Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Infected with Trojan virus very high thread Please help me as you can

trojan trojan horse very high thread virus Trojan:Win32/detplock

  • Please log in to reply

#1
Biser Vangelov

Biser Vangelov

    New Member

  • Member
  • Pip
  • 1 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2020
Ran by User (administrator) on DESKTOP-3PN82DU (31-01-2020 14:16:00)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User & sasuk)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Български (България)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hi-Rez Studios) [File not signed] D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SOMICC71BSound] => C:\Program Files\SOMIC 7.1 GAMING HEADSET\CPL\Somic Audio Center_x64.exe [2369024 2016-01-28] () [File not signed]
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1786808 2018-03-14] (LG Electronics Inc. -> TODO: <Company name>)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Steam] => D:\steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Gaijin.Net Updater] => C:\Users\User\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-12-12] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\MountPoints2: {c83ea583-c92d-11e8-9702-bc5ff4ee6426} - "F:\HiSuiteDownLoader.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0059A6B4-860C-459A-94BF-FAC996FDADF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0A5E8CB4-DE4D-4EA5-B040-1E3C57899507} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {337ED8ED-722C-4D4A-961C-5A7E76ACD5DD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36193340-C1EE-4464-A38D-512ABF4D8540} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {36F48C80-857A-4CDE-9C14-C9B634A99F2F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {36FCFF99-CFB8-4D34-9441-02CEA9A5743B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {53571172-5480-47C7-9337-6CA3AC2F5623} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-14] (Google Inc -> Google LLC)
Task: {57685181-E605-4E58-B247-190B8D1AEFA9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58E18D72-4A02-4F49-A860-DE54CBF38A57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C331D4E-A639-4796-B269-C6D30BA5FD87} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6F1B0E78-2F27-4B51-AE95-796460E39FC5} - System32\Tasks\Hetubu\{2AEDAAF0-7C98-E5A3-83E7-17006976522E} => C:\Users\User\AppData\Roaming\Megobabeto\Hetubu.exe [0 2013-04-23] ()
Task: {6F4F8E8A-711A-4D9C-BBB6-6516003629AB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7625FCDB-D405-4180-BAA8-CE132092CED4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {874D5BA2-DBD4-4D1C-B2C8-8EE6B8C5C425} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E55FE94-543A-4B5E-A66D-A225B77711EE} - System32\Tasks\update-S-1-5-21-1270643484-4035232020-1271303665-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {9871B34A-5AD6-4AF0-A58C-A4FC3CD50A76} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2498880-35B3-45A5-B7EE-01C5BBCCE2ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC78466C-B2EF-4CB9-B4F1-449062712D12} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2FDDB7C-054D-429C-AB67-8A5F6B696DBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-14] (Google Inc -> Google LLC)
Task: {B4A5905B-FD21-4352-AA5A-E0D5BC5631E3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CDC45FD2-4341-4265-9510-7A885A9FEF6F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E464706E-667E-48E4-B0A7-AACBCC81FCD7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E775FB88-6842-4DB6-A760-5D60F86E7BEE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {EBB6041D-18F2-4DD2-ABB0-962E5557D549} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC51E498-D4BA-4EC7-9461-960374574E00} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1270643484-4035232020-1271303665-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 88.87.0.2 88.87.10.2
Tcpip\..\Interfaces\{2dee4765-6d13-42f5-972a-0641487b9df0}: [DhcpNameServer] 88.87.0.2 88.87.10.2
 
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Notifications: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001 -> hxxps://www.facebook.com
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2020-01-31]
CHR DownloadDir: C:\Users\User\Desktop
CHR Notifications: Default -> hxxps://gamehag.com
CHR HomePage: Default -> hxxps://www.google.bg/?gfe_rd=cr&ei=hFXfVdGhCrOz8wf_1IeoDg&gws_rd=ssl
CHR StartupUrls: Default -> "hxxps://www.google.bg/"
CHR DefaultSearchURL: Default -> hxxp://chromedhnewtab.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> chromedhnewtab
CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-19]
CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-19]
CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-19]
CHR Extension: (Blue Nebula - Full HD - Axlg) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpbfcgopniakghhkjcnnmpfdemapblij [2018-09-19]
CHR Extension: (Adblock Plus — безплатен блокер на реклами) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
CHR Extension: (chromedhnewtab) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjknaplhnlobleklkoloacadcobmiccl [2018-09-19]
CHR Extension: (Тъмна тема за Facebook и други уебсайтове) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfobiagdiioemjmpdecklcjaplpljdo [2019-10-26]
CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-14]
CHR Extension: (Grammarly for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-01-30]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-01]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-07]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-15]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-09-10] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-12-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PAExec; C:\Windows\PAExec.exe [189112 2018-09-19] (Power Admin LLC -> Power Admin LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2019-11-27] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [215128 2019-12-07] (Even Balance, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\NisSrv.exe [3284840 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MsMpEng.exe [103168 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2156368 2019-08-02] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 C_71_B; C:\WINDOWS\System32\drivers\C_71_B.sys [3795608 2016-01-28] (WDKTestCert chou,130795027549068093 -> C-MEDIA Inc.)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\nvlddmkm.sys [23251968 2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [131736 2019-06-14] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-01-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-01-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-01-28] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-01-31 14:16 - 2020-01-31 14:17 - 000027315 _____ C:\Users\User\Desktop\FRST.txt
2020-01-31 14:15 - 2020-01-31 14:16 - 000000000 ____D C:\FRST
2020-01-31 14:14 - 2020-01-31 14:14 - 002581504 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2020-01-31 13:54 - 2020-01-31 13:54 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-31 13:54 - 2020-01-31 13:54 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-01-31 13:42 - 2020-01-31 13:43 - 000000000 ____D C:\AdwCleaner
2020-01-31 13:31 - 2020-01-31 13:31 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-31 13:31 - 2020-01-31 13:31 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\mbamtray
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\mbam
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\cache
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-31 13:30 - 2020-01-31 13:30 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-01-31 13:30 - 2020-01-31 13:30 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-01-31 13:30 - 2020-01-31 13:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-31 13:29 - 2020-01-31 13:29 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-31 13:28 - 2020-01-31 13:34 - 002307368 _____ C:\Users\User\Desktop\Rkill.txt
2020-01-31 13:27 - 2020-01-31 13:28 - 008356016 _____ (Malwarebytes) C:\Users\User\Downloads\adwcleaner_8.0.2.exe
2020-01-31 13:27 - 2020-01-31 13:27 - 001883976 _____ (Malwarebytes) C:\Users\User\Downloads\malwarebytes_4.0.exe
2020-01-31 13:27 - 2020-01-31 13:27 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\User\Downloads\rkill_2.9.1.0.exe
2020-01-31 13:16 - 2020-01-31 13:16 - 000000000 ____D C:\Users\User\AppData\Roaming\Google
2020-01-31 12:47 - 2020-01-31 12:47 - 000000629 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-01-31 12:47 - 2020-01-31 12:47 - 000000629 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-01-31 12:47 - 2020-01-31 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-01-31 12:46 - 2020-01-31 12:46 - 007432520 _____ (VS Revo Group ) C:\Users\User\Downloads\revosetup.exe
2020-01-31 11:54 - 2020-01-31 11:54 - 000000000 ____D C:\ProgramData\ByteFence
2020-01-31 11:45 - 2020-01-31 11:45 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-01-31 11:16 - 2020-01-31 11:16 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-31 11:16 - 2020-01-31 11:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-31 11:15 - 2020-01-31 11:49 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2020-01-31 11:14 - 2020-01-31 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hetubu
2020-01-31 11:14 - 2020-01-31 11:14 - 000000000 ____D C:\Users\User\AppData\Roaming\Megobabeto
2020-01-31 11:13 - 2020-01-31 11:50 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-31 11:13 - 2020-01-31 11:15 - 000000000 ____D C:\ProgramData\bciff
2020-01-31 11:13 - 2020-01-31 11:14 - 000000000 ____D C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}
2020-01-31 11:13 - 2020-01-31 11:13 - 000001362 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2020-01-31 11:13 - 2020-01-31 11:13 - 000000000 ____D C:\Program Files\AVAST Software
2020-01-30 17:21 - 2020-01-30 17:21 - 000000000 ____D C:\Users\User\AppData\LocalLow\Riot Games
2020-01-30 17:20 - 2020-01-30 17:20 - 000001599 _____ C:\Users\User\Desktop\Legends of Runeterra.lnk
2020-01-30 17:20 - 2020-01-30 17:20 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-01-30 17:19 - 2020-01-30 17:19 - 068510896 _____ (Riot Games, Inc.) C:\Users\User\Downloads\Legends_Of_Runeterra_Installer.exe
2020-01-30 15:51 - 2020-01-30 15:54 - 000000000 ____D C:\Users\User\AppData\Roaming\.tlauncher
2020-01-30 15:51 - 2020-01-30 15:51 - 015370064 _____ (TLauncher Inc.) C:\Users\User\Downloads\TLauncher-2.68-Installer-0.5.2.exe
2020-01-30 15:51 - 2020-01-30 15:51 - 000001932 _____ C:\Users\User\Desktop\TLauncher.lnk
2020-01-29 17:20 - 2020-01-29 17:20 - 000000039 _____ C:\Users\User\AppData\Local\kritadisplayrc
2020-01-29 17:13 - 2020-01-29 17:13 - 003339582 _____ C:\Users\User\Desktop\game_cards.tif
2020-01-29 16:39 - 2020-01-29 16:39 - 007734230 _____ C:\Users\User\Desktop\game_money.tif
2020-01-28 21:04 - 2020-01-28 21:04 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-01-27 15:46 - 2020-01-27 15:46 - 000149090 _____ C:\Users\User\Downloads\igralno pole.tif
2020-01-27 15:42 - 2020-01-28 19:53 - 000781968 _____ C:\Users\User\Desktop\igralno pole.tif
2020-01-24 20:32 - 2020-01-25 13:36 - 000000000 ____D C:\Users\User\Creative Cloud Files
2020-01-24 17:11 - 2020-01-24 17:11 - 000000265 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
2020-01-24 15:56 - 2020-01-24 15:56 - 000000000 ____D C:\Users\User\AppData\Local\4kdownload.com
2020-01-24 15:55 - 2020-01-24 17:11 - 000000265 _____ C:\Users\User\Desktop\4K Video Downloader.lnk
2020-01-24 14:39 - 2020-01-24 14:40 - 085446656 _____ C:\Users\User\Downloads\4kvideodownloader_4.11.1_x64.msi
2020-01-23 22:54 - 2020-01-29 22:03 - 000000000 ____D C:\Users\User\Desktop\memes za klipove
2020-01-23 00:54 - 2020-01-30 03:42 - 000014333 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-01-22 14:32 - 2020-01-22 14:32 - 000011094 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-01-20 00:35 - 2020-01-20 00:47 - 000463438 _____ C:\Users\User\Desktop\Бисер Вангелов №2 12а.pptx
2020-01-18 15:03 - 2020-01-18 15:03 - 000391285 _____ C:\Users\User\Documents\Успоредни равнини_12а_7.pptx
2020-01-15 19:57 - 2020-01-29 17:21 - 000002232 _____ C:\Users\User\Desktop\Discord.lnk
2020-01-15 19:56 - 2020-01-15 19:57 - 000000000 ____D C:\Users\User\AppData\Local\Discord
2020-01-15 16:12 - 2020-01-15 16:12 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 16:11 - 2020-01-15 16:12 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 15:53 - 2020-01-15 15:53 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 15:53 - 2020-01-15 15:53 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 00:23 - 2020-01-28 01:45 - 000014651 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-01-13 23:21 - 2020-01-27 01:10 - 000012500 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-01-13 01:45 - 2020-01-22 00:56 - 000010692 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-01-12 11:35 - 2020-01-12 12:59 - 000000494 _____ C:\Users\User\Desktop\config.txt
2020-01-12 02:37 - 2020-01-26 02:39 - 000014211 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-01-12 00:26 - 2019-12-28 05:14 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001079200 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 001079200 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000450176 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000354520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 011843088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 010169208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 000678264 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 000544976 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 017462352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 015029504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 005383184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 004718512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 002076080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001570168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001485688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001371512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001145280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001064368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001001816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000824064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000813984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000685256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000573784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-01-12 00:26 - 2019-12-28 05:12 - 000558080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000451320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-01-12 00:26 - 2019-12-28 05:11 - 040510200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-01-12 00:26 - 2019-12-28 05:11 - 035380240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-01-12 00:26 - 2019-12-28 05:11 - 000858032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-01-12 00:26 - 2019-12-24 14:03 - 000076477 _____ C:\WINDOWS\system32\nvinfo.pb
2020-01-12 00:07 - 2020-01-12 00:07 - 000000000 ____D C:\Users\User\AppData\Roaming\Valve Corporation
2020-01-11 14:31 - 2020-01-25 08:46 - 000014376 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-01-11 14:22 - 2020-01-31 13:53 - 000012229 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-01-10 15:18 - 2020-01-10 23:00 - 000013948 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1
2020-01-10 01:08 - 2020-01-10 15:18 - 000014334 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
2020-01-08 19:02 - 2020-01-09 17:37 - 002862884 _____ C:\Users\User\Desktop\igr.tif
2020-01-08 15:13 - 2020-01-09 00:51 - 000012615 _____ C:\ProgramData\DisplaySessionContainer21.log_backup1
2020-01-07 01:00 - 2020-01-07 23:13 - 000013615 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2020-01-03 13:00 - 2020-01-03 13:01 - 000000000 ____D C:\Users\User\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000001151 _____ C:\Users\User\Desktop\Adobe Premiere Pro 2019.lnk
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\Users\Public\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\ProgramData\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-01-03 11:57 - 2020-01-03 12:02 - 000000000 ____D C:\Program Files\Adobe
2020-01-03 11:57 - 2020-01-03 11:57 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2020-01-03 11:57 - 2020-01-03 11:57 - 000000000 ____D C:\ProgramData\Documents\AdobeInstalledCodecs
2020-01-03 11:46 - 2020-01-03 11:47 - 000080969 _____ C:\Users\User\Downloads\Adobe Premiere Pro CC 2019 v13.1.4 Build 2.torrent
2020-01-03 11:45 - 2020-01-03 11:45 - 002076286 _____ C:\Users\User\Downloads\arriraw_p1_win_092712.zip
2020-01-03 01:40 - 2020-01-04 03:09 - 000013938 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-01-02 10:09 - 2020-01-03 01:40 - 000012479 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-01-01 10:14 - 2020-01-02 01:12 - 000012262 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-01-01 00:48 - 2020-01-01 10:14 - 000012811 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-01-31 14:15 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-31 14:03 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-31 14:02 - 2018-09-19 11:53 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-31 13:55 - 2019-09-13 15:05 - 000000000 ____D C:\Users\User\AppData\Roaming\WTablet
2020-01-31 13:55 - 2018-09-19 18:17 - 000000152 _____ C:\Users\Public\Documents\OSCFile.txt
2020-01-31 13:55 - 2018-09-19 18:17 - 000000152 _____ C:\ProgramData\Documents\OSCFile.txt
2020-01-31 13:54 - 2019-09-27 01:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-31 13:53 - 2019-12-30 17:48 - 000018900 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-01-31 13:53 - 2019-12-30 17:48 - 000008676 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-01-31 13:53 - 2019-12-30 17:48 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-01-31 13:53 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-31 13:41 - 2019-09-27 00:56 - 000000000 ____D C:\Users\sasuk
2020-01-31 13:30 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-31 13:02 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-31 12:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-31 11:54 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-31 11:53 - 2018-09-19 11:52 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2020-01-31 11:52 - 2018-09-19 11:49 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2020-01-31 11:05 - 2019-09-27 00:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-31 10:21 - 2019-09-27 01:12 - 000004206 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F9A8A5B0-A0EE-4809-9ABB-B9C56B369613}
2020-01-31 02:24 - 2019-12-30 17:48 - 000014142 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-01-30 17:21 - 2019-10-09 20:13 - 000000000 ____D C:\Users\User\AppData\Local\Riot Games
2020-01-30 17:20 - 2018-09-19 21:02 - 000001671 _____ C:\Users\Public\Desktop\League of Legends.lnk
2020-01-30 17:20 - 2018-09-19 21:02 - 000001671 _____ C:\ProgramData\Desktop\League of Legends.lnk
2020-01-30 15:56 - 2019-05-15 19:07 - 000000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2020-01-30 11:29 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Roaming\discord
2020-01-30 11:02 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-29 17:21 - 2019-11-16 12:29 - 000002440 _____ C:\Users\User\Desktop\Legacy of Discord.lnk
2020-01-29 17:21 - 2019-11-16 12:29 - 000002136 _____ C:\Users\User\Desktop\GTarcade.lnk
2020-01-29 17:21 - 2019-09-13 15:02 - 000002070 _____ C:\Users\User\Desktop\Wacom Desktop Center.lnk
2020-01-29 17:21 - 2019-09-13 15:02 - 000001969 _____ C:\Users\User\Desktop\Wacom Tablet Properties.lnk
2020-01-29 17:21 - 2019-09-08 14:18 - 000001014 _____ C:\Users\User\Desktop\osu!.lnk
2020-01-29 17:21 - 2018-12-05 18:52 - 000002160 _____ C:\Users\User\Desktop\Somic Audio Center.lnk
2020-01-28 20:54 - 2018-09-19 11:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-01-24 22:43 - 2018-09-19 19:56 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2020-01-24 17:09 - 2018-09-24 19:10 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2020-01-22 11:33 - 2018-10-12 12:48 - 000000000 ____D C:\Users\sasuk\AppData\Local\CrashDumps
2020-01-22 11:05 - 2019-09-14 14:56 - 000000000 ____D C:\Users\sasuk\AppData\Roaming\WTablet
2020-01-22 00:53 - 2019-06-14 13:31 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-22 00:53 - 2019-06-14 13:31 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-22 00:53 - 2019-06-14 13:31 - 000002258 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-20 20:02 - 2019-09-27 01:12 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1270643484-4035232020-1271303665-1002
2020-01-20 20:02 - 2019-09-27 00:56 - 000002395 _____ C:\Users\sasuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-20 20:02 - 2018-10-12 12:48 - 000000000 ___RD C:\Users\sasuk\OneDrive
2020-01-19 19:38 - 2019-09-27 01:12 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1270643484-4035232020-1271303665-1001
2020-01-19 19:38 - 2019-09-27 00:56 - 000002392 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 19:38 - 2018-09-19 11:54 - 000000000 ___RD C:\Users\User\OneDrive
2020-01-16 16:28 - 2019-10-02 16:35 - 000000000 ____D C:\Users\User\Desktop\drawing [bleep]
2020-01-16 15:45 - 2018-09-19 20:48 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA
2020-01-16 15:42 - 2019-09-27 00:49 - 000447040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 19:57 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-01-15 19:57 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Local\SquirrelTemp
2020-01-15 16:21 - 2018-09-19 12:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 16:16 - 2018-09-19 11:59 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 16:26 - 2019-11-16 12:28 - 000000000 ____D C:\Users\User\AppData\Local\Gtarcade
2020-01-14 16:20 - 2019-08-05 17:21 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout
2020-01-12 00:28 - 2018-09-19 11:52 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-10 15:37 - 2018-10-12 12:41 - 000000000 ____D C:\Users\sasuk\AppData\Local\Packages
2020-01-08 18:55 - 2019-09-13 15:57 - 000017922 _____ C:\Users\User\AppData\Local\kritarc
2020-01-06 23:35 - 2018-09-19 20:48 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA Corporation
2020-01-03 13:01 - 2018-09-19 11:49 - 000000000 ____D C:\Users\User\AppData\Roaming\Adobe
2020-01-03 12:06 - 2019-04-19 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-01-03 11:57 - 2018-09-19 20:38 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-03 11:57 - 2018-09-19 12:27 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-01-03 11:55 - 2018-09-19 12:26 - 000000000 ____D C:\ProgramData\Adobe
2020-01-03 11:55 - 2018-09-19 12:25 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2020-01-03 11:54 - 2018-09-19 12:28 - 000000000 ____D C:\Users\User\AppData\LocalLow\Adobe
2020-01-01 16:00 - 2019-09-23 13:42 - 000000000 ____D C:\Users\User\AppData\Roaming\RenPy
2020-01-01 00:48 - 2019-12-31 02:32 - 000012612 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
 
==================== Files in the root of some directories ========
 
2018-09-19 20:48 - 2018-09-19 20:48 - 052531200 _____ () C:\Program Files (x86)\GUTF082.tmp
2019-11-25 17:00 - 2019-11-25 17:00 - 000000385 _____ () C:\Users\User\AppData\Local\karboncalligraphyrc
2019-09-13 15:56 - 2020-01-29 17:20 - 000103244 _____ () C:\Users\User\AppData\Local\krita.log
2020-01-29 17:20 - 2020-01-29 17:20 - 000000039 _____ () C:\Users\User\AppData\Local\kritadisplayrc
2019-09-13 15:57 - 2020-01-08 18:55 - 000017922 _____ () C:\Users\User\AppData\Local\kritarc
2018-09-19 19:19 - 2018-09-19 19:19 - 000000003 _____ () C:\Users\User\AppData\Local\updater.log
2018-09-19 19:19 - 2018-09-19 19:19 - 000000425 _____ () C:\Users\User\AppData\Local\UserProducts.xml
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2020
Ran by User (31-01-2020 14:18:04)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1903 18362.592 (X64) (2019-09-26 23:13:31)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1270643484-4035232020-1271303665-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1270643484-4035232020-1271303665-503 - Limited - Disabled)
Guest (S-1-5-21-1270643484-4035232020-1271303665-501 - Limited - Disabled)
sasuk (S-1-5-21-1270643484-4035232020-1271303665-1002 - Limited - Enabled) => C:\Users\sasuk
User (S-1-5-21-1270643484-4035232020-1271303665-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-1270643484-4035232020-1271303665-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
(Street-Boy) All Cards Unlocker (HKLM-x32\...\(Street-Boy) All Cards Unlocker) (Version: 2.0 - )
4K Video Downloader 4.11 (HKLM\...\{95BBB00C-272E-45A4-A965-6DEFE2F979B6}) (Version: 4.11.1.3390 - Open Media LLC)
60 Seconds Rocket Science (HKLM-x32\...\60 Seconds Rocket Science_is1) (Version:  - )
7.1 SOUND EFFECT GAMING HEADSET (HKLM-x32\...\{D8D9AEBE-1712-4A4A-BC70-4CD9C82D108B}) (Version: 1.01 - Somic,Inc)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_4) (Version: 13.1.4 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Autodesk SketchBook (HKLM\...\{AE6C5657-D663-4968-BEB5-1E2ED89CB2D2}) (Version: 8.60.0000 - Autodesk)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.63.1070 - AB Team, d.o.o.)
Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
Crossout Launcher 1.0.3.106 (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\CrossOutLauncher_is1) (Version:  - )
Discord (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Frostpunk v.1.3.0 (HKLM-x32\...\Frostpunk_is1) (Version:  - )
GameRanger (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GTarcade (HKU-x32\S-1-5-21-1270643484-4035232020-1271303665-1001\...\gtarcade) (Version: 2.1.0 - YOOZOO Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitFilm Express (HKLM\...\{30792CB5-3EBA-483C-98E3-BF08A3CC6B83}) (Version: 12.3.8815.07201 - FXHOME)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Krita (x64) 4.2.6 (HKLM\...\Krita_x64) (Version: 4.2.6.0 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Legends of Runeterra (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Riot Game bacon.live) (Version:  - Riot Games, Inc)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
LS-USBMX1/2/3 Steering Wheel W/Vibration (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM-x32\...\Need for Speed Underground 2) (Version:  - )
Neighbours From [bleep] (HKLM-x32\...\1207663903_is1) (Version: 1.00 - GOG.com)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 2.95 - LG Electronics Inc)
osu! (HKLM-x32\...\{8c511a3c-c368-40e6-8a64-8642766d108b}) (Version: latest - ppy Pty Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Skype, версия 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version:  - )
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-012B-0402-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.36-1 - Wacom Technology Corp.)
WinRAR 5.31 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
 
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-30] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Време -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-12-30] (NVIDIA Corp.)
Torrex Lite - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexLite-TorrentDownloader_1.3.97.0_x64__b6e429xa66pga [2019-06-21] (Finebits OÜ) [MS Ad] [Startup Task]
Добавка за „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-05] (Microsoft Corporation)
Добавка за приложението за мултимедийни файлове „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-23] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\nvshext.dll [2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\User\Desktop\Frostpunk - Пряк път.lnk -> D:\Frostpunk\Frostpunk.exe (11 bit studios S.A.) <==== Cyrillic
Shortcut: C:\Users\User\Desktop\Steam - Пряк път.lnk -> D:\steam\Steam.exe (Valve Corporation) <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Какво е новото в последната версия.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Помощен файл на WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ръководство за конзолната версия на RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive за бизнеса.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\grv_icons.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype за бизнеса 2016.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\lyncicon.exe () <==== Cyrillic
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\SendTo\Получател на факса.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo <==== Cyrillic
 
==================== Loaded Modules (Whitelisted) =============
 
2014-02-11 05:08 - 2014-02-11 05:08 - 000817152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2018-09-19 19:19 - 2017-05-23 13:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-09-19 19:19 - 2017-05-23 13:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482]
AlternateDataStreams: C:\Users\User\AppData\Local\Temp:$DATA​ [16]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-04-12 01:38 - 2020-01-31 12:37 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\body_of_water_planet_horizon_92570_1920x1080.jpg
DNS Servers: 88.87.0.2 - 88.87.10.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\startupreg: EpicGamesLauncher => E:\nz\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
HKLM\...\StartupApproved\Run: => "SOMICC71BSound"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_EA977365BF5B2185FA52414E130E9AF9"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Chromium"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{7D508BF2-B968-4D38-879A-15B6F811A73F}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{45A6A043-BDB6-4054-BA29-2C479D1B9E38}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{1011CF12-0A9A-4CBE-B3D8-AB674E596EE2}D:\liga\instalaciq\game\league of legends.exe] => (Allow) D:\liga\instalaciq\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{F251D6F0-D57E-4D93-8271-F16FAA71B86B}D:\liga\instalaciq\game\league of legends.exe] => (Allow) D:\liga\instalaciq\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{5CCD9118-386E-43C5-8FE9-334C388D2134}C:\program files (x86)\arenaplay\arenaplay.exe] => (Allow) C:\program files (x86)\arenaplay\arenaplay.exe No File
FirewallRules: [TCP Query User{29865C54-42C0-4223-BCDD-E547BB2D49C3}C:\program files (x86)\arenaplay\arenaplay.exe] => (Allow) C:\program files (x86)\arenaplay\arenaplay.exe No File
FirewallRules: [UDP Query User{927795C9-1E7A-442E-B973-7C7110491ED6}D:\arenaplay\arenaplay.exe] => (Allow) D:\arenaplay\arenaplay.exe No File
FirewallRules: [TCP Query User{C38DF958-819F-4320-BC2A-E9F5D77B2DAC}D:\arenaplay\arenaplay.exe] => (Allow) D:\arenaplay\arenaplay.exe No File
FirewallRules: [{23B4CF72-4620-4285-AA01-60F2A17D28EC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A93E9845-83D9-49B7-8681-68F342E328E4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{879298AA-EE83-4CF8-B069-0945E49E575B}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{BEC13AB3-9870-41D4-8E37-AADEF9F9250D}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{086499CA-7418-49DE-B0BF-4ADCE8624893}C:\users\user\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\user\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [TCP Query User{5ED827FC-ADC1-4385-A205-92D7C4294270}C:\users\user\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\user\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{839E39CA-5F9D-4195-A6BC-B3DA7ECD2F92}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [TCP Query User{18B92560-ACE1-45D1-9221-D452B36F0F11}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [UDP Query User{FAC03D3C-55BC-4A8F-86D9-3DBB13D2433E}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [TCP Query User{C9EAECB1-7EBF-4DB6-9DDB-E7E97AE7FF72}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [UDP Query User{30E14C1B-AD18-47FE-A7AE-B3D7C389EE7E}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [TCP Query User{4AC1579F-FB86-4352-BC6E-1B39D16861D2}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [UDP Query User{08343F70-5E64-4042-BA7D-8CD9C2CFAE2F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{81CCB718-BACA-4007-B543-E5C6565BC070}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3D418353-805F-4C49-BCED-13766D9EAF5D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FDF05657-89C3-46EB-88F1-5C37D58802C3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B000AC22-EAC7-4524-AAF8-4D488695604E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{DA373BD4-9582-42BA-BD19-8DD91C5CB16E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A85CE694-7596-47FF-9A03-4039D797BF4B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{8C2329C4-38AB-46DE-BDF8-BB10074778ED}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{33466FD7-EC63-4653-B007-8DEA1BA4C490}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{7EE6F79D-CC36-4CB1-8963-66B4390937D5}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{EFC4C668-DF8F-4160-B2D9-34B53994A0B0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{E06B1C1C-6A29-424D-AF9F-155E40BE00F3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0A208126-7FFE-4015-ABBD-FAA14809BE28}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CEE3AE22-AA12-4358-8C5D-FFA8AFDBA88D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BDA847DB-7ECA-4DBA-B1DC-FA5959D2B8AA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{423249E7-B4A8-4129-ABF1-BF56D2840EBE}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{492A9893-970B-4496-BA2B-B8EBB2E10BAA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FBFCE1D4-32D9-4728-9BA8-65A5F01E668E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0D6B33BF-12BF-411E-A60C-83C81C661297}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{8041240E-CC47-4FA3-866D-8333A28BB3C6}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{137D374A-A400-4935-91A1-4C5FCC7C8C5B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4A64EEBF-DB3D-4945-9162-47B593959592}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{87FD80F5-1E74-4B4F-AF12-E00FBC2AD918}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BA90702F-59A9-4530-BCA3-9F23DB87D437}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E88FE424-D2E0-4492-A4BE-105500656DE2}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{C623CA49-FBED-4A96-A224-1850D47791D1}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3B2290D4-06B8-43EF-BA7A-583FECDDE1FD}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{931C85C2-9019-4F45-BB03-B945AAA0B7B2}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{05F111A4-A095-4F99-9CAB-5A8C8E3B43A1}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{75569D7D-4104-49AC-B83D-38D24B80485D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A270EF1F-4D0A-4AEA-AAC2-D730B6362C97}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FEB5E3D8-7EFA-4538-8194-1569C406CDA2}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{39612A48-F43C-41C2-B6EF-2F5BBF7D5860}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{2C11AF77-0234-4D9A-B83C-2396DD1B5426}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{61588D37-B684-44EA-80E3-C1E604CD29B0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F4376C25-BDB2-41B8-B784-62FBE936A3C9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{EE2874AE-2139-4FFB-BD5F-FDDF8FDE7F4D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{757C3AA9-7252-4BBC-9797-D40C93FEB413}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E4953609-8BBF-4C63-9F2C-E439DC1F1BFE}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1E798995-2D3A-4B6A-AFEE-98C10CA53BA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E81E1A9D-A845-4514-810E-487B729A85B1}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{C85E8184-7058-47E2-9006-D80F0EA3BFAD}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{5CF86962-76F8-476C-B3F5-10BFD40E5A44}D:\need for speed underground 2\speed2.exe] => (Allow) D:\need for speed underground 2\speed2.exe () [File not signed]
FirewallRules: [TCP Query User{718EC2B9-A00C-4950-8559-6130C144ABA6}D:\need for speed underground 2\speed2.exe] => (Allow) D:\need for speed underground 2\speed2.exe () [File not signed]
FirewallRules: [UDP Query User{91B7FC73-75C3-410A-AEB3-E04A0047DAA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A315A9D9-C2A2-4411-B881-97DA2CE34666}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{295F775B-8010-4A72-9BBF-5E7BD387B98F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CA7323C8-43D1-4215-ABDA-0CA61BBB6433}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [{B0AB3C38-28A2-4336-8835-62F4E20D0B0C}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{B430E698-3D99-402D-9BCD-CE9C4CD79249}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [UDP Query User{6E876B67-2678-4030-A018-0D6D97C7503B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{5F30D37D-C178-4E1C-9637-1B88C13EB473}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{94CEF22B-4D03-4A74-BD21-64D3B7180C8C}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Block) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{AAF34754-F9EC-4287-923E-EC2628678D6A}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Block) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{38685334-929B-477E-9F3A-B4E2E338872C}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CB0123F1-22BA-4F73-9A0B-11AEA4A67AA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{4AFD0456-A808-42E4-BFD5-F4E9563BC7FB}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{E0B7B7C4-9F0A-4DAE-9EE9-45F9CBCCC965}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{1C50329F-3924-404B-AB81-606A16B79A98}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{22517FFB-A2F0-4190-BF55-4F320FDF2CA0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe No File
FirewallRules: [{00DAEA2B-0B46-4404-92E3-AE771A238988}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C59BD872-D204-4DA2-870C-37FEA68FF6C4}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{99C8D147-DBD6-4ACB-A195-E2D142CAA56F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{03E1BF6F-A10A-4636-A59D-27F98A578E5B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A2DBA4D2-2D88-43D3-8018-73484DC4AD41}D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe] => (Block) D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe () [File not signed]
FirewallRules: [TCP Query User{93EB00E6-F18B-45F5-8B51-D409D0EC6F75}D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe] => (Block) D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe () [File not signed]
FirewallRules: [UDP Query User{5D351F29-A383-4F45-BFF4-41D31597E9CA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9FA57325-2B31-4716-B2EE-FD8ACF34631F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BAC46739-3020-4BEF-BA34-0442469B5664}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1CBB62B5-D868-4D79-9123-8A108B08D64E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{93F37543-874B-4C13-A8F7-5DFC567DEDF3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FEC3585B-9559-4956-9858-AFAC5CF4DD07}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [{F73A2EE0-27FC-4DC6-840D-826D90822A6F}] => (Allow) D:\steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{620C3D8B-C433-4BB6-87CF-44F0260A6B34}] => (Allow) D:\steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{3C895B85-5A12-4B2A-95C2-B9A819F25875}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A49DCD39-750A-4D6B-AAC1-E2BC2152C3DC}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{2529221B-1141-4188-AFF4-20AB58CD7EEF}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{090A28E9-955E-42F6-A536-B75ABBCB29E3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{CE780A28-717E-4A85-9530-741E9D2171BC}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{2C643B88-C936-45A9-B8CE-4674255A7F1F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{598D7C32-0C65-4655-A114-44BFB604E3E0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4A9ACF01-C9F3-4297-80FB-F1A9AD10E0F8}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1A2B8C39-BD5D-4FFD-B7E8-A7EC39EF0DB9}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{CC609483-79D0-4D81-A45A-43B0BA2247AD}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{AB20BE90-B0CB-40C3-9CE1-B2F1101366E9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{0056F67B-FBEC-492F-9324-D01B90BC8272}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [{982F1FDB-68F5-49FB-AA01-D04962809B94}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [{E3BDD875-0813-481E-A306-2DBE85768323}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{0FDFA0BE-0EC9-4F95-8553-1A356BF1D1E7}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{9750CA83-DB0A-49ED-9FB1-8DD49031A4D8}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{65FBB822-EA27-4EED-93AB-31BA54AADA1A}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{69F55623-19B9-4D8F-826E-1D18DDA728DE}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{E77B7E6B-3EB1-4BEA-968D-7FA79A986AAF}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [{CC6DBEC4-CDF3-4392-BD6A-446BCC4CB6A4}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{C3432862-03F6-4B7C-966B-F6936B0B0130}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{8EAAC9EC-973B-42B3-A79C-FC635F67FABA}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{E6C65447-FFC5-4C51-BB9E-5A7B4144EB5F}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{5F2EB398-6113-4A0C-AD76-9CDE5ECC42F0}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [UDP Query User{67569C8F-235A-483F-9D71-D19A7C616E71}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{77A09CE2-80DA-40B0-A954-7916E2013D3F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe No File
FirewallRules: [{C0078B59-7F7E-439B-890D-F96188FC5AB9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe No File
FirewallRules: [{D303666D-96EF-42C2-BB18-DD989DD16441}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [{BD95E4E4-8F87-4710-BB8F-04824CB66DC4}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [UDP Query User{8F24552F-DE12-456A-AC3D-ADC00BD8C520}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe No File
FirewallRules: [TCP Query User{414E6773-74FB-4D35-8730-0A75740A65AF}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe No File
FirewallRules: [UDP Query User{428AFC87-AC66-414C-98ED-D667057AE407}E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{6B8F2B6B-FFE0-4373-8E3E-0C0B0D053414}E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{5E2045E3-FD5E-4B24-9E9E-DBC42A00B664}E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{B97E58B2-F114-4EA9-864B-E232F94F18A3}E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [{AF8E07C2-25FD-4719-ACBC-E96C2899F26B}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{CB63E972-A11C-4348-A11B-F3C276ABDB2E}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{AE2D8CC4-4CC4-401B-9118-AB2AF9368877}] => (Allow) D:\steam\steamapps\common\Alan Wake\AlanWake.exe No File
FirewallRules: [{E9CBB2FB-62F4-42D9-9257-59AB69E5CC4C}] => (Allow) D:\steam\steamapps\common\Alan Wake\AlanWake.exe No File
FirewallRules: [{A4E129F2-86BD-463C-91AF-5DCA413E7498}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{30D6BE07-6F98-4985-A083-649E5E4A119D}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{DE481CEE-24CA-4C39-AA6A-0F1CDCC37A41}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1E10491D-065A-44E1-B70B-1684E390C344}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5A87209E-1714-47F6-BB64-5E9808924BEE}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A2652D3D-3240-4094-AE1A-BA3CE5AE91BB}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{316E5E4E-4D8B-4C87-884B-D07102C91EA6}] => (Allow) D:\Нова папка (2)\Steam.exe No File
FirewallRules: [{B9C6528E-584A-4F71-AF7D-AEED64C0B872}] => (Allow) D:\Нова папка (2)\Steam.exe No File
FirewallRules: [UDP Query User{81634972-DCF1-4219-A01F-F78DCC72E686}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F758194C-33B8-4C9D-9534-5451FC9B28F9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [{0B8503CF-B697-4C8C-AF39-176D9DC31448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66A6D1AD-AF64-4394-BAAE-D50C47777DC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B78D112F-F3A4-4751-BA28-62D47372E798}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{65A36A4D-0E66-4D40-8BC1-A043E7264525}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3B0DF89-DD96-400D-8484-3C92D7507A27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E7D14E42-1184-48BD-9DB9-400FABE305B0}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50B8CEEB-0199-4C68-B81C-B60A27DE3A08}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39A98F4B-D697-42D1-B92B-D0B3C3B7E665}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A43F5DAF-F364-4968-BB25-00BEC306D692}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B96BB8E1-D543-42C4-9B82-FD20AAD86B59}D:\games\the sims 4\game\bin\ts4.exe] => (Allow) D:\games\the sims 4\game\bin\ts4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{E8077BD5-F051-4C5A-9DA9-4EFFE005DE5D}D:\games\the sims 4\game\bin\ts4.exe] => (Allow) D:\games\the sims 4\game\bin\ts4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{0E57781D-F16A-42E8-A32B-28B67A1A1284}D:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{CAD72217-0032-4577-B7F4-935C8676217C}D:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{20965B95-C66C-4BFD-80EC-1B88C53E0697}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{46E6FDB2-21A2-4D5B-937F-997AE21EBF53}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{04EA8E8F-4EE0-4CA0-98A7-0C5BFAC60D7E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A5A05355-78C4-4D4B-8720-6A804D3C2A1D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{8DE81259-C457-4DDA-BE21-74E00A8D6658}] => (Allow) C:\Users\User\Downloads\DiscordSetup.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{EE2C36EE-82C6-4FDC-ADDA-E995E621613D}] => (Allow) C:\Users\User\Downloads\DiscordSetup.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{DCE9D003-2ABF-4FDF-8DC3-3200E15633F2}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{D87D36C5-EC9C-4D5C-B77C-74A50AE5A730}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{6A562E3F-B822-41E9-B79E-49A7650ED4A0}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{8EAE1891-F1BC-4FFB-BCF9-A997497BA439}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{81E0D436-E1BB-470D-A74E-3B486472908E}] => (Allow) D:\steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{DEAD566A-AC27-41EC-B631-5E80C84FC963}] => (Allow) D:\steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{C65D7A1D-AEAE-41AB-A664-3CA71E6495DD}] => (Allow) D:\steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{983B4EFD-21D7-412C-A259-B8BEEF5640DA}] => (Allow) D:\steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{A4FDEE47-AB89-4D89-8BFC-11A51A8AE071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B86DD47B-1C82-488F-90D4-C7D1920E60BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B952DC1-CBF1-4EB8-A15C-AB28971D531B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC52C5EB-6C84-4C33-A618-20EEC2C41099}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC22F263-0949-4A10-9078-E69F95FB356C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6ADDF291-66E7-4204-8EC6-15E9B3B2C341}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BDA53FED-24F0-45E6-B632-DF84791CB995}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{5FA3D9A2-52C5-4A09-9C8C-E16540C21E43}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{EBA3E1AD-F0DA-4CF9-B14C-965DABCA6040}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{A91F2F49-B13C-4336-98E1-1AAC0D7F94F3}] => (Allow) C:\Users\User\AppData\Local\Chromium\Application\chrome.exe No File
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled (Total:103.91 GB) (Free:44.46 GB) (43%)
 
==================== Faulty Device Manager Devices ============
 
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (01/31/2020 02:09:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4396,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (01/31/2020 01:53:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (01/31/2020 01:53:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (01/31/2020 01:44:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (01/31/2020 01:44:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (01/31/2020 01:29:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5240,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (01/31/2020 01:21:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2744,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (01/31/2020 12:53:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1772,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
 
System errors:
=============
Error: (01/31/2020 01:54:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Услуга AvastWscReporter не може да бъде стартирана поради следната грешка: 
The system cannot find the file specified.
 
Error: (01/31/2020 01:53:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга NVIDIA Display Container LS беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата.
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга NVIDIA LocalSystem Container беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата.
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Hi-Rez Studios Authenticate and Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга LogMeIn Hamachi Tunneling Engine беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Wacom Professional Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Adobe Acrobat Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга PnkBstrB беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
 
 
Windows Defender:
===================================
Date: 2020-01-31 12:39:51.575
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {86CCFFB5-DC66-4247-B60D-3BA77C00022A}
Scan Type: Antimalware
Scan Parameters: Full Scan
 
Date: 2020-01-31 11:16:36.492
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\PROGRA~3\{51B76~1\tarodid.exe
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
 
Date: 2020-01-31 11:16:34.233
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_c:\programdata\{51b76d8b-799f-15f3-21c7-3ddbc92fe503}\tarodid.exe; process:_pid:7260,ProcessStart:132249356434283126
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
 
Date: 2020-01-31 11:14:23.156
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\PROGRA~3\{51B76~1\tarodid.exe
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
 
Date: 2020-01-31 11:14:10.925
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_c:\programdata\{51b76d8b-799f-15f3-21c7-3ddbc92fe503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
 
Date: 2020-01-31 11:54:33.032
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: Програмата не успя да открие злонамерен и друг потенциално нежелан софтуер на устройството. 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-01-31 11:42:54.307
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-01-22 17:16:06.544
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.307.2803.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee2
Error description: The operation timed out 
 
CodeIntegrity:
===================================
 
Date: 2020-01-31 11:43:03.265
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.251
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.234
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.220
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.207
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.190
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.168
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.155
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. P1.20 10/14/2013
Motherboard: ASRock FM2A55M-HD+
Processor: AMD A8-6600K APU with Radeon™ HD Graphics 
Percentage of memory in use: 47%
Total physical RAM: 8118.7 MB
Available physical RAM: 4224.42 MB
Total Virtual: 12214.7 MB
Available Virtual: 6717.14 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:103.91 GB) (Free:44.46 GB) NTFS
Drive d: () (Fixed) (Total:413.5 GB) (Free:230.37 GB) NTFS
Drive e: () (Fixed) (Total:413.5 GB) (Free:407.39 GB) NTFS
 
\\?\Volume{b9268b8f-cdf0-4441-8cbe-ed5ddde2761a}\ (Възстановяване) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{c1a9056b-b388-44b5-8dff-7b7a58982c78}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 21F41539)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2020
Ran by User (administrator) on DESKTOP-3PN82DU (31-01-2020 14:19:47)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User & sasuk)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Български (България)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hi-Rez Studios) [File not signed] D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SOMICC71BSound] => C:\Program Files\SOMIC 7.1 GAMING HEADSET\CPL\Somic Audio Center_x64.exe [2369024 2016-01-28] () [File not signed]
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1786808 2018-03-14] (LG Electronics Inc. -> TODO: <Company name>)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Steam] => D:\steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Gaijin.Net Updater] => C:\Users\User\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-12-12] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\MountPoints2: {c83ea583-c92d-11e8-9702-bc5ff4ee6426} - "F:\HiSuiteDownLoader.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0059A6B4-860C-459A-94BF-FAC996FDADF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0A5E8CB4-DE4D-4EA5-B040-1E3C57899507} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {337ED8ED-722C-4D4A-961C-5A7E76ACD5DD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36193340-C1EE-4464-A38D-512ABF4D8540} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {36F48C80-857A-4CDE-9C14-C9B634A99F2F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {36FCFF99-CFB8-4D34-9441-02CEA9A5743B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {53571172-5480-47C7-9337-6CA3AC2F5623} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-14] (Google Inc -> Google LLC)
Task: {57685181-E605-4E58-B247-190B8D1AEFA9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58E18D72-4A02-4F49-A860-DE54CBF38A57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C331D4E-A639-4796-B269-C6D30BA5FD87} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6F1B0E78-2F27-4B51-AE95-796460E39FC5} - System32\Tasks\Hetubu\{2AEDAAF0-7C98-E5A3-83E7-17006976522E} => C:\Users\User\AppData\Roaming\Megobabeto\Hetubu.exe [0 2013-04-23] ()
Task: {6F4F8E8A-711A-4D9C-BBB6-6516003629AB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7625FCDB-D405-4180-BAA8-CE132092CED4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {874D5BA2-DBD4-4D1C-B2C8-8EE6B8C5C425} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E55FE94-543A-4B5E-A66D-A225B77711EE} - System32\Tasks\update-S-1-5-21-1270643484-4035232020-1271303665-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {9871B34A-5AD6-4AF0-A58C-A4FC3CD50A76} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2498880-35B3-45A5-B7EE-01C5BBCCE2ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC78466C-B2EF-4CB9-B4F1-449062712D12} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2FDDB7C-054D-429C-AB67-8A5F6B696DBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-14] (Google Inc -> Google LLC)
Task: {B4A5905B-FD21-4352-AA5A-E0D5BC5631E3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CDC45FD2-4341-4265-9510-7A885A9FEF6F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E464706E-667E-48E4-B0A7-AACBCC81FCD7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E775FB88-6842-4DB6-A760-5D60F86E7BEE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {EBB6041D-18F2-4DD2-ABB0-962E5557D549} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC51E498-D4BA-4EC7-9461-960374574E00} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1270643484-4035232020-1271303665-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 88.87.0.2 88.87.10.2
Tcpip\..\Interfaces\{2dee4765-6d13-42f5-972a-0641487b9df0}: [DhcpNameServer] 88.87.0.2 88.87.10.2
 
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge Notifications: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001 -> hxxps://www.facebook.com
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2020-01-31]
CHR DownloadDir: C:\Users\User\Desktop
CHR Notifications: Default -> hxxps://gamehag.com
CHR HomePage: Default -> hxxps://www.google.bg/?gfe_rd=cr&ei=hFXfVdGhCrOz8wf_1IeoDg&gws_rd=ssl
CHR StartupUrls: Default -> "hxxps://www.google.bg/"
CHR DefaultSearchURL: Default -> hxxp://chromedhnewtab.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> chromedhnewtab
CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-19]
CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-19]
CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-19]
CHR Extension: (Blue Nebula - Full HD - Axlg) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpbfcgopniakghhkjcnnmpfdemapblij [2018-09-19]
CHR Extension: (Adblock Plus — безплатен блокер на реклами) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
CHR Extension: (chromedhnewtab) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjknaplhnlobleklkoloacadcobmiccl [2018-09-19]
CHR Extension: (Тъмна тема за Facebook и други уебсайтове) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfobiagdiioemjmpdecklcjaplpljdo [2019-10-26]
CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-14]
CHR Extension: (Grammarly for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-01-30]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-01]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-07]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-15]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-09-10] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-12-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PAExec; C:\Windows\PAExec.exe [189112 2018-09-19] (Power Admin LLC -> Power Admin LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2019-11-27] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [215128 2019-12-07] (Even Balance, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\NisSrv.exe [3284840 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MsMpEng.exe [103168 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2156368 2019-08-02] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 C_71_B; C:\WINDOWS\System32\drivers\C_71_B.sys [3795608 2016-01-28] (WDKTestCert chou,130795027549068093 -> C-MEDIA Inc.)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\nvlddmkm.sys [23251968 2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [131736 2019-06-14] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-01-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-01-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-01-28] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-01-31 14:18 - 2020-01-31 14:19 - 000072690 _____ C:\Users\User\Desktop\Addition.txt
2020-01-31 14:16 - 2020-01-31 14:20 - 000027315 _____ C:\Users\User\Desktop\FRST.txt
2020-01-31 14:15 - 2020-01-31 14:20 - 000000000 ____D C:\FRST
2020-01-31 14:14 - 2020-01-31 14:14 - 002581504 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2020-01-31 13:54 - 2020-01-31 13:54 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-31 13:54 - 2020-01-31 13:54 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-01-31 13:42 - 2020-01-31 13:43 - 000000000 ____D C:\AdwCleaner
2020-01-31 13:31 - 2020-01-31 13:31 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-31 13:31 - 2020-01-31 13:31 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\mbamtray
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\mbam
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\cache
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-31 13:30 - 2020-01-31 13:30 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-01-31 13:30 - 2020-01-31 13:30 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-01-31 13:30 - 2020-01-31 13:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-31 13:29 - 2020-01-31 13:29 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-31 13:28 - 2020-01-31 13:34 - 002307368 _____ C:\Users\User\Desktop\Rkill.txt
2020-01-31 13:27 - 2020-01-31 13:28 - 008356016 _____ (Malwarebytes) C:\Users\User\Downloads\adwcleaner_8.0.2.exe
2020-01-31 13:27 - 2020-01-31 13:27 - 001883976 _____ (Malwarebytes) C:\Users\User\Downloads\malwarebytes_4.0.exe
2020-01-31 13:27 - 2020-01-31 13:27 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\User\Downloads\rkill_2.9.1.0.exe
2020-01-31 13:16 - 2020-01-31 13:16 - 000000000 ____D C:\Users\User\AppData\Roaming\Google
2020-01-31 12:47 - 2020-01-31 12:47 - 000000629 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-01-31 12:47 - 2020-01-31 12:47 - 000000629 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-01-31 12:47 - 2020-01-31 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-01-31 12:46 - 2020-01-31 12:46 - 007432520 _____ (VS Revo Group ) C:\Users\User\Downloads\revosetup.exe
2020-01-31 11:54 - 2020-01-31 11:54 - 000000000 ____D C:\ProgramData\ByteFence
2020-01-31 11:45 - 2020-01-31 11:45 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-01-31 11:16 - 2020-01-31 11:16 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-31 11:16 - 2020-01-31 11:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-31 11:15 - 2020-01-31 11:49 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2020-01-31 11:14 - 2020-01-31 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hetubu
2020-01-31 11:14 - 2020-01-31 11:14 - 000000000 ____D C:\Users\User\AppData\Roaming\Megobabeto
2020-01-31 11:13 - 2020-01-31 11:50 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-31 11:13 - 2020-01-31 11:15 - 000000000 ____D C:\ProgramData\bciff
2020-01-31 11:13 - 2020-01-31 11:14 - 000000000 ____D C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}
2020-01-31 11:13 - 2020-01-31 11:13 - 000001362 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2020-01-31 11:13 - 2020-01-31 11:13 - 000000000 ____D C:\Program Files\AVAST Software
2020-01-30 17:21 - 2020-01-30 17:21 - 000000000 ____D C:\Users\User\AppData\LocalLow\Riot Games
2020-01-30 17:20 - 2020-01-30 17:20 - 000001599 _____ C:\Users\User\Desktop\Legends of Runeterra.lnk
2020-01-30 17:20 - 2020-01-30 17:20 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-01-30 17:19 - 2020-01-30 17:19 - 068510896 _____ (Riot Games, Inc.) C:\Users\User\Downloads\Legends_Of_Runeterra_Installer.exe
2020-01-30 15:51 - 2020-01-30 15:54 - 000000000 ____D C:\Users\User\AppData\Roaming\.tlauncher
2020-01-30 15:51 - 2020-01-30 15:51 - 015370064 _____ (TLauncher Inc.) C:\Users\User\Downloads\TLauncher-2.68-Installer-0.5.2.exe
2020-01-30 15:51 - 2020-01-30 15:51 - 000001932 _____ C:\Users\User\Desktop\TLauncher.lnk
2020-01-29 17:20 - 2020-01-29 17:20 - 000000039 _____ C:\Users\User\AppData\Local\kritadisplayrc
2020-01-29 17:13 - 2020-01-29 17:13 - 003339582 _____ C:\Users\User\Desktop\game_cards.tif
2020-01-29 16:39 - 2020-01-29 16:39 - 007734230 _____ C:\Users\User\Desktop\game_money.tif
2020-01-28 21:04 - 2020-01-28 21:04 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-01-27 15:46 - 2020-01-27 15:46 - 000149090 _____ C:\Users\User\Downloads\igralno pole.tif
2020-01-27 15:42 - 2020-01-28 19:53 - 000781968 _____ C:\Users\User\Desktop\igralno pole.tif
2020-01-24 20:32 - 2020-01-25 13:36 - 000000000 ____D C:\Users\User\Creative Cloud Files
2020-01-24 17:11 - 2020-01-24 17:11 - 000000265 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
2020-01-24 15:56 - 2020-01-24 15:56 - 000000000 ____D C:\Users\User\AppData\Local\4kdownload.com
2020-01-24 15:55 - 2020-01-24 17:11 - 000000265 _____ C:\Users\User\Desktop\4K Video Downloader.lnk
2020-01-24 14:39 - 2020-01-24 14:40 - 085446656 _____ C:\Users\User\Downloads\4kvideodownloader_4.11.1_x64.msi
2020-01-23 22:54 - 2020-01-29 22:03 - 000000000 ____D C:\Users\User\Desktop\memes za klipove
2020-01-23 00:54 - 2020-01-30 03:42 - 000014333 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-01-22 14:32 - 2020-01-22 14:32 - 000011094 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-01-20 00:35 - 2020-01-20 00:47 - 000463438 _____ C:\Users\User\Desktop\Бисер Вангелов №2 12а.pptx
2020-01-18 15:03 - 2020-01-18 15:03 - 000391285 _____ C:\Users\User\Documents\Успоредни равнини_12а_7.pptx
2020-01-15 19:57 - 2020-01-29 17:21 - 000002232 _____ C:\Users\User\Desktop\Discord.lnk
2020-01-15 19:56 - 2020-01-15 19:57 - 000000000 ____D C:\Users\User\AppData\Local\Discord
2020-01-15 16:12 - 2020-01-15 16:12 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 16:11 - 2020-01-15 16:12 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 15:53 - 2020-01-15 15:53 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 15:53 - 2020-01-15 15:53 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 00:23 - 2020-01-28 01:45 - 000014651 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-01-13 23:21 - 2020-01-27 01:10 - 000012500 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-01-13 01:45 - 2020-01-22 00:56 - 000010692 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-01-12 11:35 - 2020-01-12 12:59 - 000000494 _____ C:\Users\User\Desktop\config.txt
2020-01-12 02:37 - 2020-01-26 02:39 - 000014211 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-01-12 00:26 - 2019-12-28 05:14 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001079200 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 001079200 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000450176 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000354520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 011843088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 010169208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 000678264 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 000544976 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 017462352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 015029504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 005383184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 004718512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 002076080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001570168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001485688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001371512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001145280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001064368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001001816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000824064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000813984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000685256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000573784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-01-12 00:26 - 2019-12-28 05:12 - 000558080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000451320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-01-12 00:26 - 2019-12-28 05:11 - 040510200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-01-12 00:26 - 2019-12-28 05:11 - 035380240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-01-12 00:26 - 2019-12-28 05:11 - 000858032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-01-12 00:26 - 2019-12-24 14:03 - 000076477 _____ C:\WINDOWS\system32\nvinfo.pb
2020-01-12 00:07 - 2020-01-12 00:07 - 000000000 ____D C:\Users\User\AppData\Roaming\Valve Corporation
2020-01-11 14:31 - 2020-01-25 08:46 - 000014376 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-01-11 14:22 - 2020-01-31 13:53 - 000012229 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-01-10 15:18 - 2020-01-10 23:00 - 000013948 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1
2020-01-10 01:08 - 2020-01-10 15:18 - 000014334 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
2020-01-08 19:02 - 2020-01-09 17:37 - 002862884 _____ C:\Users\User\Desktop\igr.tif
2020-01-08 15:13 - 2020-01-09 00:51 - 000012615 _____ C:\ProgramData\DisplaySessionContainer21.log_backup1
2020-01-07 01:00 - 2020-01-07 23:13 - 000013615 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2020-01-03 13:00 - 2020-01-03 13:01 - 000000000 ____D C:\Users\User\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000001151 _____ C:\Users\User\Desktop\Adobe Premiere Pro 2019.lnk
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\Users\Public\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\ProgramData\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-01-03 11:57 - 2020-01-03 12:02 - 000000000 ____D C:\Program Files\Adobe
2020-01-03 11:57 - 2020-01-03 11:57 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2020-01-03 11:57 - 2020-01-03 11:57 - 000000000 ____D C:\ProgramData\Documents\AdobeInstalledCodecs
2020-01-03 11:46 - 2020-01-03 11:47 - 000080969 _____ C:\Users\User\Downloads\Adobe Premiere Pro CC 2019 v13.1.4 Build 2.torrent
2020-01-03 11:45 - 2020-01-03 11:45 - 002076286 _____ C:\Users\User\Downloads\arriraw_p1_win_092712.zip
2020-01-03 01:40 - 2020-01-04 03:09 - 000013938 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-01-02 10:09 - 2020-01-03 01:40 - 000012479 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-01-01 10:14 - 2020-01-02 01:12 - 000012262 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-01-01 00:48 - 2020-01-01 10:14 - 000012811 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-01-31 14:15 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-31 14:03 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-31 14:02 - 2018-09-19 11:53 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-31 13:55 - 2019-09-13 15:05 - 000000000 ____D C:\Users\User\AppData\Roaming\WTablet
2020-01-31 13:55 - 2018-09-19 18:17 - 000000152 _____ C:\Users\Public\Documents\OSCFile.txt
2020-01-31 13:55 - 2018-09-19 18:17 - 000000152 _____ C:\ProgramData\Documents\OSCFile.txt
2020-01-31 13:54 - 2019-09-27 01:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-31 13:53 - 2019-12-30 17:48 - 000018900 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-01-31 13:53 - 2019-12-30 17:48 - 000008676 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-01-31 13:53 - 2019-12-30 17:48 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-01-31 13:53 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-31 13:41 - 2019-09-27 00:56 - 000000000 ____D C:\Users\sasuk
2020-01-31 13:30 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-31 13:02 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-31 12:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-31 11:54 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-31 11:53 - 2018-09-19 11:52 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2020-01-31 11:52 - 2018-09-19 11:49 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2020-01-31 11:05 - 2019-09-27 00:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-31 10:21 - 2019-09-27 01:12 - 000004206 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F9A8A5B0-A0EE-4809-9ABB-B9C56B369613}
2020-01-31 02:24 - 2019-12-30 17:48 - 000014142 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-01-30 17:21 - 2019-10-09 20:13 - 000000000 ____D C:\Users\User\AppData\Local\Riot Games
2020-01-30 17:20 - 2018-09-19 21:02 - 000001671 _____ C:\Users\Public\Desktop\League of Legends.lnk
2020-01-30 17:20 - 2018-09-19 21:02 - 000001671 _____ C:\ProgramData\Desktop\League of Legends.lnk
2020-01-30 15:56 - 2019-05-15 19:07 - 000000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2020-01-30 11:29 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Roaming\discord
2020-01-30 11:02 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-29 17:21 - 2019-11-16 12:29 - 000002440 _____ C:\Users\User\Desktop\Legacy of Discord.lnk
2020-01-29 17:21 - 2019-11-16 12:29 - 000002136 _____ C:\Users\User\Desktop\GTarcade.lnk
2020-01-29 17:21 - 2019-09-13 15:02 - 000002070 _____ C:\Users\User\Desktop\Wacom Desktop Center.lnk
2020-01-29 17:21 - 2019-09-13 15:02 - 000001969 _____ C:\Users\User\Desktop\Wacom Tablet Properties.lnk
2020-01-29 17:21 - 2019-09-08 14:18 - 000001014 _____ C:\Users\User\Desktop\osu!.lnk
2020-01-29 17:21 - 2018-12-05 18:52 - 000002160 _____ C:\Users\User\Desktop\Somic Audio Center.lnk
2020-01-28 20:54 - 2018-09-19 11:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-01-24 22:43 - 2018-09-19 19:56 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2020-01-24 17:09 - 2018-09-24 19:10 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2020-01-22 11:33 - 2018-10-12 12:48 - 000000000 ____D C:\Users\sasuk\AppData\Local\CrashDumps
2020-01-22 11:05 - 2019-09-14 14:56 - 000000000 ____D C:\Users\sasuk\AppData\Roaming\WTablet
2020-01-22 00:53 - 2019-06-14 13:31 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-22 00:53 - 2019-06-14 13:31 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-22 00:53 - 2019-06-14 13:31 - 000002258 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-20 20:02 - 2019-09-27 01:12 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1270643484-4035232020-1271303665-1002
2020-01-20 20:02 - 2019-09-27 00:56 - 000002395 _____ C:\Users\sasuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-20 20:02 - 2018-10-12 12:48 - 000000000 ___RD C:\Users\sasuk\OneDrive
2020-01-19 19:38 - 2019-09-27 01:12 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1270643484-4035232020-1271303665-1001
2020-01-19 19:38 - 2019-09-27 00:56 - 000002392 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 19:38 - 2018-09-19 11:54 - 000000000 ___RD C:\Users\User\OneDrive
2020-01-16 16:28 - 2019-10-02 16:35 - 000000000 ____D C:\Users\User\Desktop\drawing [bleep]
2020-01-16 15:45 - 2018-09-19 20:48 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA
2020-01-16 15:42 - 2019-09-27 00:49 - 000447040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 19:57 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-01-15 19:57 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Local\SquirrelTemp
2020-01-15 16:21 - 2018-09-19 12:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 16:16 - 2018-09-19 11:59 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 16:26 - 2019-11-16 12:28 - 000000000 ____D C:\Users\User\AppData\Local\Gtarcade
2020-01-14 16:20 - 2019-08-05 17:21 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout
2020-01-12 00:28 - 2018-09-19 11:52 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-10 15:37 - 2018-10-12 12:41 - 000000000 ____D C:\Users\sasuk\AppData\Local\Packages
2020-01-08 18:55 - 2019-09-13 15:57 - 000017922 _____ C:\Users\User\AppData\Local\kritarc
2020-01-06 23:35 - 2018-09-19 20:48 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA Corporation
2020-01-03 13:01 - 2018-09-19 11:49 - 000000000 ____D C:\Users\User\AppData\Roaming\Adobe
2020-01-03 12:06 - 2019-04-19 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-01-03 11:57 - 2018-09-19 20:38 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-03 11:57 - 2018-09-19 12:27 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-01-03 11:55 - 2018-09-19 12:26 - 000000000 ____D C:\ProgramData\Adobe
2020-01-03 11:55 - 2018-09-19 12:25 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2020-01-03 11:54 - 2018-09-19 12:28 - 000000000 ____D C:\Users\User\AppData\LocalLow\Adobe
2020-01-01 16:00 - 2019-09-23 13:42 - 000000000 ____D C:\Users\User\AppData\Roaming\RenPy
2020-01-01 00:48 - 2019-12-31 02:32 - 000012612 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
 
==================== Files in the root of some directories ========
 
2018-09-19 20:48 - 2018-09-19 20:48 - 052531200 _____ () C:\Program Files (x86)\GUTF082.tmp
2019-11-25 17:00 - 2019-11-25 17:00 - 000000385 _____ () C:\Users\User\AppData\Local\karboncalligraphyrc
2019-09-13 15:56 - 2020-01-29 17:20 - 000103244 _____ () C:\Users\User\AppData\Local\krita.log
2020-01-29 17:20 - 2020-01-29 17:20 - 000000039 _____ () C:\Users\User\AppData\Local\kritadisplayrc
2019-09-13 15:57 - 2020-01-08 18:55 - 000017922 _____ () C:\Users\User\AppData\Local\kritarc
2018-09-19 19:19 - 2018-09-19 19:19 - 000000003 _____ () C:\Users\User\AppData\Local\updater.log
2018-09-19 19:19 - 2018-09-19 19:19 - 000000425 _____ () C:\Users\User\AppData\Local\UserProducts.xml
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2020
Ran by User (31-01-2020 14:21:04)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1903 18362.592 (X64) (2019-09-26 23:13:31)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1270643484-4035232020-1271303665-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1270643484-4035232020-1271303665-503 - Limited - Disabled)
Guest (S-1-5-21-1270643484-4035232020-1271303665-501 - Limited - Disabled)
sasuk (S-1-5-21-1270643484-4035232020-1271303665-1002 - Limited - Enabled) => C:\Users\sasuk
User (S-1-5-21-1270643484-4035232020-1271303665-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-1270643484-4035232020-1271303665-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 4.11 (HKLM\...\{95BBB00C-272E-45A4-A965-6DEFE2F979B6}) (Version: 4.11.1.3390 - Open Media LLC)
60 Seconds Rocket Science (HKLM-x32\...\60 Seconds Rocket Science_is1) (Version:  - )
7.1 SOUND EFFECT GAMING HEADSET (HKLM-x32\...\{D8D9AEBE-1712-4A4A-BC70-4CD9C82D108B}) (Version: 1.01 - Somic,Inc)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_4) (Version: 13.1.4 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Autodesk SketchBook (HKLM\...\{AE6C5657-D663-4968-BEB5-1E2ED89CB2D2}) (Version: 8.60.0000 - Autodesk)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.63.1070 - AB Team, d.o.o.)
Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
Crossout Launcher 1.0.3.106 (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\CrossOutLauncher_is1) (Version:  - )
Discord (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Frostpunk v.1.3.0 (HKLM-x32\...\Frostpunk_is1) (Version:  - )
GameRanger (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GTarcade (HKU-x32\S-1-5-21-1270643484-4035232020-1271303665-1001\...\gtarcade) (Version: 2.1.0 - YOOZOO Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitFilm Express (HKLM\...\{30792CB5-3EBA-483C-98E3-BF08A3CC6B83}) (Version: 12.3.8815.07201 - FXHOME)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Krita (x64) 4.2.6 (HKLM\...\Krita_x64) (Version: 4.2.6.0 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Legends of Runeterra (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Riot Game bacon.live) (Version:  - Riot Games, Inc)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
LS-USBMX1/2/3 Steering Wheel W/Vibration (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM-x32\...\Need for Speed Underground 2) (Version:  - )
Neighbours From [bleep] (HKLM-x32\...\1207663903_is1) (Version: 1.00 - GOG.com)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 2.95 - LG Electronics Inc)
osu! (HKLM-x32\...\{8c511a3c-c368-40e6-8a64-8642766d108b}) (Version: latest - ppy Pty Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Skype, версия 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version:  - )
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-012B-0402-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.36-1 - Wacom Technology Corp.)
WinRAR 5.31 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
 
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-30] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Време -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-12-30] (NVIDIA Corp.)
Torrex Lite - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexLite-TorrentDownloader_1.3.97.0_x64__b6e429xa66pga [2019-06-21] (Finebits OÜ) [MS Ad] [Startup Task]
Добавка за „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-05] (Microsoft Corporation)
Добавка за приложението за мултимедийни файлове „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-23] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\nvshext.dll [2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\User\Desktop\Frostpunk - Пряк път.lnk -> D:\Frostpunk\Frostpunk.exe (11 bit studios S.A.) <==== Cyrillic
Shortcut: C:\Users\User\Desktop\Steam - Пряк път.lnk -> D:\steam\Steam.exe (Valve Corporation) <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Какво е новото в последната версия.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Помощен файл на WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ръководство за конзолната версия на RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive за бизнеса.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\grv_icons.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype за бизнеса 2016.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\lyncicon.exe () <==== Cyrillic
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\SendTo\Получател на факса.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo <==== Cyrillic
 
==================== Loaded Modules (Whitelisted) =============
 
2014-02-11 05:08 - 2014-02-11 05:08 - 000817152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2018-09-19 19:19 - 2017-05-23 13:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-09-19 19:19 - 2017-05-23 13:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482]
AlternateDataStreams: C:\Users\User\AppData\Local\Temp:$DATA​ [16]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-04-12 01:38 - 2020-01-31 12:37 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\body_of_water_planet_horizon_92570_1920x1080.jpg
DNS Servers: 88.87.0.2 - 88.87.10.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\startupreg: EpicGamesLauncher => E:\nz\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
HKLM\...\StartupApproved\Run: => "SOMICC71BSound"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_EA977365BF5B2185FA52414E130E9AF9"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Chromium"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{7D508BF2-B968-4D38-879A-15B6F811A73F}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{45A6A043-BDB6-4054-BA29-2C479D1B9E38}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{1011CF12-0A9A-4CBE-B3D8-AB674E596EE2}D:\liga\instalaciq\game\league of legends.exe] => (Allow) D:\liga\instalaciq\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{F251D6F0-D57E-4D93-8271-F16FAA71B86B}D:\liga\instalaciq\game\league of legends.exe] => (Allow) D:\liga\instalaciq\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{5CCD9118-386E-43C5-8FE9-334C388D2134}C:\program files (x86)\arenaplay\arenaplay.exe] => (Allow) C:\program files (x86)\arenaplay\arenaplay.exe No File
FirewallRules: [TCP Query User{29865C54-42C0-4223-BCDD-E547BB2D49C3}C:\program files (x86)\arenaplay\arenaplay.exe] => (Allow) C:\program files (x86)\arenaplay\arenaplay.exe No File
FirewallRules: [UDP Query User{927795C9-1E7A-442E-B973-7C7110491ED6}D:\arenaplay\arenaplay.exe] => (Allow) D:\arenaplay\arenaplay.exe No File
FirewallRules: [TCP Query User{C38DF958-819F-4320-BC2A-E9F5D77B2DAC}D:\arenaplay\arenaplay.exe] => (Allow) D:\arenaplay\arenaplay.exe No File
FirewallRules: [{23B4CF72-4620-4285-AA01-60F2A17D28EC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A93E9845-83D9-49B7-8681-68F342E328E4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{879298AA-EE83-4CF8-B069-0945E49E575B}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{BEC13AB3-9870-41D4-8E37-AADEF9F9250D}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{086499CA-7418-49DE-B0BF-4ADCE8624893}C:\users\user\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\user\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [TCP Query User{5ED827FC-ADC1-4385-A205-92D7C4294270}C:\users\user\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\user\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{839E39CA-5F9D-4195-A6BC-B3DA7ECD2F92}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [TCP Query User{18B92560-ACE1-45D1-9221-D452B36F0F11}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [UDP Query User{FAC03D3C-55BC-4A8F-86D9-3DBB13D2433E}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [TCP Query User{C9EAECB1-7EBF-4DB6-9DDB-E7E97AE7FF72}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [UDP Query User{30E14C1B-AD18-47FE-A7AE-B3D7C389EE7E}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [TCP Query User{4AC1579F-FB86-4352-BC6E-1B39D16861D2}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [UDP Query User{08343F70-5E64-4042-BA7D-8CD9C2CFAE2F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{81CCB718-BACA-4007-B543-E5C6565BC070}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3D418353-805F-4C49-BCED-13766D9EAF5D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FDF05657-89C3-46EB-88F1-5C37D58802C3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B000AC22-EAC7-4524-AAF8-4D488695604E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{DA373BD4-9582-42BA-BD19-8DD91C5CB16E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A85CE694-7596-47FF-9A03-4039D797BF4B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{8C2329C4-38AB-46DE-BDF8-BB10074778ED}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{33466FD7-EC63-4653-B007-8DEA1BA4C490}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{7EE6F79D-CC36-4CB1-8963-66B4390937D5}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{EFC4C668-DF8F-4160-B2D9-34B53994A0B0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{E06B1C1C-6A29-424D-AF9F-155E40BE00F3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0A208126-7FFE-4015-ABBD-FAA14809BE28}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CEE3AE22-AA12-4358-8C5D-FFA8AFDBA88D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BDA847DB-7ECA-4DBA-B1DC-FA5959D2B8AA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{423249E7-B4A8-4129-ABF1-BF56D2840EBE}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{492A9893-970B-4496-BA2B-B8EBB2E10BAA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FBFCE1D4-32D9-4728-9BA8-65A5F01E668E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0D6B33BF-12BF-411E-A60C-83C81C661297}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{8041240E-CC47-4FA3-866D-8333A28BB3C6}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{137D374A-A400-4935-91A1-4C5FCC7C8C5B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4A64EEBF-DB3D-4945-9162-47B593959592}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{87FD80F5-1E74-4B4F-AF12-E00FBC2AD918}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BA90702F-59A9-4530-BCA3-9F23DB87D437}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E88FE424-D2E0-4492-A4BE-105500656DE2}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{C623CA49-FBED-4A96-A224-1850D47791D1}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3B2290D4-06B8-43EF-BA7A-583FECDDE1FD}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{931C85C2-9019-4F45-BB03-B945AAA0B7B2}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{05F111A4-A095-4F99-9CAB-5A8C8E3B43A1}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{75569D7D-4104-49AC-B83D-38D24B80485D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A270EF1F-4D0A-4AEA-AAC2-D730B6362C97}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FEB5E3D8-7EFA-4538-8194-1569C406CDA2}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{39612A48-F43C-41C2-B6EF-2F5BBF7D5860}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{2C11AF77-0234-4D9A-B83C-2396DD1B5426}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{61588D37-B684-44EA-80E3-C1E604CD29B0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F4376C25-BDB2-41B8-B784-62FBE936A3C9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{EE2874AE-2139-4FFB-BD5F-FDDF8FDE7F4D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{757C3AA9-7252-4BBC-9797-D40C93FEB413}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E4953609-8BBF-4C63-9F2C-E439DC1F1BFE}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1E798995-2D3A-4B6A-AFEE-98C10CA53BA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E81E1A9D-A845-4514-810E-487B729A85B1}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{C85E8184-7058-47E2-9006-D80F0EA3BFAD}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{5CF86962-76F8-476C-B3F5-10BFD40E5A44}D:\need for speed underground 2\speed2.exe] => (Allow) D:\need for speed underground 2\speed2.exe () [File not signed]
FirewallRules: [TCP Query User{718EC2B9-A00C-4950-8559-6130C144ABA6}D:\need for speed underground 2\speed2.exe] => (Allow) D:\need for speed underground 2\speed2.exe () [File not signed]
FirewallRules: [UDP Query User{91B7FC73-75C3-410A-AEB3-E04A0047DAA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A315A9D9-C2A2-4411-B881-97DA2CE34666}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{295F775B-8010-4A72-9BBF-5E7BD387B98F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CA7323C8-43D1-4215-ABDA-0CA61BBB6433}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [{B0AB3C38-28A2-4336-8835-62F4E20D0B0C}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{B430E698-3D99-402D-9BCD-CE9C4CD79249}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [UDP Query User{6E876B67-2678-4030-A018-0D6D97C7503B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{5F30D37D-C178-4E1C-9637-1B88C13EB473}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{94CEF22B-4D03-4A74-BD21-64D3B7180C8C}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Block) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{AAF34754-F9EC-4287-923E-EC2628678D6A}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Block) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{38685334-929B-477E-9F3A-B4E2E338872C}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CB0123F1-22BA-4F73-9A0B-11AEA4A67AA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{4AFD0456-A808-42E4-BFD5-F4E9563BC7FB}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{E0B7B7C4-9F0A-4DAE-9EE9-45F9CBCCC965}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{1C50329F-3924-404B-AB81-606A16B79A98}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{22517FFB-A2F0-4190-BF55-4F320FDF2CA0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe No File
FirewallRules: [{00DAEA2B-0B46-4404-92E3-AE771A238988}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C59BD872-D204-4DA2-870C-37FEA68FF6C4}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{99C8D147-DBD6-4ACB-A195-E2D142CAA56F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{03E1BF6F-A10A-4636-A59D-27F98A578E5B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A2DBA4D2-2D88-43D3-8018-73484DC4AD41}D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe] => (Block) D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe () [File not signed]
FirewallRules: [TCP Query User{93EB00E6-F18B-45F5-8B51-D409D0EC6F75}D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe] => (Block) D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe () [File not signed]
FirewallRules: [UDP Query User{5D351F29-A383-4F45-BFF4-41D31597E9CA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9FA57325-2B31-4716-B2EE-FD8ACF34631F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BAC46739-3020-4BEF-BA34-0442469B5664}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1CBB62B5-D868-4D79-9123-8A108B08D64E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{93F37543-874B-4C13-A8F7-5DFC567DEDF3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FEC3585B-9559-4956-9858-AFAC5CF4DD07}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [{F73A2EE0-27FC-4DC6-840D-826D90822A6F}] => (Allow) D:\steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{620C3D8B-C433-4BB6-87CF-44F0260A6B34}] => (Allow) D:\steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{3C895B85-5A12-4B2A-95C2-B9A819F25875}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A49DCD39-750A-4D6B-AAC1-E2BC2152C3DC}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{2529221B-1141-4188-AFF4-20AB58CD7EEF}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{090A28E9-955E-42F6-A536-B75ABBCB29E3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{CE780A28-717E-4A85-9530-741E9D2171BC}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{2C643B88-C936-45A9-B8CE-4674255A7F1F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{598D7C32-0C65-4655-A114-44BFB604E3E0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4A9ACF01-C9F3-4297-80FB-F1A9AD10E0F8}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1A2B8C39-BD5D-4FFD-B7E8-A7EC39EF0DB9}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{CC609483-79D0-4D81-A45A-43B0BA2247AD}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{AB20BE90-B0CB-40C3-9CE1-B2F1101366E9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{0056F67B-FBEC-492F-9324-D01B90BC8272}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [{982F1FDB-68F5-49FB-AA01-D04962809B94}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [{E3BDD875-0813-481E-A306-2DBE85768323}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{0FDFA0BE-0EC9-4F95-8553-1A356BF1D1E7}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{9750CA83-DB0A-49ED-9FB1-8DD49031A4D8}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{65FBB822-EA27-4EED-93AB-31BA54AADA1A}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{69F55623-19B9-4D8F-826E-1D18DDA728DE}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{E77B7E6B-3EB1-4BEA-968D-7FA79A986AAF}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [{CC6DBEC4-CDF3-4392-BD6A-446BCC4CB6A4}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{C3432862-03F6-4B7C-966B-F6936B0B0130}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{8EAAC9EC-973B-42B3-A79C-FC635F67FABA}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{E6C65447-FFC5-4C51-BB9E-5A7B4144EB5F}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{5F2EB398-6113-4A0C-AD76-9CDE5ECC42F0}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [UDP Query User{67569C8F-235A-483F-9D71-D19A7C616E71}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{77A09CE2-80DA-40B0-A954-7916E2013D3F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe No File
FirewallRules: [{C0078B59-7F7E-439B-890D-F96188FC5AB9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe No File
FirewallRules: [{D303666D-96EF-42C2-BB18-DD989DD16441}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [{BD95E4E4-8F87-4710-BB8F-04824CB66DC4}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [UDP Query User{8F24552F-DE12-456A-AC3D-ADC00BD8C520}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe No File
FirewallRules: [TCP Query User{414E6773-74FB-4D35-8730-0A75740A65AF}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe No File
FirewallRules: [UDP Query User{428AFC87-AC66-414C-98ED-D667057AE407}E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{6B8F2B6B-FFE0-4373-8E3E-0C0B0D053414}E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{5E2045E3-FD5E-4B24-9E9E-DBC42A00B664}E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{B97E58B2-F114-4EA9-864B-E232F94F18A3}E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [{AF8E07C2-25FD-4719-ACBC-E96C2899F26B}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{CB63E972-A11C-4348-A11B-F3C276ABDB2E}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{AE2D8CC4-4CC4-401B-9118-AB2AF9368877}] => (Allow) D:\steam\steamapps\common\Alan Wake\AlanWake.exe No File
FirewallRules: [{E9CBB2FB-62F4-42D9-9257-59AB69E5CC4C}] => (Allow) D:\steam\steamapps\common\Alan Wake\AlanWake.exe No File
FirewallRules: [{A4E129F2-86BD-463C-91AF-5DCA413E7498}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{30D6BE07-6F98-4985-A083-649E5E4A119D}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{DE481CEE-24CA-4C39-AA6A-0F1CDCC37A41}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1E10491D-065A-44E1-B70B-1684E390C344}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5A87209E-1714-47F6-BB64-5E9808924BEE}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A2652D3D-3240-4094-AE1A-BA3CE5AE91BB}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{316E5E4E-4D8B-4C87-884B-D07102C91EA6}] => (Allow) D:\Нова папка (2)\Steam.exe No File
FirewallRules: [{B9C6528E-584A-4F71-AF7D-AEED64C0B872}] => (Allow) D:\Нова папка (2)\Steam.exe No File
FirewallRules: [UDP Query User{81634972-DCF1-4219-A01F-F78DCC72E686}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F758194C-33B8-4C9D-9534-5451FC9B28F9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [{0B8503CF-B697-4C8C-AF39-176D9DC31448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66A6D1AD-AF64-4394-BAAE-D50C47777DC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B78D112F-F3A4-4751-BA28-62D47372E798}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{65A36A4D-0E66-4D40-8BC1-A043E7264525}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3B0DF89-DD96-400D-8484-3C92D7507A27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E7D14E42-1184-48BD-9DB9-400FABE305B0}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50B8CEEB-0199-4C68-B81C-B60A27DE3A08}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39A98F4B-D697-42D1-B92B-D0B3C3B7E665}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A43F5DAF-F364-4968-BB25-00BEC306D692}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B96BB8E1-D543-42C4-9B82-FD20AAD86B59}D:\games\the sims 4\game\bin\ts4.exe] => (Allow) D:\games\the sims 4\game\bin\ts4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{E8077BD5-F051-4C5A-9DA9-4EFFE005DE5D}D:\games\the sims 4\game\bin\ts4.exe] => (Allow) D:\games\the sims 4\game\bin\ts4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{0E57781D-F16A-42E8-A32B-28B67A1A1284}D:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{CAD72217-0032-4577-B7F4-935C8676217C}D:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{20965B95-C66C-4BFD-80EC-1B88C53E0697}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{46E6FDB2-21A2-4D5B-937F-997AE21EBF53}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{04EA8E8F-4EE0-4CA0-98A7-0C5BFAC60D7E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A5A05355-78C4-4D4B-8720-6A804D3C2A1D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{8DE81259-C457-4DDA-BE21-74E00A8D6658}] => (Allow) C:\Users\User\Downloads\DiscordSetup.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{EE2C36EE-82C6-4FDC-ADDA-E995E621613D}] => (Allow) C:\Users\User\Downloads\DiscordSetup.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{DCE9D003-2ABF-4FDF-8DC3-3200E15633F2}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{D87D36C5-EC9C-4D5C-B77C-74A50AE5A730}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{6A562E3F-B822-41E9-B79E-49A7650ED4A0}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{8EAE1891-F1BC-4FFB-BCF9-A997497BA439}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{81E0D436-E1BB-470D-A74E-3B486472908E}] => (Allow) D:\steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{DEAD566A-AC27-41EC-B631-5E80C84FC963}] => (Allow) D:\steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{C65D7A1D-AEAE-41AB-A664-3CA71E6495DD}] => (Allow) D:\steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{983B4EFD-21D7-412C-A259-B8BEEF5640DA}] => (Allow) D:\steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{A4FDEE47-AB89-4D89-8BFC-11A51A8AE071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B86DD47B-1C82-488F-90D4-C7D1920E60BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B952DC1-CBF1-4EB8-A15C-AB28971D531B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC52C5EB-6C84-4C33-A618-20EEC2C41099}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC22F263-0949-4A10-9078-E69F95FB356C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6ADDF291-66E7-4204-8EC6-15E9B3B2C341}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BDA53FED-24F0-45E6-B632-DF84791CB995}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{5FA3D9A2-52C5-4A09-9C8C-E16540C21E43}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{EBA3E1AD-F0DA-4CF9-B14C-965DABCA6040}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{A91F2F49-B13C-4336-98E1-1AAC0D7F94F3}] => (Allow) C:\Users\User\AppData\Local\Chromium\Application\chrome.exe No File
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled (Total:103.91 GB) (Free:44.46 GB) (43%)
 
==================== Faulty Device Manager Devices ============
 
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (01/31/2020 02:09:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4396,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (01/31/2020 01:53:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (01/31/2020 01:53:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (01/31/2020 01:44:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (01/31/2020 01:44:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (01/31/2020 01:29:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5240,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (01/31/2020 01:21:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2744,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (01/31/2020 12:53:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1772,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
 
System errors:
=============
Error: (01/31/2020 01:54:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Услуга AvastWscReporter не може да бъде стартирана поради следната грешка: 
The system cannot find the file specified.
 
Error: (01/31/2020 01:53:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга NVIDIA Display Container LS беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата.
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга NVIDIA LocalSystem Container беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата.
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Hi-Rez Studios Authenticate and Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга LogMeIn Hamachi Tunneling Engine беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Wacom Professional Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Adobe Acrobat Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
 
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга PnkBstrB беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
 
 
Windows Defender:
===================================
Date: 2020-01-31 12:39:51.575
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {86CCFFB5-DC66-4247-B60D-3BA77C00022A}
Scan Type: Antimalware
Scan Parameters: Full Scan
 
Date: 2020-01-31 11:16:36.492
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\PROGRA~3\{51B76~1\tarodid.exe
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
 
Date: 2020-01-31 11:16:34.233
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_c:\programdata\{51b76d8b-799f-15f3-21c7-3ddbc92fe503}\tarodid.exe; process:_pid:7260,ProcessStart:132249356434283126
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
 
Date: 2020-01-31 11:14:23.156
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\PROGRA~3\{51B76~1\tarodid.exe
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
 
Date: 2020-01-31 11:14:10.925
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_c:\programdata\{51b76d8b-799f-15f3-21c7-3ddbc92fe503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
 
Date: 2020-01-31 11:54:33.032
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: Програмата не успя да открие злонамерен и друг потенциално нежелан софтуер на устройството. 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-01-31 11:42:54.307
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-01-22 17:16:06.544
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.307.2803.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee2
Error description: The operation timed out 
 
CodeIntegrity:
===================================
 
Date: 2020-01-31 11:43:03.265
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.251
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.234
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.220
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.207
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.190
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.168
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-01-31 11:43:03.155
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. P1.20 10/14/2013
Motherboard: ASRock FM2A55M-HD+
Processor: AMD A8-6600K APU with Radeon™ HD Graphics 
Percentage of memory in use: 50%
Total physical RAM: 8118.7 MB
Available physical RAM: 4046.12 MB
Total Virtual: 12214.7 MB
Available Virtual: 6285.64 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:103.91 GB) (Free:44.46 GB) NTFS
Drive d: () (Fixed) (Total:413.5 GB) (Free:230.37 GB) NTFS
Drive e: () (Fixed) (Total:413.5 GB) (Free:407.39 GB) NTFS
 
\\?\Volume{b9268b8f-cdf0-4441-8cbe-ed5ddde2761a}\ (Възстановяване) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{c1a9056b-b388-44b5-8dff-7b7a58982c78}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 21F41539)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
http://prntscr.com/qvlcotthis is what I found suspicios

http://prntscr.com/qvlt0b

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,349 posts
  • MVP

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   58.78KB   15 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.


 


  • 0






Similar Topics


Also tagged with one or more of these keywords: trojan, trojan horse, very high thread, virus, Trojan:Win32/detplock

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP