Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-08-2020 Ran by User (19-08-2020 19:33:34) Running from C:\Users\User\Desktop Windows 10 Pro Version 2004 19041.450 (X64) (2020-08-13 08:24:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1315945748-2372567203-217578743-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1315945748-2372567203-217578743-503 - Limited - Disabled) Guest (S-1-5-21-1315945748-2372567203-217578743-501 - Limited - Disabled) User (S-1-5-21-1315945748-2372567203-217578743-1001 - Administrator - Enabled) => C:\Users\User WDAGUtilityAccount (S-1-5-21-1315945748-2372567203-217578743-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20041 - Adobe Systems Incorporated) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Belarc Advisor 9.6 (HKLM-x32\...\Belarc Advisor) (Version: 9.6.0.0 - Belarc Inc.) Blitz 1.11.8 (HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.11.8 - Blitz, Inc.) Discord (HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\Discord) (Version: 0.0.307 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.125 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{8a13c1a0-15ca-4939-92ea-9a745169ba28}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1003 - Intel Corporation) Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation) LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Legends of Runeterra (HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\Riot Game bacon.live) (Version: - Riot Games, Inc) Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.61 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - ) Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\OneDriveSetup.exe) (Version: 20.124.0621.0006 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 1.7.1 - Microsoft Corporation) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation) NVIDIA תכנת PhysX מערכת 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 6.8 - Power Software Ltd) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.42.526.2020 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8569 - Realtek Semiconductor Corp.) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Spotify (HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\Spotify) (Version: 1.1.39.612.g1e7e78a4 - Spotify AB) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) VALORANT (HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Zoom (HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) Средства проверки правописания Microsoft Office 2016 — русский (HKLM-x32\...\{90160000-001F-0419-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden כלי ההגהה של Microsoft Office 2016 - עברית (HKLM-x32\...\{90160000-001F-040D-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden לוח הבקרה של NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden עדכוני NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden Packages: ========= HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.1.41.0_x64__0a78dr3hq0pvt [2020-08-14] (HyperX Gaming) [Startup Task] Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt [2020-06-11] (INTEL CORP) [Startup Task] Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-18] (INTEL CORP) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-08-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad] MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-02-26] (Adobe Systems Incorporated) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1315945748-2372567203-217578743-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Limited -> Power Software Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Limited -> Power Software Ltd) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Limited -> Power Software Ltd) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2020-06-11 18:48 - 2020-06-11 18:48 - 039780864 _____ (Intel) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2731.0_x64__8j3eq9eme6ctt\IGCC.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 10:24 - 2020-08-18 13:53 - 000000836 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR HKU\S-1-5-21-1315945748-2372567203-217578743-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: cplspcon => 2 MSCONFIG\Services: EasyAntiCheat => 3 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HiPatchService => 2 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: ICEsoundService => 2 MSCONFIG\Services: igfxCUIService2.0.0.0 => 2 MSCONFIG\Services: Intel(R) SUR QC SAM => 3 MSCONFIG\Services: NSM => 2 MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2 MSCONFIG\Services: qengine => 2 MSCONFIG\Services: qupdate => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: TampMon => 2 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\StartupApproved\StartupFolder: => "Nexon Launcher.lnk" HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE" HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer" HKU\S-1-5-21-1315945748-2372567203-217578743-1001\...\StartupApproved\Run: => "com.blitz.app" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{1908346A-A46E-46D8-AE6D-874C86CBB3FB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{732889E1-6869-4868-884B-45CD2711A663}] => (Block) C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [{FB12677B-A297-4F15-B015-01C829EC2B16}] => (Block) C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [UDP Query User{A59BE1DA-78F4-44DE-BCE2-B7DA612B5610}C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [TCP Query User{ED32A5ED-64FD-4771-8105-4B6B14F81708}C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81102\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [UDP Query User{7547CF66-BCCC-4D31-822B-34A5C9AAFA7E}C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe => No File FirewallRules: [TCP Query User{5CC6AFC0-567F-4A7D-B5D9-E3F2423198BC}C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base81009\sc2_x64.exe => No File FirewallRules: [UDP Query User{BAFB26A9-D2CF-4936-81A3-3601885120F1}C:\program files (x86)\steam\steamapps\common\combat arms the classic\voicechat.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\combat arms the classic\voicechat.exe => No File FirewallRules: [TCP Query User{7C03B198-9DB3-4A79-B7F1-A61B93529A01}C:\program files (x86)\steam\steamapps\common\combat arms the classic\voicechat.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\combat arms the classic\voicechat.exe => No File FirewallRules: [{7AFE7046-297F-44D1-BEDF-542AC50A0D4D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{480750CE-0B84-42A8-8ABC-743059AF44D1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D6988FF6-5401-4E82-946D-8065BF51AB6D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B8943FC9-117C-49F2-BAE5-A1674657BA82}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{88F806B1-2D7C-47BC-A0C2-27DDDCF05FB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed] FirewallRules: [{9DDDA189-47E4-46D5-9898-C01A1A7ED919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed] FirewallRules: [UDP Query User{EA3D6D08-C84E-43D7-9A35-40592EFE944F}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\user\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.) FirewallRules: [TCP Query User{71BDC8B1-1C48-4E5C-9F9B-1CD5E03AC94F}C:\users\user\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\user\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.) FirewallRules: [UDP Query User{EBBB9094-BF84-4978-8B36-2A771339E6ED}C:\program files (x86)\starcraft ii\support64\sc2editor_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [TCP Query User{490887AC-AC4D-42F8-B2A7-52FCCAD4F1EF}C:\program files (x86)\starcraft ii\support64\sc2editor_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [{85924650-C306-4B31-8402-B3BAB8576954}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{0A42CB48-C3EA-4EAE-9CF1-8548798D02AB}C:\users\user\appdata\roaming\ftba\bin\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\ftba\bin\runtime\jre-x64\bin\javaw.exe FirewallRules: [TCP Query User{A43EF936-C6ED-4328-8EDD-52B7DC0FCBAC}C:\users\user\appdata\roaming\ftba\bin\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\ftba\bin\runtime\jre-x64\bin\javaw.exe FirewallRules: [{226F2940-E05F-4ADC-B15F-7CE6DFBA47B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{A58CF791-9D82-4159-B4E7-9E0F0F04B597}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{9A3C3A1E-FDDA-4BE0-89AD-766C7C06ADAF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{938E5F78-6127-4AB0-A6CD-B8E96E385462}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{35D974F3-0E4D-4C84-B6E1-3AA373CA3E38}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{3F644E87-5AE0-4530-83E0-63F515BAB42A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{4D4D1B48-283A-46A0-BEB7-3750ECA1CD13}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{42C2F908-B1B0-4E61-95FA-997F5F712613}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{438CD202-A3D9-4283-A745-797C2465E2BA}] => (Block) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{5C99BE44-7452-44EA-9FEF-3781F631D34F}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{31E3DF1B-C0E2-43C5-8C5E-8D2C13AD393B}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{ED767F59-0277-4085-AE04-8825EF0AF940}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3811C7A2-F7BC-47E8-9F75-F74405E5C4EE}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{05C11E41-95E3-458B-83B3-D9DE9D5F69A4}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{DCE8BDB0-A705-439E-8DD1-2BB1C2B45DA1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{3559D9B6-EB91-40B6-9FB2-7880E385C904}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{F9D7584F-A2B3-46FD-95AE-D73C40B9A96D}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{475F491E-7D42-456D-BC69-03602616C628}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{3BD653B8-F76C-4243-B70F-09602A44F69A}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{63D3F41E-C4EA-4A3B-A783-D7AB8FA24D76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A46CCA4F-792C-4B32-B342-A89C7DA438AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A8B2375A-5BCD-4F3C-BC75-AE7D956DDDAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{ED0DEE10-486D-4BF1-8AE0-49EEA7356B75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4CE5ED43-B095-4D1C-A2B8-F2E0F61FAA86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9EBA98C3-58DE-4061-9D8B-650D9DBE649B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) ==================== Restore Points ========================= 13-08-2020 14:32:45 Windows Modules Installer 19-08-2020 08:01:51 Removed Intel(R) Computing Improvement Program 19-08-2020 08:37:28 O&O ShutUp10 ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== System errors: ============= Error: (08/19/2020 07:07:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: ‏‏שירות ה- cplspcon הפסיק עם השגיאה הבאה: Unspecified error Error: (08/19/2020 07:06:44 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: ACPI1 ==================== Memory info =========================== BIOS: American Megatrends Inc. P7.60 02/26/2018 Motherboard: ASRock H110M-HDV Processor: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz Percentage of memory in use: 42% Total physical RAM: 8154.72 MB Available physical RAM: 4649.75 MB Total Virtual: 13530.72 MB Available Virtual: 9681.92 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:213.38 GB) (Free:71.74 GB) NTFS Drive d: () (Fixed) (Total:250.92 GB) (Free:250.76 GB) NTFS Drive e: (ASRock SupportCD) (CDROM) (Total:4.25 GB) (Free:0 GB) CDFS Drive h: () (Removable) (Total:3.61 GB) (Free:3.59 GB) FAT32 \\?\Volume{6cb467c9-0000-0000-0000-100000000000}\ (‏‏שמור על-ידי המערכת) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS \\?\Volume{6cb467c9-0000-0000-0000-e07735000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 6CB467C9) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=213.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=525 MB) - (Type=27) Partition 4: (Not Active) - (Size=250.9 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 3.6 GB) (Disk ID: 828FC783) Partition 1: (Active) - (Size=3.6 GB) - (Type=0C) ==================== End of Addition.txt =======================