Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2020
Ran by Stepan (13-04-2020 09:39:28)
Running from C:\Users\Stepan\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Home Version 1909 18363.720 (X64) (2019-10-04 14:33:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-600410608-1858306824-1911990453-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-600410608-1858306824-1911990453-503 - Limited - Disabled)
Diane (S-1-5-21-600410608-1858306824-1911990453-1007 - Limited - Enabled) => C:\Users\Diane
Guest (S-1-5-21-600410608-1858306824-1911990453-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-600410608-1858306824-1911990453-1003 - Limited - Enabled)
Jordyn (S-1-5-21-600410608-1858306824-1911990453-1005 - Limited - Enabled) => C:\Users\Jordyn
Natasha (S-1-5-21-600410608-1858306824-1911990453-1006 - Limited - Enabled) => C:\Users\Natasha
NeroMediaHomeUser.4 (S-1-5-21-600410608-1858306824-1911990453-1004 - Limited - Enabled) => C:\Users\NeroMediaHomeUser.4
Stepan (S-1-5-21-600410608-1858306824-1911990453-1001 - Administrator - Enabled) => C:\Users\Stepan
WDAGUtilityAccount (S-1-5-21-600410608-1858306824-1911990453-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\uTorrent) (Version: 3.5.5.45608 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.0.501 - ABBYY Production LLC)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Administrative Templates (ADMX) for Windows 10 (HKLM-x32\...\{166A4A62-D19E-4DFB-8499-FBA08716D847}) (Version: 1.0 - Microsoft Corporation)
Administrative Templates (ADMX) for Windows 10 Version 1511 (HKLM-x32\...\{39E58F1A-1DE1-4B60-8ECF-B54E2580D59C}) (Version: 1.0 - Microsoft Corporation)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
Camera RAW Plug-In for EPSON Creativity Suite (HKLM-x32\...\{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}) (Version: 2.1.0.0 - )
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.50.1 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.30.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.30.0 - Canon Inc.)
Chicken Invaders 5 - Cluck of the Dark Side (HKLM-x32\...\Chicken Invaders 5 - Cluck of the Dark Side1.1) (Version: 1.1 - Foxy Games)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0.6603 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2109.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2109.0 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4704.58 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.5.3.2325 - CyberLink Corp.)
CyberLink PowerProducer 6 (HKLM-x32\...\InstallShield_{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}) (Version: 6.0.2103.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
EPSON Artisan 1430 Series Printer Uninstall (HKLM\...\EPSON Artisan 1430 Series) (Version:  - SEIKO EPSON Corporation)
Epson Copy Utility 4 (HKLM-x32\...\{06A7E8AB-2856-4490-BAA9-F338ABE7695A}) (Version: 4.01.0001 - Seiko Epson Corporation)
EPSON CopyFactory (HKLM-x32\...\{52B4C42B-A110-4236-95C8-AA4B137C16AC}) (Version: 4.7.0.0 - Seiko Epson Corporation)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.82.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{0324C972-6139-489C-9003-857C4F195A80}) (Version: 3.10.0094 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON PERFECTION V30_V300 PHOTO Manual (HKLM-x32\...\EPSON PERFECTION V30_V300 PHOTO User’s Guide) (Version:  - )
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.05.00 - SEIKO EPSON CORPORATION)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Epson Software Updater (HKLM-x32\...\{4830989D-5FA5-41DF-A02F-5D1B4D5C73B8}) (Version: 4.4.10 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
File Type Advisor 1.6 (HKLM-x32\...\File Type Advisor_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Intel(R) Chipset Device Software (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Total Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.10 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Nero 2016 Content Pack (HKLM-x32\...\{006F5CFF-ED35-41AF-9B2A-F52B0F545BF4}) (Version: 17.0.00200 - Nero AG)
Nero MediaHome 4 Essentials (HKLM-x32\...\{c58b8d2f-2381-4a7e-8037-50e713f5781f}) (Version:  - Nero AG)
Nero MediaHome Free (HKLM-x32\...\{14A8A437-1BC1-4B14-8887-3B5EF324A7FA}) (Version: 16.0.00800 - Nero AG)
Network Guide EPSON Artisan 1430 Series (HKLM-x32\...\EPSON Artisan 1430 Series Netg) (Version:  - )
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials II for PowerDirector (HKLM\...\NewBlue Video Essentials II for Cyberlink) (Version: 3.0 - NewBlue)
NewBlue Video Essentials III for PowerDirector (HKLM\...\NewBlue Video Essentials III for Cyberlink) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Graphics Driver 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.67.39484 - Electronic Arts, Inc.)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PHOTOfunSTUDIO 9.0 SE (HKLM-x32\...\{42B815EE-C908-4FE4-8B8E-E8B907F5B06F}) (Version: 9.00.312 - Panasonic Corporation)
Prerequisite installer (HKLM-x32\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0003 - Nero AG) Hidden
Prolific Backup (HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\{D88A7919-C81E-4F6A-8B77-D1B2E42EE0CD}) (Version: 3.9.1.8 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.91.1119.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SteamWorld Dig (HKLM-x32\...\{F81E6BA3-5772-4435-B635-D71E90130052}) (Version: 1.10.0.0 - Image & Form)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tom Clancys Rainbow Six Siege (HKLM-x32\...\Tom Clancys Rainbow Six Siege_is1) (Version:  - )
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.00 - Ubisoft)
TP-LINK USB Printer Controller (HKLM-x32\...\{3EC900B5-28EE-4472-A9FF-B11A879EC838}) (Version: 1.12.0927 - TP-LINK)
Treasure Pack v1.1 for Super DX-Ball Deluxe (HKLM-x32\...\Treasure Pack for Super DX-Ball Deluxe_is1) (Version: 1.1 - BlitWise Productions, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
User's Guide EPSON Artisan 1430 Series (HKLM-x32\...\EPSON Artisan 1430 Series Useg) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Web Companion (HKLM-x32\...\{bd7f0292-d7af-4561-a3d7-62854d9c1732}) (Version: 4.10.2225.4082 - Lavasoft)
Windows 10 Codec Pack 2.0.8 (HKLM-x32\...\Windows 10 - Codec Pack) (Version: 2.0.8 - Windows 10 Codec Pack)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2015-08-08] (ASUSTeK COMPUTER INC.)
Despicable Me: Minion Rush -> C:\Program Files\WindowsApps\GAMELOFTSA.DespicableMeMinionRush_4.1.4.1_x86__0pp20fcewvvtj [2019-11-08] (GAMELOFT  SA)
Kaspersky Password Manager Extension -> C:\Program Files\WindowsApps\KasperskyLab.KasperskyPasswordManagerExtension_2.9.1.0_x64__8jx5e25qw3tdc [2019-12-18] (Kaspersky Lab)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_1.9.1911.0_x86__8wekyb3d8bbwe [2019-12-20] (Microsoft Studios) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.12130.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-29] (Microsoft Studios) [MS Ad]
Microsoft Wireless Display Adapter -> C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_3.4.137.1000_x64__8wekyb3d8bbwe [2019-06-08] (Microsoft Corporation)
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-12] (Netflix, Inc.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2015-11-14] (Microsoft Corporation)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2015-11-26] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2014-01-30] (ABBYY PRODUCTION LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2014-01-30] (ABBYY PRODUCTION LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\ShellEx.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\system32\prodad-codec.dll [607256 2016-08-26] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [249536 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3635904 2016-10-04] (Cole Williams Software Limited -> x264vfw project)
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited ->  )
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Stepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chicken Invaders 5 - Cluck of the Dark Side\Chicken Invaders 5 - Cluck of the Dark Side.lnk -> C:\Program Files (x86)\Foxy Games\Chicken Invaders 5 - Cluck of the Dark Side\Start_Game.bat ()
ShortcutWithArgument: C:\Users\Stepan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2017-06-02 15:55 - 2020-04-12 19:50 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-08-25 13:06 - 2015-02-18 14:11 - 000112128 _____ () [File not signed] C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2008-08-25 22:50 - 2008-08-25 22:50 - 000155648 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\1033\VBE6INTL.DLL
2019-10-05 13:37 - 2019-10-05 13:37 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2015-06-17 16:44 - 2015-06-17 16:44 - 000500736 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2012-01-14 07:31 - 2020-04-12 08:44 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2012-01-14 07:31 - 2020-04-12 08:44 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2014-11-30 11:10 - 2020-04-12 08:44 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-04-12 08:45 - 2020-04-12 08:44 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-04-12 08:45 - 2020-04-12 08:44 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-04-12 08:45 - 2020-04-12 08:44 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-04-12 08:45 - 2020-04-12 08:44 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-04-12 08:45 - 2020-04-12 08:44 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-04-12 08:45 - 2020-04-12 08:44 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\CLDShowX.ini:Update.CL [5122]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\amazon.com -> hxxps://amazon.com
IE trusted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\123simsen.com -> www.123simsen.com

There are 7914 more sites.

IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\123simsen.com -> www.123simsen.com

There are 7914 more sites.

IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\123simsen.com -> www.123simsen.com

There are 7914 more sites.

IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\123simsen.com -> www.123simsen.com

There are 7914 more sites.

IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\123simsen.com -> www.123simsen.com

There are 7914 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2009-06-11 05:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\ArcSoft\Bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Control Panel\Desktop\\Wallpaper -> c:\users\stepan\appdata\local\microsoft\windows\themes\transcodedwallpaper
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-600410608-1858306824-1911990453-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Jordyn\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-600410608-1858306824-1911990453-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Natasha\Pictures\Camera Roll\vampire diaries logo.jpg
HKU\S-1-5-21-600410608-1858306824-1911990453-1007\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 9.0 SE.lnk => C:\Windows\pss\PHOTOfunSTUDIO 9.0 SE.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Stepan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager"
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Fitbit Connect"
HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12"
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\StartupApproved\Run: => "EPSON Stylus Photo 1410 Series"
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\StartupApproved\Run: => "Fitbit Connect"
HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\StartupApproved\Run: => "EPSON Stylus Photo 1410 Series"
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\StartupApproved\Run: => "Fitbit Connect"
HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\StartupApproved\Run: => "EPSON Stylus Photo 1410 Series"
HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\StartupApproved\Run: => "Fitbit Connect"
HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\StartupApproved\Run: => "EPSON Stylus Photo 1410 Series"
HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\StartupApproved\Run: => "Fitbit Connect"
HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\StartupApproved\Run: => "EPSON Stylus Photo 1410 Series"
HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\StartupApproved\Run: => "Fitbit Connect"
HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{63F5EF56-61E3-4F25-B764-04CABBE70739}C:\users\stepan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\stepan\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{57EBDE8D-766D-4073-BC05-46E4515B922B}C:\users\stepan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\stepan\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [{0628CCDD-AE77-4DAC-8242-B7ADE427C880}] => (Allow) C:\Users\Stepan\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7E0D9499-5C7A-4F6F-B3BA-8A9278D077A4}] => (Allow) C:\Users\Stepan\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BAEBE4F3-BB6F-4A20-AF60-4AE4ED6951DA}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{25D83DEA-0112-4F48-AC36-8D5ECDAF9C21}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{7FA7E24E-FA9F-4902-8E07-62E45EDE71B1}] => (Allow) C:\Program Files (x86)\SlickVPN\slickvpn.exe No File
FirewallRules: [{673E1574-4647-48BB-9533-CB0F08B6D482}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{27994549-1AD4-4C47-8DD6-078E3918F932}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{6B1C3705-FFF0-4CB3-8928-68A3DACE2ADD}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{007F0AB7-F976-48A9-9831-6E2EFB77017D}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe (Electronic Arts -> Electronic Arts - BioWare)
FirewallRules: [{411D4F9B-45B3-43A3-8E02-9912FD386CC9}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe (Electronic Arts -> Electronic Arts - BioWare)
FirewallRules: [{CC7D53D7-8696-43B3-A44E-8FD588174934}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{4B9790BB-9335-4114-AB67-758F8C023A70}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{27E6121D-D0FE-4F81-8C88-628F701AC7BD}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{7E6E1163-2B07-4EE1-AA95-5E7102F2BE23}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{21A9EF4D-3555-4B20-B1B1-F8BC861304AF}] => (Allow) C:\Program Files (x86)\SlickVPN\slickvpn.exe No File
FirewallRules: [{3C2C7772-664A-41C0-88D0-0C6AAFC1DD10}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{6190AE6F-5BBD-4741-BD8B-92B4D3C89D02}] => (Allow) C:\Program Files (x86)\Origin Games\SteamWorld Dig\SteamWorldDig.exe (Electronic Arts -> )
FirewallRules: [{6C589FE3-7BC6-45C1-B2CA-C8B419A10036}] => (Allow) C:\Program Files (x86)\Origin Games\SteamWorld Dig\SteamWorldDig.exe (Electronic Arts -> )
FirewallRules: [{CA4C3B06-2FF2-49B9-B4A7-0AEBC1545858}] => (Allow) C:\Users\Stepan\AppData\Local\Programs\Opera\45.0.2552.892\opera.exe No File
FirewallRules: [{97F5FD09-A354-4BBB-9C0B-1C9D367987D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{87EA50CA-C85D-4A76-980F-B789313EB7E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{71E6AAFA-E238-4B08-9F30-CCC1119CAF0D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{661C3A1A-7CD8-4E51-8C33-ED8CD9B088E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{A6C8F960-1143-499A-80CC-2D51C73986F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{81CB942F-685E-45F8-8886-D43E658AC97B}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe (Electronic Arts -> BioWare)
FirewallRules: [{11868A1E-7B92-4DA6-BBB7-28AE6F6D8113}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe (Electronic Arts -> BioWare)
FirewallRules: [{B88831DC-C27B-4E9E-B1FB-0CA7BC864879}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{397D0BFA-2F1A-456F-AE22-96BEAF23E36A}] => (Allow) C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe () [File not signed]
FirewallRules: [{C8F06330-4A56-4D9B-A034-BE271BA1E07A}] => (Allow) C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe () [File not signed]
FirewallRules: [{5D85116B-5834-42C6-8A85-0C5D579E82FC}] => (Allow) LPort=7437
FirewallRules: [{43506C00-5517-4F5C-891B-61704A50BA61}] => (Allow) C:\Users\Stepan\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe No File
FirewallRules: [{7226139F-45D0-4DAD-84BC-88458E9DF7BD}] => (Allow) C:\Users\Stepan\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe No File
FirewallRules: [{861C0AEA-825C-4B98-BA4E-9D622AA7B67C}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{4C521B11-1765-4AEE-8420-C7EB6A9E79FA}] => (Allow) C:\Program Files (x86)\SlickVPN\slickvpn.exe No File
FirewallRules: [{609E358A-46D8-4F07-9AAD-BCC8EB78D4B3}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{5AB0F217-C2E6-4AB0-A1EF-DE867EF9251D}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{C2C0B3AC-23BA-419C-BC65-CAB42001CDAA}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{B02AB2F6-3F8B-4AC5-9E9A-E8AC06A46F61}] => (Allow) C:\Program Files (x86)\SlickVPN\slickvpn.exe No File
FirewallRules: [{9CCE5909-42A8-494E-B0CA-9E0F8108E79C}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{E69F07A1-1017-4F11-8492-4687C009029F}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{52A50E28-3780-4851-B3B8-69409A589A7C}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{427D6A1F-5609-496C-BD8B-8ECFA493BE53}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{B1ECFB1C-DA72-4CE7-BC51-A389E8701911}] => (Allow) C:\Program Files (x86)\SlickVPN\slickvpn.exe No File
FirewallRules: [{FFDC7595-45DB-4B46-AA2A-3C12F0BEF01A}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{46CBE64F-69F7-47BF-B06C-E7BEC8FB3A75}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{97421A2C-0C8D-4F66-AFAC-9FC536D22759}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{487B9D0B-74C8-43F9-AD21-711231E837C4}] => (Allow) C:\Program Files (x86)\SlickVPN\slickvpn.exe No File
FirewallRules: [{5490BAD7-3924-43D5-AF50-B59DF774B890}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{AE54685F-9BA0-417D-9AD3-01C5CF648A72}] => (Allow) C:\Program Files (x86)\SlickVPN\resources\bin\win32\openvpn.exe No File
FirewallRules: [{487A6627-3525-4AFE-B348-3B93E4BC1D29}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe (Electronic Arts -> BioWare)
FirewallRules: [{D2290D92-D732-481B-8FDC-F24740D4019D}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe (Electronic Arts -> BioWare)
FirewallRules: [{6CFF4968-3013-4B4A-952D-46075AECEC52}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{5FA4761C-A75B-4E8C-8940-86B334D974EC}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{ACD344B5-3C47-43AA-9B80-BE48C5A1E400}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C4FB434D-A4D3-4CB9-8CE3-B5451B85EB15}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{73921BFB-5E37-4F9D-9F9A-56C74A39BD28}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{591A1799-FC4E-40B0-8946-3EE9B348ED1E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{CA35F41E-9164-4BF0-9EFD-AA0322E93973}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A7045599-AAC5-4D45-8C31-954E2EF5E0D0}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe () [File not signed]
FirewallRules: [{50B7AAB7-9EC5-4502-B350-1E710B4DE097}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe () [File not signed]
FirewallRules: [{51F224D0-9555-4CAE-91C4-4613D0D2964E}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C5AB63E7-F2A1-4AC6-BDFE-2E920C60682D}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

==================== Restore Points =========================

12-04-2020 09:44:20 Removed Apple Application Support (32-bit)
12-04-2020 19:01:42 Windows Backup

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/13/2020 09:44:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: utorrentie.exe, version: 1.0.0.45608, time stamp: 0x5e62cb5b
Faulting module name: utorrentie.exe, version: 1.0.0.45608, time stamp: 0x5e62cb5b
Exception code: 0xc0000005
Fault offset: 0x00017839
Faulting process id: 0x115c
Faulting application start time: 0x01d6112d0a1224c8
Faulting application path: C:\Users\Stepan\AppData\Roaming\uTorrent\updates\3.5.5_45608\utorrentie.exe
Faulting module path: C:\Users\Stepan\AppData\Roaming\uTorrent\updates\3.5.5_45608\utorrentie.exe
Report Id: ec168254-7272-4438-b5e2-42fa94873eed
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/13/2020 09:41:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Solitaire.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 13b8

Start Time: 01d6112ecf79c197

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe\Solitaire.exe

Report Id: 06324bbb-d27a-4e3b-a277-d504223f4f6f

Faulting package full name: Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (04/13/2020 09:19:45 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17564,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/13/2020 09:14:29 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3388,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/13/2020 09:02:07 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13980,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/13/2020 08:52:17 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4752,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/13/2020 08:42:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14520,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/12/2020 08:01:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6536,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (04/13/2020 08:56:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (04/13/2020 08:56:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AppX Deployment Service (AppXSVC) service to connect.

Error: (04/12/2020 08:19:29 PM) (Source: DCOM) (EventID: 10010) (User: Stepan-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (04/12/2020 08:19:29 PM) (Source: DCOM) (EventID: 10010) (User: Stepan-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (04/12/2020 08:19:29 PM) (Source: DCOM) (EventID: 10010) (User: Stepan-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (04/12/2020 08:19:29 PM) (Source: DCOM) (EventID: 10010) (User: Stepan-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (04/12/2020 08:19:29 PM) (Source: DCOM) (EventID: 10010) (User: Stepan-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (04/12/2020 08:19:29 PM) (Source: DCOM) (EventID: 10010) (User: Stepan-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================

Date: 2020-04-12 19:53:37.764
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-12 19:53:37.196
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-12 19:53:37.141
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-12 19:53:37.102
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-12 19:53:36.505
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-12 19:53:36.486
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-12 19:53:10.584
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-04-12 19:53:10.565
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 2001 06/16/2014
Motherboard: ASUSTeK COMPUTER INC. H81M-PLUS
Processor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Percentage of memory in use: 42%
Total physical RAM: 8127.7 MB
Available physical RAM: 4645.34 MB
Total Virtual: 16319.7 MB
Available Virtual: 11508.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.98 GB) (Free:510.55 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:74.53 GB) (Free:2.2 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:465.75 GB) (Free:63.12 GB) NTFS

\\?\Volume{d1cf5b0c-0000-0000-0000-f0bee8000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D1CF5B0C)
Partition 1: (Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=541 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: E6CAE6CA)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 069A6176)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================