD3AA] () C:\Users\Baz\AppData\Local\Temp\CEPHtmlEngine9-PHXS-20.0.6-com.adobe.Butler.backend-renderer.log
2021-03-05 19:42 - 2021-03-10 21:52 - 000000003 ____A [ECAA88F7FA0BF610A5A26CF545DCD3AA] () C:\Users\Baz\AppData\Local\Temp\CEPHtmlEngine9-PHXS-20.0.6-com.adobe.ccx.fnft.log
2021-03-05 19:42 - 2021-03-10 21:52 - 000000003 ____A [ECAA88F7FA0BF610A5A26CF545DCD3AA] () C:\Users\Baz\AppData\Local\Temp\CEPHtmlEngine9-PHXS-20.0.6-com.adobe.ccx.fnft-renderer.log
2021-03-05 19:42 - 2021-03-11 00:23 - 000000003 ____A [ECAA88F7FA0BF610A5A26CF545DCD3AA] () C:\Users\Baz\AppData\Local\Temp\CEPHtmlEngine9-PHXS-20.0.6-com.adobe.ccx.start.log
2021-03-05 19:42 - 2021-03-11 00:23 - 000000003 ____A [ECAA88F7FA0BF610A5A26CF545DCD3AA] () C:\Users\Baz\AppData\Local\Temp\CEPHtmlEngine9-PHXS-20.0.6-com.adobe.ccx.start-renderer.log
2021-03-08 08:44 - 2021-03-08 08:44 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\cf3f7365-11e4-4338-8bc1-c524163a1424.tmp.ico
2021-03-15 22:58 - 2021-03-15 22:58 - 000014286 ____A [02F6CC6152D98A55F4427A812CD82DC6] () C:\Users\Baz\AppData\Local\Temp\codeint6933
2021-03-16 08:52 - 2021-03-16 08:52 - 000099840 ____A [46384CA022EFE1309194BCF820874F31] () C:\Users\Baz\AppData\Local\Temp\db5f8cc8-a09c-413e-aa98-4fd83c6a426e.tmp.node
2021-03-12 02:16 - 2021-03-12 02:16 - 000124928 ____A [FEA83F6554135D49227FB7C42ABD707B] () C:\Users\Baz\AppData\Local\Temp\dbadc2c3-6263-4fca-90bb-8278acc7fb30.tmp.node
2021-03-09 18:28 - 2021-03-09 18:28 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\dbc91c2e-9f5a-4c2b-b257-721369c68976.tmp.ico
2021-03-09 18:28 - 2021-03-09 18:28 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\df14eb51-c669-4769-a11c-d10455b3054f.tmp.node
2021-03-04 18:29 - 2021-03-16 08:52 - 000062144 ____A [78D0642D6921D76AF88E9FB541FE015E] () C:\Users\Baz\AppData\Local\Temp\distNGLLog.txt
2021-03-12 09:55 - 2021-03-12 09:55 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\e22e5e7d-0776-4732-98ef-d5ee08d4084b.tmp.ico
2021-03-16 08:45 - 2021-03-16 08:45 - 000099840 ____A [46384CA022EFE1309194BCF820874F31] () C:\Users\Baz\AppData\Local\Temp\e3ec5354-514e-404f-9155-54d417f955f4.tmp.node
2021-03-15 09:58 - 2021-03-15 09:58 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\e52da3d4-bbfe-4735-a263-9e8e96ecd935.tmp.ico
2021-03-09 19:24 - 2021-03-12 00:01 - 000003153 ____A [E6DE4939B43B7471079AE1EA149C6AB5] () C:\Users\Baz\AppData\Local\Temp\ecache.bin
2021-03-12 02:14 - 2021-03-12 02:14 - 001968640 ____A [A4C5A9DC19D6E18DE92EC74C88B6E049] () C:\Users\Baz\AppData\Local\Temp\eda8bf71-25a5-4bea-b003-5133c4c3fdd8.tmp.node
2021-03-15 09:41 - 2021-03-15 09:41 - 000099840 ____A [05907801CF2ED6786A19283E7D91F6BC] () C:\Users\Baz\AppData\Local\Temp\f1622da9-7cbc-4534-b493-cccd2fbb0b96.tmp.node
2021-03-11 20:08 - 2021-03-11 20:08 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\f9f41cb9-6ba1-4b4e-afff-12470317684d.tmp.ico
2021-03-07 12:42 - 2021-03-07 12:42 - 000370070 ____A [BC343026ECE858EFB2F8281AE7631F37] () C:\Users\Baz\AppData\Local\Temp\fd4c95b4-7eff-4426-ad35-bef3b8ebcea4.tmp.ico
2021-03-04 04:24 - 2021-03-15 21:11 - 000000712 ____A [7FA4D364E61E8B43678AC6CD0B5EDE55] () C:\Users\Baz\AppData\Local\Temp\JavaDeployReg.log
2021-03-04 04:24 - 2021-03-16 08:57 - 000248863 ____A [F98767A63FC0B9D2C09B5EA631E0483B] () C:\Users\Baz\AppData\Local\Temp\jusched.log
2021-03-04 18:29 - 2021-03-16 08:52 - 000000170 ____A [2C47265A31DBE4D9EEDE6F36D5F270CF] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC1.ngllogcontrolconfig
2021-03-07 12:43 - 2021-03-07 12:43 - 000006309 ____A [3B0AE96ED3C39004FEE1A1D3D99BBD7C] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-07 12-43-07-817.log
2021-03-07 12:45 - 2021-03-07 12:45 - 000006281 ____A [9BAE1CE9CD873D8D5F0A75F24C7A7F16] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-07 12-45-04-048.log
2021-03-08 08:45 - 2021-03-08 08:45 - 000016086 ____A [C3264BD062E776F76CD076A5CAFA47E7] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-08 08-45-12-345.log
2021-03-08 18:26 - 2021-03-08 18:26 - 000006281 ____A [3B1775A997CA8D028999122E01AB9B0C] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-08 18-26-30-872.log
2021-03-08 18:28 - 2021-03-08 18:28 - 000006281 ____A [9CD72ABF6EB7C54B38E440D1AFD0761B] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-08 18-28-27-281.log
2021-03-08 22:25 - 2021-03-08 22:25 - 000016113 ____A [A4B25E4B719370B305466B38D504914D] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-08 22-25-38-848.log
2021-03-09 18:28 - 2021-03-09 18:28 - 000016315 ____A [3998B3839AD3BD7C5426C25D98CAF3B2] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-09 18-28-38-416.log
2021-03-09 18:30 - 2021-03-09 18:30 - 000006309 ____A [F81E773C55571627EB7250755938F610] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-09 18-30-29-639.log
2021-03-10 09:09 - 2021-03-10 09:09 - 000016113 ____A [B64452191AC4618576F4F90253237468] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-10 09-09-12-093.log
2021-03-10 18:57 - 2021-03-10 18:57 - 000006309 ____A [05791A349CA321C95FD76EACB3323A25] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-10 18-57-46-744.log
2021-03-10 18:59 - 2021-03-10 18:59 - 000006309 ____A [372807C82D6D54743413B719ED0E28EF] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-10 18-59-41-944.log
2021-03-11 10:01 - 2021-03-11 10:01 - 000016113 ____A [C09B2D16474F18C016D4267DE552F601] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-11 10-01-11-983.log
2021-03-11 20:08 - 2021-03-11 20:08 - 000006281 ____A [52241EED2CD070E1378197A5F736D548] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-11 20-08-48-584.log
2021-03-11 20:10 - 2021-03-11 20:10 - 000006309 ____A [F5407F45C0A1105F886FEA6D00EB8557] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-11 20-10-43-554.log
2021-03-12 09:56 - 2021-03-12 09:56 - 000016317 ____A [E9C98338025BCE2F246C3587CB19E770] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-12 09-56-06-136.log
2021-03-12 20:14 - 2021-03-12 20:14 - 000006281 ____A [298655DA44C7D3B71C6409A87586E699] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-12 20-14-47-769.log
2021-03-12 20:16 - 2021-03-12 20:16 - 000006281 ____A [D2CF57925DCED730F491A11BE303898D] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-12 20-16-43-926.log
2021-03-13 17:23 - 2021-03-13 17:23 - 000016113 ____A [24ECD9D83882C1535D3DA6ED2A6A8125] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-13 17-23-21-480.log
2021-03-14 12:07 - 2021-03-14 12:07 - 000006281 ____A [39748263556FD0A9229430F1947FCF98] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-14 12-07-04-395.log
2021-03-14 12:09 - 2021-03-14 12:09 - 000006309 ____A [C3685AEBF776D543652443469CC96C55] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-14 12-09-01-209.log
2021-03-14 18:25 - 2021-03-14 18:25 - 000016086 ____A [A5D931CAF7DB0AFA91E9CFE2E8DAA29E] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-14 18-25-41-642.log
2021-03-15 09:41 - 2021-03-15 09:41 - 000006244 ____A [3E213412DCC3029BFAE360C8536413C2] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-15 09-41-44-878.log
2021-03-15 09:58 - 2021-03-15 09:58 - 000006281 ____A [0D7EED483E0F546D541B13CD07BF9DF3] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-15 09-58-56-339.log
2021-03-15 21:06 - 2021-03-15 21:06 - 000006281 ____A [5CE5C3F49237DA74897EF49048AACA13] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-15 21-06-29-086.log
2021-03-15 21:08 - 2021-03-15 21:08 - 000006290 ____A [292AE64B06A6D0040B7868EF7C948673] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-15 21-08-24-285.log
2021-03-16 08:45 - 2021-03-16 08:45 - 000016092 ____A [27C84B5D2D05A5416B9DD74EDF2599DC] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-16 08-45-42-999.log
2021-03-16 08:52 - 2021-03-16 08:52 - 000006309 ____A [5D7992491CECDDF33E09E84780F24224] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0 2021-03-16 08-52-17-404.log
2019-08-25 20:39 - 2021-03-16 09:06 - 000006309 ____A [00C4549650E5E57FCD43AF70DEBC7BFB] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AcrobatDC112.0.log
2021-03-07 13:04 - 2021-03-07 14:11 - 000011901 ____A [020C7E26373ABD6D16809A63049337E1] () C:\Users\Baz\AppData\Local\Temp\NGLClient_AfterEffects116.1.3.log
2021-03-05 19:41 - 2021-03-11 00:23 - 000060925 ____A [8744361760DA72D9463ED73916E0117C] () C:\Users\Baz\AppData\Local\Temp\NGLClient_Photoshop120.0.6.log
2021-03-04 22:29 - 2021-03-10 21:26 - 000003159 ____A [623BBFF61291A5C40098B76EDAF55AAD] () C:\Users\Baz\AppData\Local\Temp\octren1
2021-03-10 09:15 - 2021-03-10 09:15 - 010928004 ____A [1CBFA11049EC1BB0ECA8F0F7D0DE0FDE] () C:\Users\Baz\AppData\Local\Temp\PDApp 2021-3-10 09-15-40.log
2019-12-21 02:00 - 2021-03-10 13:19 - 000005406 ____A [20D08555AD207DBE01F685960B4AD9E1] () C:\Users\Baz\AppData\Local\Temp\PDApp 3-10-2021 18-57-37.log
2019-12-21 02:00 - 2021-03-16 09:06 - 006517358 ____A [D7804B4F12ABABA02AD10F0FDC28C4A3] () C:\Users\Baz\AppData\Local\Temp\PDApp.log
2021-03-09 18:28 - 2021-03-15 21:06 - 000050524 ____A [9EC73890E9B7F5C9C49AD7152097F11F] () C:\Users\Baz\AppData\Local\Temp\sa.Microsoft.MicrosoftPrinttoPDFSettings_8wekyb3d8bbwe_1__.Public.InstallAgent.dat
2021-03-10 11:03 - 2021-03-10 11:03 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\tmp53ED.tmp
2021-03-15 22:40 - 2021-03-15 22:40 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\tmp8BD2.tmp
2021-03-15 22:40 - 2021-03-15 22:40 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\tmp8BD2.xml
2021-03-15 22:40 - 2021-03-15 22:43 - 000020623 ____A [18B841F4A13A5E5DE1AD1C7B7837E6E4] () C:\Users\Baz\AppData\Local\Temp\tmp8BE3.tmp
2021-03-14 18:27 - 2021-03-14 18:27 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\tmp9A32.tmp
2021-03-11 21:43 - 2021-03-11 21:43 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\tmpE5A5.tmp
2021-03-11 19:55 - 2021-03-11 19:55 - 000035383 ____A [93A103DEAAA91F70359230F8D67055E9] () C:\Users\Baz\AppData\Local\Temp\wct12BE.tmp
2021-02-24 20:10 - 2021-02-24 20:10 - 000000726 ____A [161CD2F6B94FFF776077A497023F1D6A] () C:\Users\Baz\AppData\Local\Temp\wct1733.tmp
2021-03-05 20:10 - 2021-03-05 20:10 - 000035199 ____A [0AB56FF26B43D97D22E6581C0F35FC70] () C:\Users\Baz\AppData\Local\Temp\wct59E.tmp
2021-02-24 20:10 - 2021-02-24 20:10 - 000000726 ____A [161CD2F6B94FFF776077A497023F1D6A] () C:\Users\Baz\AppData\Local\Temp\wct765.tmp
2021-03-09 20:35 - 2021-03-09 20:35 - 000035311 ____A [DFE516FB16D839FE3AB0D6AEF8E6BC4B] () C:\Users\Baz\AppData\Local\Temp\wctA4C9.tmp
2021-03-11 21:20 - 2021-03-11 21:20 - 000035381 ____A [12A16CDEB34470A7EA7D4B3A3D56640E] () C:\Users\Baz\AppData\Local\Temp\wctA52.tmp
2021-02-24 20:10 - 2021-02-24 20:10 - 000000726 ____A [161CD2F6B94FFF776077A497023F1D6A] () C:\Users\Baz\AppData\Local\Temp\wctA651.tmp
2021-03-12 23:45 - 2021-03-12 23:45 - 000035380 ____A [ABDEE4660F57A19511AF1CF0075ADD9A] () C:\Users\Baz\AppData\Local\Temp\wctB875.tmp
2021-02-24 20:10 - 2021-02-24 20:10 - 000000726 ____A [161CD2F6B94FFF776077A497023F1D6A] () C:\Users\Baz\AppData\Local\Temp\wctBA0C.tmp
2021-02-24 20:10 - 2021-02-24 20:10 - 000000726 ____A [161CD2F6B94FFF776077A497023F1D6A] () C:\Users\Baz\AppData\Local\Temp\wctC66.tmp
2021-03-12 23:45 - 2021-03-12 23:45 - 000035380 ____A [ABDEE4660F57A19511AF1CF0075ADD9A] () C:\Users\Baz\AppData\Local\Temp\wctCD0B.tmp
2021-03-09 00:25 - 2021-03-09 00:25 - 000035309 ____A [2E11247D365FB6FB41E6D97D3486C9B6] () C:\Users\Baz\AppData\Local\Temp\wctCE63.tmp
2021-02-24 20:10 - 2021-02-24 20:10 - 000000726 ____A [161CD2F6B94FFF776077A497023F1D6A] () C:\Users\Baz\AppData\Local\Temp\wctCE93.tmp
2021-02-24 20:10 - 2021-02-24 20:10 - 000000726 ____A [161CD2F6B94FFF776077A497023F1D6A] () C:\Users\Baz\AppData\Local\Temp\wctCFFA.tmp
2021-03-05 20:10 - 2021-03-05 20:10 - 000035199 ____A [0AB56FF26B43D97D22E6581C0F35FC70] () C:\Users\Baz\AppData\Local\Temp\wctDA47.tmp
2021-02-24 20:10 - 2021-02-24 20:10 - 000000726 ____A [161CD2F6B94FFF776077A497023F1D6A] () C:\Users\Baz\AppData\Local\Temp\wctDBDE.tmp
2021-03-07 21:20 - 2021-03-07 21:20 - 000000855 ____A [305CAEC7830A65096A13A56FE5BA50D0] () C:\Users\Baz\AppData\Local\Temp\web_connector_args_17396.txt
2021-03-11 23:31 - 2021-03-11 23:31 - 000000855 ____A [AA7401EA43B0CA5B8B636E96B7CC5D18] () C:\Users\Baz\AppData\Local\Temp\web_connector_args_17872.txt
2021-03-09 23:08 - 2021-03-09 23:08 - 000000855 ____A [B63215348B826BF908F72B0AB39BE0CA] () C:\Users\Baz\AppData\Local\Temp\web_connector_args_18868.txt
2021-03-14 22:37 - 2021-03-14 22:37 - 000000853 ____A [DEB749E234DFDBABEE4B0475014CBB50] () C:\Users\Baz\AppData\Local\Temp\web_connector_args_9720.txt
2021-03-11 23:51 - 2021-03-11 23:51 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\{AC76BA86-1033-FFFF-7760-0C0F074E4100}
2021-03-11 23:51 - 2021-03-11 23:51 - 000000220 ____A [87A7D1E04F32810FEB9B7F25814E1C85] () C:\Users\Baz\AppData\Local\Temp\{AC76BA86-1033-FFFF-7760-0C0F074E4100}\AcrobatDistiller.sif
2021-03-11 23:51 - 2021-03-11 23:51 - 000001160 ____A [BEFBC2FDE21B5160236CBFA13950D906] () C:\Users\Baz\AppData\Local\Temp\{AC76BA86-1033-FFFF-7760-0C0F074E4100}\AcrobatETLA.sif
2021-03-11 23:51 - 2021-03-11 23:51 - 000028420 ____A [F2B266A09E8F05D3B6CAFF03B252F55E] () C:\Users\Baz\AppData\Local\Temp\{AC76BA86-1033-FFFF-7760-0C0F074E4100}\AcrobatPerpetual.sif
2021-03-11 23:51 - 2021-03-11 23:51 - 000000220 ____A [2B130B52F04A04D0910F1C9BF77B4265] () C:\Users\Baz\AppData\Local\Temp\{AC76BA86-1033-FFFF-7760-0C0F074E4100}\AcrobatTrial.sif
2021-03-11 23:51 - 2021-03-11 23:51 - 000150176 ____A [283A2AEF654797296A832350D82DD88F] (Adobe Systems Inc.) C:\Users\Baz\AppData\Local\Temp\{AC76BA86-1033-FFFF-7760-0C0F074E4100}\ASNEU.DLL
2021-03-15 22:57 - 2021-03-16 09:06 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\Acrobat Distiller DC
2021-03-16 09:06 - 2021-03-16 09:06 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\Acrobat Distiller DC\00000998
2021-03-16 09:06 - 2021-03-16 09:06 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\Acrobat Distiller DC\00000998\dirlock.tmp
2021-03-16 09:06 - 2021-03-16 09:06 - 000000137 ____A [3083005B3A7158662827B6EB9BEC066A] () C:\Users\Baz\AppData\Local\Temp\Acrobat Distiller DC\00000998\Temp.msg
2021-03-16 09:06 - 2021-03-16 09:06 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\Acrobat Distiller DC\000024A0
2021-03-16 09:06 - 2021-03-16 09:06 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\Acrobat Distiller DC\000024A0\dirlock.tmp
2021-03-16 09:06 - 2021-03-16 09:06 - 000000137 ____A [3083005B3A7158662827B6EB9BEC066A] () C:\Users\Baz\AppData\Local\Temp\Acrobat Distiller DC\000024A0\Temp.msg
2021-03-07 13:04 - 2021-03-07 13:04 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\Adobe
2021-03-07 13:04 - 2021-03-07 13:04 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\Adobe\After Effects
2021-03-07 13:04 - 2021-03-15 21:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\Adobe\After Effects\16.1
2021-03-04 21:15 - 2021-03-04 21:15 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\Blizzard Entertainment
2021-03-04 21:15 - 2021-03-13 18:48 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\Blizzard Entertainment\Hearthstone
2021-03-04 21:15 - 2021-03-04 21:15 - 000000219 ____A [AE84ECF668F2A406BDA72EAC83661403] () C:\Users\Baz\AppData\Local\Temp\Blizzard Entertainment\Hearthstone\0b30e5151851b257fa569bd7b2b2dc0bdf4232e18e0769785856839715c00e98.apps
2021-03-09 21:49 - 2021-03-09 21:49 - 000008166 ____A [ACB975FB85E77BA2A3B92B0CCF8E29DD] () C:\Users\Baz\AppData\Local\Temp\Blizzard Entertainment\Hearthstone\0fc18e7ae62f6c922d04dd18fc8f41c55047cffe6924eaadc3840c261669935a.pfty
2021-03-04 21:15 - 2021-03-04 21:15 - 000001180 ____A [F214AF2532F1F25EB5DF65FD971D05B2] () C:\Users\Baz\AppData\Local\Temp\Blizzard Entertainment\Hearthstone\2cc2d922daddbdda711ac0243e59e0fc6d6a71cfd4c73df082a11c8f7bf1ea43.hss
2021-03-04 21:15 - 2021-03-04 21:15 - 000008179 ____A [02F6640D6C54BA076276DB6AE9D10BDD] () C:\Users\Baz\AppData\Local\Temp\Blizzard Entertainment\Hearthstone\4928f7e8de4de3f98ee1eea3c2bbd10bdb33264cd8c40c1aa4e84679a4f6c55d.pfty
2021-03-05 20:57 - 2021-03-05 20:57 - 000000409 ____A [33F337FE592F2DDAF56F29BFB83FD1A3] () C:\Users\Baz\AppData\Local\Temp\Blizzard Entertainment\Hearthstone\66fbccf7064be868756093d4b21ad81e149c3fb3c2e4c58a8e89144de50b2e54.zeus
2021-03-05 20:57 - 2021-03-05 20:57 - 000000691 ____A [ADA61D20A92DE6E3F9A0C5E3CA0DA21E] () C:\Users\Baz\AppData\Local\Temp\Blizzard Entertainment\Hearthstone\6947bfcb2b8dfd36d95fcb8f1422634098619254f3a31de78073903c41b96b52.zeus
2021-03-04 21:15 - 2021-03-04 21:15 - 000000196 ____A [A0CC847BAA85966692B5A34B3CB49ED6] () C:\Users\Baz\AppData\Local\Temp\Blizzard Entertainment\Hearthstone\7fd51669179de5b52e1a6cfb4fb33f3408cc6d3f6697b1d7bda4447b032d5386.bsas
2021-03-04 21:15 - 2021-03-04 21:15 - 000000476 ____A [FB420CF7FC507BB9207C3B444E2A18BE] () C:\Users\Baz\AppData\Local\Temp\Blizzard Entertainment\Hearthstone\9d4635527c13b05bfe71977e86f869fb7368e23bd1bdd0067ca50698830517e0.pros
2021-03-05 20:57 - 2021-03-05 20:57 - 000000642 ____A [14126D0264662EED7D6A3098FDDDFCE7] () C:\Users\Baz\AppData\Local\Temp\Blizzard Entertainment\Hearthstone\9da63e6295c12033dbf683401b9fcd968022e58753fc2b9bf03009151125009e.zeus
2021-03-05 19:42 - 2021-03-07 13:04 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache
2021-03-07 13:04 - 2021-03-15 21:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow
2021-03-07 13:04 - 2021-03-07 13:04 - 000028672 ____A [4877B475816CE6D88A381EA863B329CB] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\Cookies
2021-03-07 13:04 - 2021-03-07 13:04 - 000000004 ____A [630EFF1B380505A67570DFF952CE4AD7] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\DevToolsActivePort
2021-03-07 13:04 - 2021-03-07 14:11 - 000131072 ____A [A76E477A43D9D3A5988EA72C2A9A1802] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\Visited Links
2021-03-07 13:04 - 2021-03-07 13:04 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\Cache
2021-03-07 13:04 - 2021-03-07 14:11 - 000045056 ____A [292E4358F6F2112012E274A7CBD9C241] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\Cache\data_0
2021-03-07 13:04 - 2021-03-07 14:11 - 000270336 ____A [3652C6749EA2B0781C4F33A90C1BE2CE] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\Cache\data_1
2021-03-07 13:04 - 2021-03-07 13:04 - 000008192 ____A [0962291D6D367570BEE5454721C17E11] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\Cache\data_2
2021-03-07 13:04 - 2021-03-07 14:11 - 004202496 ____A [5DD1D6CB31C9EAB05C0BAD0DF174DFF9] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\Cache\data_3
2021-03-07 13:04 - 2021-03-07 13:04 - 000524656 ____A [A63B4638B21C3BE9F31309ED6030458B] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\Cache\index
2021-03-07 13:04 - 2021-03-07 13:04 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\GPUCache
2021-03-07 13:04 - 2021-03-07 14:11 - 000045056 ____A [07808D899D6D27975C58FC64D07D2D87] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\GPUCache\data_0
2021-03-07 13:04 - 2021-03-07 14:11 - 000270336 ____A [1B50DA2D047051614F1B8C9114DF9DEF] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\GPUCache\data_1
2021-03-07 13:04 - 2021-03-07 13:04 - 000008192 ____A [0962291D6D367570BEE5454721C17E11] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\GPUCache\data_2
2021-03-07 13:04 - 2021-03-07 14:11 - 004202496 ____A [84071BE1248F13B8792AFA2210DACC75] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\GPUCache\data_3
2021-03-07 13:04 - 2021-03-07 13:04 - 000262512 ____A [EE2D6E999297B431471493816D1F4F94] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\GPUCache\index
2021-03-07 13:04 - 2021-03-15 21:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\AEFT_16.1.3_com.rendertom.flow\Local Storage
2021-03-05 19:42 - 2021-03-13 18:48 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend
2021-03-05 19:42 - 2021-03-05 19:42 - 000028672 ____A [4877B475816CE6D88A381EA863B329CB] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\Cookies
2021-03-05 19:42 - 2021-03-11 00:23 - 000131072 ____A [AC964B143703E98A747146778FD3CB60] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\Visited Links
2021-03-05 19:42 - 2021-03-05 19:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\GPUCache
2021-03-05 19:42 - 2021-03-05 19:42 - 000008192 ____A [CF89D16BB9107C631DAABF0C0EE58EFB] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\GPUCache\data_0
2021-03-05 19:42 - 2021-03-11 00:23 - 000270336 ____A [C25965FE0B0B81273509B87D7A8FBDFD] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\GPUCache\data_1
2021-03-05 19:42 - 2021-03-05 19:42 - 000008192 ____A [0962291D6D367570BEE5454721C17E11] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\GPUCache\data_2
2021-03-05 19:42 - 2021-03-05 19:42 - 000008192 ____A [41876349CB12D6DB992F1309F22DF3F0] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\GPUCache\data_3
2021-03-05 19:42 - 2021-03-05 19:42 - 000262512 ____A [8747BF61E69D59EC0D6A78AA7061FA10] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\GPUCache\index
2021-03-05 19:42 - 2021-03-05 19:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\Local Storage
2021-03-05 19:42 - 2021-03-13 18:48 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\Local Storage\leveldb
2021-03-05 19:42 - 2021-03-05 19:42 - 000000016 ____A [46295CAC801E5D4857D09837238A6394] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\Local Storage\leveldb\CURRENT
2021-03-05 19:42 - 2021-03-11 00:23 - 000000185 ____A [EAEAE4CDD2AF4FF45CCB629F65A21F16] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\Local Storage\leveldb\LOG
2021-03-05 19:42 - 2021-03-10 00:19 - 000000182 ____A [99ED2E46E90FCF4F5E0D11D249F535F3] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\Local Storage\leveldb\LOG.old
2021-03-05 19:42 - 2021-03-05 19:42 - 000000041 ____A [5AF87DFD673BA2115E2FCF5CFDB727AB] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.Butler.backend\Local Storage\leveldb\MANIFEST-000001
2021-03-05 19:42 - 2021-03-13 18:48 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft
2021-03-05 19:42 - 2021-03-10 21:52 - 000131072 ____A [78C04260802661C344B27A00BB4FEEB6] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\Visited Links
2021-03-05 19:42 - 2021-03-05 19:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\GPUCache
2021-03-05 19:42 - 2021-03-10 21:52 - 000045056 ____A [DB11987DB9EB5F97897FD2DFB929B8D5] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\GPUCache\data_0
2021-03-05 19:42 - 2021-03-10 21:52 - 000270336 ____A [22AE83944E1B93EFC780BA027B0A2AC0] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\GPUCache\data_1
2021-03-05 19:42 - 2021-03-05 19:42 - 000008192 ____A [0962291D6D367570BEE5454721C17E11] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\GPUCache\data_2
2021-03-05 19:42 - 2021-03-10 21:52 - 004202496 ____A [26EAE6BDD54E2BB8AD5A2E83F06CA145] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\GPUCache\data_3
2021-03-05 19:42 - 2021-03-05 19:42 - 000262512 ____A [B20206142AD073C3B778CBCB08725C6A] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\GPUCache\index
2021-03-05 19:42 - 2021-03-05 19:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\Local Storage
2021-03-05 19:42 - 2021-03-13 18:48 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\Local Storage\leveldb
2021-03-05 19:42 - 2021-03-05 19:42 - 000512473 ____A [3FD2F9C0409E977EC1374D1DD3AA0591] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\Local Storage\leveldb\000003.ldb
2021-03-05 19:42 - 2021-03-10 21:52 - 000015795 ____A [FB4DAD46CACCE6F693AB1AF8E964E266] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\Local Storage\leveldb\000004.log
2021-03-05 19:42 - 2021-03-05 19:42 - 000000016 ____A [46295CAC801E5D4857D09837238A6394] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\Local Storage\leveldb\CURRENT
2021-03-05 19:42 - 2021-03-10 21:52 - 000000185 ____A [9041669FFB80E4D47B4102A340303706] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\Local Storage\leveldb\LOG
2021-03-05 19:42 - 2021-03-05 19:42 - 000000112 ____A [992B4684CD7661DEEE78F625E0FC570B] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.fnft\Local Storage\leveldb\MANIFEST-000001
2021-03-05 19:42 - 2021-03-05 19:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start
2021-03-05 19:42 - 2021-03-10 21:53 - 000028672 ____A [87F2238CBC48125C85D55CA2385ED1ED] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Cookies
2021-03-05 19:42 - 2021-03-10 21:53 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Cookies-journal
2021-03-05 19:42 - 2021-03-11 00:23 - 000131072 ____A [D30C40C86C24EB2777059E005EE48AF9] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Visited Links
2021-03-05 19:42 - 2021-03-10 21:52 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Cache
2021-03-05 19:42 - 2021-03-11 00:23 - 000045056 ____A [27D253671867025CD05C1B56A2EB76CD] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Cache\data_0
2021-03-05 19:42 - 2021-03-11 00:23 - 000270336 ____A [99855AEA2D0104500A0426C0E721E405] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Cache\data_1
2021-03-05 19:42 - 2021-03-05 19:42 - 000008192 ____A [0962291D6D367570BEE5454721C17E11] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Cache\data_2
2021-03-05 19:42 - 2021-03-11 00:23 - 004202496 ____A [1A224B5CA0DB7E7D3629BEC8E3FBCD60] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Cache\data_3
2021-03-05 19:42 - 2021-03-05 19:42 - 000524656 ____A [7EEDC2A75D3F3D5CBF378B69FB7BAB22] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Cache\index
2021-03-05 19:42 - 2021-03-05 19:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\GPUCache
2021-03-05 19:42 - 2021-03-11 00:23 - 000045056 ____A [3577EE2EF4C5F22E5F7E462B7BFA9152] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\GPUCache\data_0
2021-03-05 19:42 - 2021-03-11 00:23 - 000270336 ____A [71FA9AFFA20A1FBD277D5476934488D6] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\GPUCache\data_1
2021-03-05 19:42 - 2021-03-05 19:42 - 000008192 ____A [0962291D6D367570BEE5454721C17E11] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\GPUCache\data_2
2021-03-05 19:42 - 2021-03-06 01:17 - 004202496 ____A [B145FCBCFBDEF7EF3C5D8199BD8A1A58] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\GPUCache\data_3
2021-03-05 19:42 - 2021-03-05 19:42 - 000262512 ____A [5EEEADF08CFEBB0D487A2899828F2BC5] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\GPUCache\index
2021-03-05 19:42 - 2021-03-05 19:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Local Storage
2021-03-05 19:42 - 2021-03-15 21:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Local Storage\leveldb
2021-03-05 19:43 - 2021-03-05 19:43 - 000070051 ____A [FCE9F192A0F0B6E11FF6B86BD08B4B67] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Local Storage\leveldb\000005.ldb
2021-03-07 17:55 - 2021-03-07 17:55 - 000125501 ____A [8F511BF971395102A3E19E2890330CFC] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Local Storage\leveldb\000018.ldb
2021-03-10 21:52 - 2021-03-10 21:52 - 000129612 ____A [72AF437ED942A7F1AB4611CA6FC35811] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Local Storage\leveldb\000020.ldb
2021-03-10 21:52 - 2021-03-10 21:52 - 000212925 ____A [E922E9F95E45E42B50F70CB9B089236D] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Local Storage\leveldb\000021.log
2021-03-05 19:42 - 2021-03-05 19:42 - 000000016 ____A [46295CAC801E5D4857D09837238A6394] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Local Storage\leveldb\CURRENT
2021-03-05 19:42 - 2021-03-11 00:23 - 000000285 ____A [48874C9829DE17157B4897B92928F31F] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Local Storage\leveldb\LOG
2021-03-05 19:42 - 2021-03-10 21:52 - 000000701 ____A [3D41681B97FA6F893233BA33A83BD8AE] () C:\Users\Baz\AppData\Local\Temp\cep_cache\PHXS_20.0.6_com.adobe.ccx.start\Local Storage\leveldb\MANIFEST-000001
2021-03-16 08:45 - 2021-03-16 08:45 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\collab_low
2021-03-03 23:28 - 2021-03-05 20:23 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\CreativeCloud
2021-03-04 02:00 - 2021-03-04 02:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\CreativeCloud\ACC
2021-03-04 02:00 - 2021-03-04 02:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\CreativeCloud\ACC\AdobeDownload
2021-03-04 02:00 - 2021-03-16 02:00 - 000036846 ____A [0CF79FACF07B7D650472B3F112965F1E] () C:\Users\Baz\AppData\Local\Temp\CreativeCloud\ACC\AdobeDownload\DLM.log
2021-03-03 23:28 - 2021-03-05 19:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\CreativeCloud\CCX Welcome
2021-03-03 23:28 - 2021-03-16 08:52 - 000167424 ____A [32F5D2773D3B7050AE9468D4AF45FB3E] () C:\Users\Baz\AppData\Local\Temp\CreativeCloud\CCX Welcome\CCX Process.log
2021-03-05 19:42 - 2021-03-11 00:23 - 000355706 ____A [2593B042AA26C1504E64B839D5FFFBF7] () C:\Users\Baz\AppData\Local\Temp\CreativeCloud\CCX Welcome\Start(2.7.2.13)-PHXS-20.0.6.log
2021-03-05 20:23 - 2021-03-05 20:23 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\CreativeCloud\Creative Cloud Libraries
2021-03-05 20:23 - 2021-03-11 01:15 - 000086730 ____A [9C0BF8DD3608669382BE76768281A365] () C:\Users\Baz\AppData\Local\Temp\CreativeCloud\Creative Cloud Libraries\CC Library Process.log
2021-03-03 08:02 - 2021-03-03 08:05 - 000000000 __SHD [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\eset.temp
2021-03-03 08:02 - 2021-03-12 02:11 - 000000000 ___HD [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\eset.temp\{02D83BBE-0DC9-D7C6-1FFC-38CFD93B4EC9}
2021-03-03 08:05 - 2021-03-12 02:11 - 000000000 ___HD [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\eset.temp\{02D83BBE-3849-AED0-016C-3ECFE51EDAE8}
2021-03-09 22:31 - 2021-03-09 22:31 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1
2021-03-09 22:31 - 2021-03-09 22:31 - 000001406 ____A [22395F88CDFFFAE169C71623926D4C70] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1\colors.xml
2021-03-09 22:31 - 2021-03-09 22:31 - 000000757 ____A [F87D16ECC5678A6083747EACF091CC44] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1\configure.xml
2021-03-09 22:31 - 2021-03-09 22:31 - 000009984 ____A [10DDBDECBDA46A151664605DB12903D6] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1\delegates.xml
2021-03-09 22:31 - 2021-03-09 22:31 - 000052756 ____A [3BF9F7B4B76A4BB41ABA5CC202D10AFB] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1\english.xml
2021-03-09 22:31 - 2021-03-09 22:31 - 000002448 ____A [56749AE24B7B0A77F487AB2BF5F3538F] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1\locale.xml
2021-03-09 22:31 - 2021-03-09 22:31 - 000000954 ____A [FF086140D3124914BDDB13E39E7B3341] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1\log.xml
2021-03-09 22:31 - 2021-03-09 22:31 - 015731408 ____A [476796AA87C630968148B4BC39C8AAFD] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1\Magick.Native-Q8-x64.dll
2021-03-09 22:31 - 2021-03-09 22:31 - 000002774 ____A [221C2CCF1C71B447F60F7DAB02B3A53D] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1\policy.xml
2021-03-09 22:31 - 2021-03-09 22:31 - 000011636 ____A [08AAC833FC483BF4C754CFF2CFCA607E] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1\thresholds.xml
2021-03-09 22:31 - 2021-03-09 22:31 - 000000691 ____A [59DB9FDDFCD6FB9F80BB6FEC1F219C48] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1\type.xml
2021-03-09 22:31 - 2021-03-09 22:31 - 000009470 ____A [378A34F7E42A6CDBB321974ECF3F75BF] () C:\Users\Baz\AppData\Local\Temp\Magick.NET.net40.7.20.0.1\type-ghostscript.xml
2021-03-15 21:22 - 2021-03-15 21:22 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\mbam
2021-03-15 21:22 - 2021-03-16 00:21 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\mbam\qt-jl-icons
2021-03-16 00:21 - 2021-03-16 00:21 - 000004286 ____A [91A74C169917BEE7CB2C8EF9DC74ECBE] () C:\Users\Baz\AppData\Local\Temp\mbam\qt-jl-icons\16879859b90.ico
2021-03-16 00:21 - 2021-03-16 00:21 - 000004286 ____A [91A74C169917BEE7CB2C8EF9DC74ECBE] () C:\Users\Baz\AppData\Local\Temp\mbam\qt-jl-icons\16879859d00.ico
2021-03-15 21:22 - 2021-03-15 21:22 - 000004286 ____A [91A74C169917BEE7CB2C8EF9DC74ECBE] () C:\Users\Baz\AppData\Local\Temp\mbam\qt-jl-icons\1de903cd9f0.ico
2021-03-15 21:22 - 2021-03-15 21:22 - 000004286 ____A [91A74C169917BEE7CB2C8EF9DC74ECBE] () C:\Users\Baz\AppData\Local\Temp\mbam\qt-jl-icons\1de903cda90.ico
2021-03-05 00:29 - 2021-03-05 00:29 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\MicroImageDir
2021-03-05 00:29 - 2021-03-15 21:42 - 000889917 ____A [ECA037A7865ED257891E1D22C04967DA] () C:\Users\Baz\AppData\Local\Temp\MicroImageDir\Gremz.jpg
2021-03-15 21:42 - 2021-03-15 21:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\MicroThemePackDir
2021-03-09 18:31 - 2021-03-10 11:21 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\Notification Cache
2021-03-10 11:21 - 2021-03-10 11:21 - 000000958 ____A [7342474772054B7689BA3EDB96B26C8C] () C:\Users\Baz\AppData\Local\Temp\Notification Cache\277455d7c6ab870a9f60c39d9a8f8747.png
2021-03-10 09:16 - 2021-03-10 09:16 - 000013687 ____A [7CCB79873E8F6E9C104199E94A3308EF] () C:\Users\Baz\AppData\Local\Temp\Notification Cache\95f7be9b17a91bd1963cbd7076dcbf4a.png
2021-03-10 10:52 - 2021-03-10 10:52 - 000000958 ____A [7342474772054B7689BA3EDB96B26C8C] () C:\Users\Baz\AppData\Local\Temp\Notification Cache\afce6371aa626bf659215724f7c5928d.png
2021-03-15 10:06 - 2021-03-15 10:06 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\nse86C3.tmp
2020-12-10 10:24 - 2020-12-10 10:24 - 054062277 ____A [157721810A9A04F1335EB147D0A00F0E] () C:\Users\Baz\AppData\Local\Temp\nse86C3.tmp\app-64.7z
2021-03-15 10:06 - 2021-03-15 10:06 - 000434176 ____A [80E44CE4895304C6A3A831310FBF8CD0] (Igor Pavlov) C:\Users\Baz\AppData\Local\Temp\nse86C3.tmp\nsis7z.dll
2021-03-15 10:06 - 2021-03-15 10:06 - 000004608 ____A [F0438A894F3A7E01A4AAE8D1B5DD0289] () C:\Users\Baz\AppData\Local\Temp\nse86C3.tmp\nsProcess.dll
2021-03-15 10:06 - 2020-08-17 12:33 - 000540264 ____A [3A752F416F90A13544732934D5676B7C] (Dominik Levitsky Studio, LLC) C:\Users\Baz\AppData\Local\Temp\nse86C3.tmp\old-uninstaller.exe
2021-03-15 10:06 - 2021-03-15 10:06 - 000102400 ____A [C6A6E03F77C313B267498515488C5740] (Muldersoft.com Free Software Division) C:\Users\Baz\AppData\Local\Temp\nse86C3.tmp\StdUtils.dll
2021-03-15 10:06 - 2021-03-15 10:06 - 000012288 ____A [0D7AD4F45DC6F5AA87F606D0331C6901] () C:\Users\Baz\AppData\Local\Temp\nse86C3.tmp\System.dll
2021-03-15 10:06 - 2021-03-15 10:06 - 000014848 ____A [ADB29E6B186DAA765DC750128649B63D] () C:\Users\Baz\AppData\Local\Temp\nse86C3.tmp\UAC.dll
2021-03-15 10:06 - 2021-03-15 10:06 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\nsk8953.tmp
2021-03-15 10:06 - 2021-03-15 10:06 - 000004608 ____A [F0438A894F3A7E01A4AAE8D1B5DD0289] () C:\Users\Baz\AppData\Local\Temp\nsk8953.tmp\nsProcess.dll
2021-03-12 02:24 - 2021-03-12 02:24 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\nszB2AE.tmp
2021-03-10 23:29 - 2021-03-10 23:29 - 074742021 ____A [3B6463910A17E4CFE976DB9BD0A5E997] () C:\Users\Baz\AppData\Local\Temp\nszB2AE.tmp\app-64.7z
2021-03-12 02:24 - 2021-03-12 02:24 - 000434176 ____A [80E44CE4895304C6A3A831310FBF8CD0] (Igor Pavlov) C:\Users\Baz\AppData\Local\Temp\nszB2AE.tmp\nsis7z.dll
2021-03-12 02:24 - 2021-03-12 02:24 - 000004608 ____A [F0438A894F3A7E01A4AAE8D1B5DD0289] () C:\Users\Baz\AppData\Local\Temp\nszB2AE.tmp\nsProcess.dll
2021-03-12 02:24 - 2021-02-27 04:12 - 000508128 ____A [F4B9F90D583581BA4285991316CB0F9F] (Notion Labs, Incorporated) C:\Users\Baz\AppData\Local\Temp\nszB2AE.tmp\old-uninstaller.exe
2021-03-12 02:24 - 2021-03-12 02:24 - 000102400 ____A [C6A6E03F77C313B267498515488C5740] (Muldersoft.com Free Software Division) C:\Users\Baz\AppData\Local\Temp\nszB2AE.tmp\StdUtils.dll
2021-03-12 02:24 - 2021-03-12 02:24 - 000012288 ____A [0D7AD4F45DC6F5AA87F606D0331C6901] () C:\Users\Baz\AppData\Local\Temp\nszB2AE.tmp\System.dll
2021-03-12 02:24 - 2021-03-12 02:24 - 000003072 ____A [1CC7C37B7E0C8CD8BF04B6CC283E1E56] () C:\Users\Baz\AppData\Local\Temp\nszB2AE.tmp\WinShell.dll
2021-03-11 21:50 - 2021-03-11 21:51 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir
2021-03-11 21:51 - 2021-03-11 22:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\30850C4E42D69E7C3333DCB4A812A91B
2021-03-11 21:51 - 2021-03-11 21:59 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\30850C4E42D69E7C3333DCB4A812A91B\0
2021-03-11 21:51 - 2021-03-11 21:59 - 000258207 ____A [11634D5C8CB9140CCA481A93283397B1] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\30850C4E42D69E7C3333DCB4A812A91B\0\WorkerInputOnly.in
2021-03-11 21:51 - 2021-03-11 22:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\30850C4E42D69E7C3333DCB4A812A91B\1
2021-03-11 21:51 - 2021-03-11 22:00 - 000258170 ____A [48F5AE29124F17D4D4EC1970176EDE8A] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\30850C4E42D69E7C3333DCB4A812A91B\1\WorkerInputOnly.in
2021-03-11 21:51 - 2021-03-11 22:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\30850C4E42D69E7C3333DCB4A812A91B\2
2021-03-11 21:51 - 2021-03-11 22:00 - 000258207 ____A [5E4B85D651E2DA4B3C7FE865CCB62A41] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\30850C4E42D69E7C3333DCB4A812A91B\2\WorkerInputOnly.in
2021-03-11 21:51 - 2021-03-11 21:59 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\30850C4E42D69E7C3333DCB4A812A91B\3
2021-03-11 21:51 - 2021-03-11 21:59 - 000258170 ____A [74EEF810AC9913E8583326A0BD67E642] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\30850C4E42D69E7C3333DCB4A812A91B\3\WorkerInputOnly.in
2021-03-11 21:51 - 2021-03-11 22:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\30850C4E42D69E7C3333DCB4A812A91B\4
2021-03-11 21:51 - 2021-03-11 22:00 - 000258170 ____A [18F9E60C2C7E97C49CC01648FA882C54] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\30850C4E42D69E7C3333DCB4A812A91B\4\WorkerInputOnly.in
2021-03-11 21:50 - 2021-03-11 22:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\6435D8AD423CEC132308BB99C742C30E
2021-03-11 21:50 - 2021-03-11 22:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\6435D8AD423CEC132308BB99C742C30E\0
2021-03-11 21:50 - 2021-03-11 22:00 - 000258207 ____A [D60AB0999C5A9A750B44F78A51800EEF] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\6435D8AD423CEC132308BB99C742C30E\0\WorkerInputOnly.in
2021-03-11 21:50 - 2021-03-11 22:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\6435D8AD423CEC132308BB99C742C30E\1
2021-03-11 21:50 - 2021-03-11 22:00 - 000258170 ____A [7B526D70FCFFD4A6F1682CDCDB56808A] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\6435D8AD423CEC132308BB99C742C30E\1\WorkerInputOnly.in
2021-03-11 21:50 - 2021-03-11 22:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\6435D8AD423CEC132308BB99C742C30E\2
2021-03-11 21:50 - 2021-03-11 22:00 - 000258170 ____A [7374FAD08ED7967AE73C4A1CCEED8CA2] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\6435D8AD423CEC132308BB99C742C30E\2\WorkerInputOnly.in
2021-03-11 21:50 - 2021-03-11 22:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\6435D8AD423CEC132308BB99C742C30E\3
2021-03-11 21:50 - 2021-03-11 22:00 - 000258226 ____A [6FE24DCADD4430923A9814BF74F368D0] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\6435D8AD423CEC132308BB99C742C30E\3\WorkerInputOnly.in
2021-03-11 21:50 - 2021-03-11 22:00 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\6435D8AD423CEC132308BB99C742C30E\4
2021-03-11 21:50 - 2021-03-11 22:00 - 000258226 ____A [B7D06A64F0994EE56662BF4B2AC115B8] () C:\Users\Baz\AppData\Local\Temp\UnrealShaderWorkingDir\6435D8AD423CEC132308BB99C742C30E\4\WorkerInputOnly.in
2021-03-11 23:46 - 2021-03-15 21:42 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Baz\AppData\Local\Temp\WhatsApp Crashes
2021-03-11 23:46 - 2021-03-12 21:16 - 001048576 ____A [B59113C2DCD2D346F31A64F231162ADA] () C:\Users\Baz\AppData\Local\Temp\WhatsApp Crashes\CrashpadMetrics.pma
2021-03-11 23:46 - 2021-03-14 19:05 - 001048576 ____A [B59113C2DCD2D346F31A64F231162ADA] () C:\Users\Baz\AppData\Local\Temp\WhatsApp Crashes\CrashpadMetrics-active.pma
2021-03-11 23:46 - 2021-03-11 23:46 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\WhatsApp Crashes\metadata
2021-03-11 23:46 - 2021-03-11 23:46 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Baz\AppData\Local\Temp\WhatsApp Crashes\operation_log.txt
2021-03-11 23:46 - 2021-03-14 19:05 - 000000040 ____A [A60A55D019169E4120AF3079A5E5A9CC] () C:\Users\Baz\AppData\Local\Temp\WhatsApp Crashes\settings.dat
 
====== End of Folder: ======
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1355175439 B
Java, Flash, Steam htmlcache => 420366134 B
Windows/system/drivers => 12731037 B
Edge => 3300074 B
Chrome => 238934425 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 110 B
ProgramData => 110 B
Public => 110 B
systemprofile => 110 B
systemprofile32 => 262766 B
LocalService => 270788 B
NetworkService => 2794208 B
Baz => 326336101 B
 
RecycleBin => 750 B
EmptyTemp: => 2.2 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 09:08:01 ====
 
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build:    02-15-2021
# Database: 2021-01-11.1 (Local)
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    03-16-2021
# Duration: 00:00:08
# OS:       Windows 10 Pro
# Scanned:  3903
# Detected: 0
 
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
No malicious folders found.
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
No malicious registry entries found.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries found.
 
***** [ Chromium URLs ] *****
 
No malicious Chromium URLs found.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries found.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs found.
 
***** [ Hosts File Entries ] *****
 
No malicious hosts file entries found.
 
***** [ Preinstalled Software ] *****
 
No Preinstalled Software found.
 
 
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
 

#7 JSntgRvr

JSntgRvr

    Malware Fighter


  • Avatar image
  • Malware Response Team
  • 15,212 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:02 AM

Posted 16 March 2021 - 12:59 PM

Thanks for your reply, will proceed with frst fix and adwcleaner.

 

But do I have a virus or malware and if so, which one and what does it do ?

All I see are many orphaned entries. I did remove those and emptied the temp folders. No malware is present.

 

How is the computer doing?


No request for help throughout private messaging will be attended.

Unactive logs for mor more than four (4) days will be closed

#8 makki

makki
  • Topic Starter

  • Avatar image
  • Members
  • 6 posts
  • OFFLINE
    •  
  • Local time:11:02 AM

Posted 16 March 2021 - 04:14 PM

Thanks for your reply ! I did the FRST fix and Adwcleaner found nothing.

 

I had a series of startups with internet on again. 

Globally everything seems fine, but right now on maybe the third startup with internet on, right after being onto desktop I notice 3-4 black windows appearing (like cmd ones) appearing and disappearing very shortly like 1/4 of a second.

By doing google searches it seems that it happened to other users too, and as far as I understand it can be a harmless windows startup bug thing or a malware.

Note that these day's i've also frequently had "this app is preventing shutdown" when shutting down, with no app name neither icon.

 

No weird behavior otherwise, no strange process running (except Antimalware Service Executable/Windows Defender Antivirus Service) which is hopefully normal.

I checked startup programs and mad an autorun.exe, found nothing weird.

 

It still worries me a bit, is there anything else I can do or some deepscan to check if there is something wrong ?

 

Thank you in advance


#9 JSntgRvr

JSntgRvr

    Malware Fighter


  • Avatar image
  • Malware Response Team
  • 15,212 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:02 AM

Posted 16 March 2021 - 05:05 PM

Some executable may trigger a Command window at startup.

 

Lets try ESET:

 

Temporarily disable your AntiVirus and AntiSpyware protection - instructions here.

 

  • Click the SCAN NOW button to download the esetonlinescanner_enu.exe file to the Desktop
  • Double click esetonlinescanner_enu.exe. Accept the Terms of Use
  • Select Enable detection of potentially unwanted applications
  • In Advanced Settings: make sure that Clean threats automatically is unchecked
  • And Enable detection of potentially unsafe applications, Enable detection of suspicious applications, Scan archives, and Enable Anti-Stealth technology are all checked.
  • Click Scan
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When completed it'll show a list of "Threats found", click beneath it on Save to text file.... and save it as ESET log.txt on your Desktop.
  • Then click Do not clean. Place a checkmark at Delete application's data on close, click Finish and close the program.
 
 
Post the ESET log.txt report.
 
Don't forget to re-enable previously switched-off protection software!

No request for help throughout private messaging will be attended.

Unactive logs for mor more than four (4) days will be closed

#10 makki

makki
  • Topic Starter

  • Avatar image
  • Members
  • 6 posts
  • OFFLINE
    •  
  • Local time:11:02 AM

Posted 17 March 2021 - 07:14 PM

Thanks for your reply !

ESET found nothing. No strange behavior today. I think and hope these commande windows are related to scheduled tasks, and that my PC is starting to get old after 3 years and a half of installing various software. I will probably make a clean and fresh windows install soon.

 

Thanks a lot for your help !

 

17/03/2021 08:12:37
Fichiers analysés: 1003095
Fichiers détectés: 0
Fichiers nettoyés: 0
Temps d'analyse total 01:18:29
État de l'analyse: Terminé

#11 JSntgRvr

JSntgRvr

    Malware Fighter


  • Avatar image
  • Malware Response Team
  • 15,212 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:02 AM

Posted 17 March 2021 - 10:53 PM

You are welcome. :)


No request for help throughout private messaging will be attended.

Unactive logs for mor more than four (4) days will be closed

#12 JSntgRvr

JSntgRvr

    Malware Fighter


  • Avatar image
  • Malware Response Team
  • 15,212 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:02 AM

Posted 22 March 2021 - 09:38 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

No request for help throughout private messaging will be attended.

Unactive logs for mor more than four (4) days will be closed

Back to Virus, Trojan, Spyware, and Malware Removal Help


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Help
  4. Privacy Policy
  5. Rules ·