Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Български (България)
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hi-Rez Studios) [File not signed] D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SOMICC71BSound] => C:\Program Files\SOMIC 7.1 GAMING HEADSET\CPL\Somic Audio Center_x64.exe [2369024 2016-01-28] () [File not signed]
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1786808 2018-03-14] (LG Electronics Inc. -> TODO: <Company name>)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Steam] => D:\steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Gaijin.Net Updater] => C:\Users\User\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-12-12] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\MountPoints2: {c83ea583-c92d-11e8-9702-bc5ff4ee6426} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0059A6B4-860C-459A-94BF-FAC996FDADF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0A5E8CB4-DE4D-4EA5-B040-1E3C57899507} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {337ED8ED-722C-4D4A-961C-5A7E76ACD5DD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36193340-C1EE-4464-A38D-512ABF4D8540} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {36F48C80-857A-4CDE-9C14-C9B634A99F2F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {36FCFF99-CFB8-4D34-9441-02CEA9A5743B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {53571172-5480-47C7-9337-6CA3AC2F5623} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-14] (Google Inc -> Google LLC)
Task: {57685181-E605-4E58-B247-190B8D1AEFA9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58E18D72-4A02-4F49-A860-DE54CBF38A57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C331D4E-A639-4796-B269-C6D30BA5FD87} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6F1B0E78-2F27-4B51-AE95-796460E39FC5} - System32\Tasks\Hetubu\{2AEDAAF0-7C98-E5A3-83E7-17006976522E} => C:\Users\User\AppData\Roaming\Megobabeto\Hetubu.exe [0 2013-04-23] ()
Task: {6F4F8E8A-711A-4D9C-BBB6-6516003629AB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7625FCDB-D405-4180-BAA8-CE132092CED4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {874D5BA2-DBD4-4D1C-B2C8-8EE6B8C5C425} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E55FE94-543A-4B5E-A66D-A225B77711EE} - System32\Tasks\update-S-1-5-21-1270643484-4035232020-1271303665-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {9871B34A-5AD6-4AF0-A58C-A4FC3CD50A76} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2498880-35B3-45A5-B7EE-01C5BBCCE2ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC78466C-B2EF-4CB9-B4F1-449062712D12} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2FDDB7C-054D-429C-AB67-8A5F6B696DBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-14] (Google Inc -> Google LLC)
Task: {B4A5905B-FD21-4352-AA5A-E0D5BC5631E3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CDC45FD2-4341-4265-9510-7A885A9FEF6F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E464706E-667E-48E4-B0A7-AACBCC81FCD7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E775FB88-6842-4DB6-A760-5D60F86E7BEE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {EBB6041D-18F2-4DD2-ABB0-962E5557D549} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC51E498-D4BA-4EC7-9461-960374574E00} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1270643484-4035232020-1271303665-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{2dee4765-6d13-42f5-972a-0641487b9df0}: [DhcpNameServer] 88.87.0.2 88.87.10.2
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Edge Notifications: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001 -> hxxps://www.facebook.com
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2020-01-31]
CHR HomePage: Default -> hxxps://www.google.bg/?gfe_rd=cr&ei=hFXfVdGhCrOz8wf_1IeoDg&gws_rd=ssl
CHR DefaultSearchURL: Default -> hxxp://chromedhnewtab.com/search?q={searchTerms}
CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-19]
CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-19]
CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-19]
CHR Extension: (Blue Nebula - Full HD - Axlg) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpbfcgopniakghhkjcnnmpfdemapblij [2018-09-19]
CHR Extension: (Adblock Plus — безплатен блокер на реклами) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
CHR Extension: (chromedhnewtab) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjknaplhnlobleklkoloacadcobmiccl [2018-09-19]
CHR Extension: (Тъмна тема за Facebook и други уебсайтове) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfobiagdiioemjmpdecklcjaplpljdo [2019-10-26]
CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-14]
CHR Extension: (Grammarly for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-01-30]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-01]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-07]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-15]
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-09-10] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-12-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PAExec; C:\Windows\PAExec.exe [189112 2018-09-19] (Power Admin LLC -> Power Admin LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2019-11-27] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [215128 2019-12-07] (Even Balance, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\NisSrv.exe [3284840 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MsMpEng.exe [103168 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2156368 2019-08-02] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 C_71_B; C:\WINDOWS\System32\drivers\C_71_B.sys [3795608 2016-01-28] (WDKTestCert chou,130795027549068093 -> C-MEDIA Inc.)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\nvlddmkm.sys [23251968 2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [131736 2019-06-14] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-01-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-01-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-01-28] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
2020-01-31 14:16 - 2020-01-31 14:17 - 000027315 _____ C:\Users\User\Desktop\FRST.txt
2020-01-31 14:14 - 2020-01-31 14:14 - 002581504 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2020-01-31 13:54 - 2020-01-31 13:54 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-31 13:54 - 2020-01-31 13:54 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-01-31 13:31 - 2020-01-31 13:31 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-31 13:31 - 2020-01-31 13:31 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\mbamtray
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\mbam
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\cache
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-31 13:30 - 2020-01-31 13:30 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-01-31 13:30 - 2020-01-31 13:30 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-01-31 13:30 - 2020-01-31 13:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-31 13:29 - 2020-01-31 13:29 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-31 13:28 - 2020-01-31 13:34 - 002307368 _____ C:\Users\User\Desktop\Rkill.txt
2020-01-31 13:27 - 2020-01-31 13:28 - 008356016 _____ (Malwarebytes) C:\Users\User\Downloads\adwcleaner_8.0.2.exe
2020-01-31 13:27 - 2020-01-31 13:27 - 001883976 _____ (Malwarebytes) C:\Users\User\Downloads\malwarebytes_4.0.exe
2020-01-31 13:27 - 2020-01-31 13:27 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\User\Downloads\rkill_2.9.1.0.exe
2020-01-31 13:16 - 2020-01-31 13:16 - 000000000 ____D C:\Users\User\AppData\Roaming\Google
2020-01-31 12:47 - 2020-01-31 12:47 - 000000629 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-01-31 12:47 - 2020-01-31 12:47 - 000000629 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-01-31 12:47 - 2020-01-31 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-01-31 12:46 - 2020-01-31 12:46 - 007432520 _____ (VS Revo Group ) C:\Users\User\Downloads\revosetup.exe
2020-01-31 11:45 - 2020-01-31 11:45 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-01-31 11:16 - 2020-01-31 11:16 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-31 11:16 - 2020-01-31 11:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-31 11:15 - 2020-01-31 11:49 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2020-01-31 11:14 - 2020-01-31 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hetubu
2020-01-31 11:14 - 2020-01-31 11:14 - 000000000 ____D C:\Users\User\AppData\Roaming\Megobabeto
2020-01-31 11:13 - 2020-01-31 11:50 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-31 11:13 - 2020-01-31 11:14 - 000000000 ____D C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}
2020-01-31 11:13 - 2020-01-31 11:13 - 000001362 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2020-01-31 11:13 - 2020-01-31 11:13 - 000000000 ____D C:\Program Files\AVAST Software
2020-01-30 17:21 - 2020-01-30 17:21 - 000000000 ____D C:\Users\User\AppData\LocalLow\Riot Games
2020-01-30 17:20 - 2020-01-30 17:20 - 000001599 _____ C:\Users\User\Desktop\Legends of Runeterra.lnk
2020-01-30 17:20 - 2020-01-30 17:20 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-01-30 17:19 - 2020-01-30 17:19 - 068510896 _____ (Riot Games, Inc.) C:\Users\User\Downloads\Legends_Of_Runeterra_Installer.exe
2020-01-30 15:51 - 2020-01-30 15:54 - 000000000 ____D C:\Users\User\AppData\Roaming\.tlauncher
2020-01-30 15:51 - 2020-01-30 15:51 - 015370064 _____ (TLauncher Inc.) C:\Users\User\Downloads\TLauncher-2.68-Installer-0.5.2.exe
2020-01-30 15:51 - 2020-01-30 15:51 - 000001932 _____ C:\Users\User\Desktop\TLauncher.lnk
2020-01-29 17:20 - 2020-01-29 17:20 - 000000039 _____ C:\Users\User\AppData\Local\kritadisplayrc
2020-01-29 17:13 - 2020-01-29 17:13 - 003339582 _____ C:\Users\User\Desktop\game_cards.tif
2020-01-29 16:39 - 2020-01-29 16:39 - 007734230 _____ C:\Users\User\Desktop\game_money.tif
2020-01-28 21:04 - 2020-01-28 21:04 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-01-27 15:46 - 2020-01-27 15:46 - 000149090 _____ C:\Users\User\Downloads\igralno pole.tif
2020-01-27 15:42 - 2020-01-28 19:53 - 000781968 _____ C:\Users\User\Desktop\igralno pole.tif
2020-01-24 20:32 - 2020-01-25 13:36 - 000000000 ____D C:\Users\User\Creative Cloud Files
2020-01-24 17:11 - 2020-01-24 17:11 - 000000265 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
2020-01-24 15:56 - 2020-01-24 15:56 - 000000000 ____D C:\Users\User\AppData\Local\4kdownload.com
2020-01-24 15:55 - 2020-01-24 17:11 - 000000265 _____ C:\Users\User\Desktop\4K Video Downloader.lnk
2020-01-24 14:39 - 2020-01-24 14:40 - 085446656 _____ C:\Users\User\Downloads\4kvideodownloader_4.11.1_x64.msi
2020-01-23 22:54 - 2020-01-29 22:03 - 000000000 ____D C:\Users\User\Desktop\memes za klipove
2020-01-23 00:54 - 2020-01-30 03:42 - 000014333 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-01-22 14:32 - 2020-01-22 14:32 - 000011094 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-01-20 00:35 - 2020-01-20 00:47 - 000463438 _____ C:\Users\User\Desktop\Бисер Вангелов №2 12а.pptx
2020-01-18 15:03 - 2020-01-18 15:03 - 000391285 _____ C:\Users\User\Documents\Успоредни равнини_12а_7.pptx
2020-01-15 19:57 - 2020-01-29 17:21 - 000002232 _____ C:\Users\User\Desktop\Discord.lnk
2020-01-15 19:56 - 2020-01-15 19:57 - 000000000 ____D C:\Users\User\AppData\Local\Discord
2020-01-15 16:12 - 2020-01-15 16:12 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 16:11 - 2020-01-15 16:12 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 15:53 - 2020-01-15 15:53 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 15:53 - 2020-01-15 15:53 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 00:23 - 2020-01-28 01:45 - 000014651 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-01-13 23:21 - 2020-01-27 01:10 - 000012500 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-01-13 01:45 - 2020-01-22 00:56 - 000010692 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-01-12 11:35 - 2020-01-12 12:59 - 000000494 _____ C:\Users\User\Desktop\config.txt
2020-01-12 02:37 - 2020-01-26 02:39 - 000014211 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-01-12 00:26 - 2019-12-28 05:14 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001079200 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 001079200 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000450176 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000354520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 011843088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 010169208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 000678264 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 000544976 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 017462352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 015029504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 005383184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 004718512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 002076080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001570168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001485688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001371512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001145280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001064368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001001816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000824064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000813984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000685256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000573784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-01-12 00:26 - 2019-12-28 05:12 - 000558080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000451320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-01-12 00:26 - 2019-12-28 05:11 - 040510200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-01-12 00:26 - 2019-12-28 05:11 - 035380240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-01-12 00:26 - 2019-12-28 05:11 - 000858032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-01-12 00:26 - 2019-12-24 14:03 - 000076477 _____ C:\WINDOWS\system32\nvinfo.pb
2020-01-12 00:07 - 2020-01-12 00:07 - 000000000 ____D C:\Users\User\AppData\Roaming\Valve Corporation
2020-01-11 14:31 - 2020-01-25 08:46 - 000014376 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-01-11 14:22 - 2020-01-31 13:53 - 000012229 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-01-10 15:18 - 2020-01-10 23:00 - 000013948 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1
2020-01-10 01:08 - 2020-01-10 15:18 - 000014334 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
2020-01-08 19:02 - 2020-01-09 17:37 - 002862884 _____ C:\Users\User\Desktop\igr.tif
2020-01-08 15:13 - 2020-01-09 00:51 - 000012615 _____ C:\ProgramData\DisplaySessionContainer21.log_backup1
2020-01-07 01:00 - 2020-01-07 23:13 - 000013615 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2020-01-03 13:00 - 2020-01-03 13:01 - 000000000 ____D C:\Users\User\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000001151 _____ C:\Users\User\Desktop\Adobe Premiere Pro 2019.lnk
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\Users\Public\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\ProgramData\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-01-03 11:57 - 2020-01-03 11:57 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2020-01-03 11:57 - 2020-01-03 11:57 - 000000000 ____D C:\ProgramData\Documents\AdobeInstalledCodecs
2020-01-03 11:46 - 2020-01-03 11:47 - 000080969 _____ C:\Users\User\Downloads\Adobe Premiere Pro CC 2019 v13.1.4 Build 2.torrent
2020-01-03 11:45 - 2020-01-03 11:45 - 002076286 _____ C:\Users\User\Downloads\arriraw_p1_win_092712.zip
2020-01-03 01:40 - 2020-01-04 03:09 - 000013938 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-01-02 10:09 - 2020-01-03 01:40 - 000012479 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-01-01 10:14 - 2020-01-02 01:12 - 000012262 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-01-01 00:48 - 2020-01-01 10:14 - 000012811 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2020-01-31 14:03 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-31 13:55 - 2019-09-13 15:05 - 000000000 ____D C:\Users\User\AppData\Roaming\WTablet
2020-01-31 13:55 - 2018-09-19 18:17 - 000000152 _____ C:\Users\Public\Documents\OSCFile.txt
2020-01-31 13:55 - 2018-09-19 18:17 - 000000152 _____ C:\ProgramData\Documents\OSCFile.txt
2020-01-31 13:53 - 2019-12-30 17:48 - 000018900 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-01-31 13:53 - 2019-12-30 17:48 - 000008676 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-01-31 13:53 - 2019-12-30 17:48 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-01-31 13:53 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-31 11:54 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-31 11:53 - 2018-09-19 11:52 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2020-01-31 11:52 - 2018-09-19 11:49 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2020-01-31 11:05 - 2019-09-27 00:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-31 10:21 - 2019-09-27 01:12 - 000004206 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F9A8A5B0-A0EE-4809-9ABB-B9C56B369613}
2020-01-31 02:24 - 2019-12-30 17:48 - 000014142 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-01-30 17:21 - 2019-10-09 20:13 - 000000000 ____D C:\Users\User\AppData\Local\Riot Games
2020-01-30 17:20 - 2018-09-19 21:02 - 000001671 _____ C:\Users\Public\Desktop\League of Legends.lnk
2020-01-30 17:20 - 2018-09-19 21:02 - 000001671 _____ C:\ProgramData\Desktop\League of Legends.lnk
2020-01-30 15:56 - 2019-05-15 19:07 - 000000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2020-01-30 11:29 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Roaming\discord
2020-01-30 11:02 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-29 17:21 - 2019-11-16 12:29 - 000002440 _____ C:\Users\User\Desktop\Legacy of Discord.lnk
2020-01-29 17:21 - 2019-11-16 12:29 - 000002136 _____ C:\Users\User\Desktop\GTarcade.lnk
2020-01-29 17:21 - 2019-09-13 15:02 - 000002070 _____ C:\Users\User\Desktop\Wacom Desktop Center.lnk
2020-01-29 17:21 - 2019-09-13 15:02 - 000001969 _____ C:\Users\User\Desktop\Wacom Tablet Properties.lnk
2020-01-29 17:21 - 2019-09-08 14:18 - 000001014 _____ C:\Users\User\Desktop\osu!.lnk
2020-01-29 17:21 - 2018-12-05 18:52 - 000002160 _____ C:\Users\User\Desktop\Somic Audio Center.lnk
2020-01-28 20:54 - 2018-09-19 11:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-01-24 22:43 - 2018-09-19 19:56 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2020-01-24 17:09 - 2018-09-24 19:10 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2020-01-22 11:33 - 2018-10-12 12:48 - 000000000 ____D C:\Users\sasuk\AppData\Local\CrashDumps
2020-01-22 11:05 - 2019-09-14 14:56 - 000000000 ____D C:\Users\sasuk\AppData\Roaming\WTablet
2020-01-22 00:53 - 2019-06-14 13:31 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-22 00:53 - 2019-06-14 13:31 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-22 00:53 - 2019-06-14 13:31 - 000002258 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-20 20:02 - 2019-09-27 01:12 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1270643484-4035232020-1271303665-1002
2020-01-20 20:02 - 2019-09-27 00:56 - 000002395 _____ C:\Users\sasuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 19:38 - 2019-09-27 01:12 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1270643484-4035232020-1271303665-1001
2020-01-19 19:38 - 2019-09-27 00:56 - 000002392 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-16 16:28 - 2019-10-02 16:35 - 000000000 ____D C:\Users\User\Desktop\drawing [bleep]
2020-01-16 15:45 - 2018-09-19 20:48 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA
2020-01-16 15:42 - 2019-09-27 00:49 - 000447040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 19:57 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-01-15 19:57 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Local\SquirrelTemp
2020-01-15 16:16 - 2018-09-19 11:59 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 16:26 - 2019-11-16 12:28 - 000000000 ____D C:\Users\User\AppData\Local\Gtarcade
2020-01-14 16:20 - 2019-08-05 17:21 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout
2020-01-12 00:28 - 2018-09-19 11:52 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-10 15:37 - 2018-10-12 12:41 - 000000000 ____D C:\Users\sasuk\AppData\Local\Packages
2020-01-08 18:55 - 2019-09-13 15:57 - 000017922 _____ C:\Users\User\AppData\Local\kritarc
2020-01-06 23:35 - 2018-09-19 20:48 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA Corporation
2020-01-03 13:01 - 2018-09-19 11:49 - 000000000 ____D C:\Users\User\AppData\Roaming\Adobe
2020-01-03 12:06 - 2019-04-19 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-01-03 11:57 - 2018-09-19 20:38 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-03 11:57 - 2018-09-19 12:27 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-01-03 11:55 - 2018-09-19 12:25 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2020-01-03 11:54 - 2018-09-19 12:28 - 000000000 ____D C:\Users\User\AppData\LocalLow\Adobe
2020-01-01 16:00 - 2019-09-23 13:42 - 000000000 ____D C:\Users\User\AppData\Roaming\RenPy
2020-01-01 00:48 - 2019-12-31 02:32 - 000012612 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2018-09-19 20:48 - 2018-09-19 20:48 - 052531200 _____ () C:\Program Files (x86)\GUTF082.tmp
2019-11-25 17:00 - 2019-11-25 17:00 - 000000385 _____ () C:\Users\User\AppData\Local\karboncalligraphyrc
2019-09-13 15:56 - 2020-01-29 17:20 - 000103244 _____ () C:\Users\User\AppData\Local\krita.log
2020-01-29 17:20 - 2020-01-29 17:20 - 000000039 _____ () C:\Users\User\AppData\Local\kritadisplayrc
2019-09-13 15:57 - 2020-01-08 18:55 - 000017922 _____ () C:\Users\User\AppData\Local\kritarc
2018-09-19 19:19 - 2018-09-19 19:19 - 000000003 _____ () C:\Users\User\AppData\Local\updater.log
2018-09-19 19:19 - 2018-09-19 19:19 - 000000425 _____ () C:\Users\User\AppData\Local\UserProducts.xml
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2020
Ran by User (31-01-2020 14:18:04)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1903 18362.592 (X64) (2019-09-26 23:13:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1270643484-4035232020-1271303665-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1270643484-4035232020-1271303665-503 - Limited - Disabled)
Guest (S-1-5-21-1270643484-4035232020-1271303665-501 - Limited - Disabled)
sasuk (S-1-5-21-1270643484-4035232020-1271303665-1002 - Limited - Enabled) => C:\Users\sasuk
User (S-1-5-21-1270643484-4035232020-1271303665-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-1270643484-4035232020-1271303665-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
(Street-Boy) All Cards Unlocker (HKLM-x32\...\(Street-Boy) All Cards Unlocker) (Version: 2.0 - )
4K Video Downloader 4.11 (HKLM\...\{95BBB00C-272E-45A4-A965-6DEFE2F979B6}) (Version: 4.11.1.3390 - Open Media LLC)
60 Seconds Rocket Science (HKLM-x32\...\60 Seconds Rocket Science_is1) (Version: - )
7.1 SOUND EFFECT GAMING HEADSET (HKLM-x32\...\{D8D9AEBE-1712-4A4A-BC70-4CD9C82D108B}) (Version: 1.01 - Somic,Inc)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_4) (Version: 13.1.4 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Autodesk SketchBook (HKLM\...\{AE6C5657-D663-4968-BEB5-1E2ED89CB2D2}) (Version: 8.60.0000 - Autodesk)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.63.1070 - AB Team, d.o.o.)
Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
Crossout Launcher 1.0.3.106 (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\CrossOutLauncher_is1) (Version: - )
Discord (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Frostpunk v.1.3.0 (HKLM-x32\...\Frostpunk_is1) (Version: - )
GameRanger (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GTarcade (HKU-x32\S-1-5-21-1270643484-4035232020-1271303665-1001\...\gtarcade) (Version: 2.1.0 - YOOZOO Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitFilm Express (HKLM\...\{30792CB5-3EBA-483C-98E3-BF08A3CC6B83}) (Version: 12.3.8815.07201 - FXHOME)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Krita (x64) 4.2.6 (HKLM\...\Krita_x64) (Version: 4.2.6.0 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Legends of Runeterra (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Riot Game bacon.live) (Version: - Riot Games, Inc)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
LS-USBMX1/2/3 Steering Wheel W/Vibration (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM-x32\...\Need for Speed Underground 2) (Version: - )
Neighbours From [bleep] (HKLM-x32\...\1207663903_is1) (Version: 1.00 - GOG.com)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 2.95 - LG Electronics Inc)
osu! (HKLM-x32\...\{8c511a3c-c368-40e6-8a64-8642766d108b}) (Version: latest - ppy Pty Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Skype, версия 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-012B-0402-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.36-1 - Wacom Technology Corp.)
WinRAR 5.31 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-30] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Време -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-12-30] (NVIDIA Corp.)
Torrex Lite - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexLite-TorrentDownloader_1.3.97.0_x64__b6e429xa66pga [2019-06-21] (Finebits OÜ) [MS Ad] [Startup Task]
Добавка за „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-05] (Microsoft Corporation)
Добавка за приложението за мултимедийни файлове „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-23] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\nvshext.dll [2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\User\Desktop\Frostpunk - Пряк път.lnk -> D:\Frostpunk\Frostpunk.exe (11 bit studios S.A.) <==== Cyrillic
Shortcut: C:\Users\User\Desktop\Steam - Пряк път.lnk -> D:\steam\Steam.exe (Valve Corporation) <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Какво е новото в последната версия.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Помощен файл на WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ръководство за конзолната версия на RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive за бизнеса.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\grv_icons.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype за бизнеса 2016.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\lyncicon.exe () <==== Cyrillic
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\SendTo\Получател на факса.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo <==== Cyrillic
==================== Loaded Modules (Whitelisted) =============
2014-02-11 05:08 - 2014-02-11 05:08 - 000817152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2018-09-19 19:19 - 2017-05-23 13:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-09-19 19:19 - 2017-05-23 13:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482]
AlternateDataStreams: C:\Users\User\AppData\Local\Temp:$DATA [16]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2020-01-31 12:37 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\body_of_water_planet_horizon_92570_1920x1080.jpg
DNS Servers: 88.87.0.2 - 88.87.10.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: EpicGamesLauncher => E:\nz\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
HKLM\...\StartupApproved\Run: => "SOMICC71BSound"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_EA977365BF5B2185FA52414E130E9AF9"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Chromium"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{7D508BF2-B968-4D38-879A-15B6F811A73F}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{45A6A043-BDB6-4054-BA29-2C479D1B9E38}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{1011CF12-0A9A-4CBE-B3D8-AB674E596EE2}D:\liga\instalaciq\game\league of legends.exe] => (Allow) D:\liga\instalaciq\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{F251D6F0-D57E-4D93-8271-F16FAA71B86B}D:\liga\instalaciq\game\league of legends.exe] => (Allow) D:\liga\instalaciq\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{5CCD9118-386E-43C5-8FE9-334C388D2134}C:\program files (x86)\arenaplay\arenaplay.exe] => (Allow) C:\program files (x86)\arenaplay\arenaplay.exe No File
FirewallRules: [TCP Query User{29865C54-42C0-4223-BCDD-E547BB2D49C3}C:\program files (x86)\arenaplay\arenaplay.exe] => (Allow) C:\program files (x86)\arenaplay\arenaplay.exe No File
FirewallRules: [UDP Query User{927795C9-1E7A-442E-B973-7C7110491ED6}D:\arenaplay\arenaplay.exe] => (Allow) D:\arenaplay\arenaplay.exe No File
FirewallRules: [TCP Query User{C38DF958-819F-4320-BC2A-E9F5D77B2DAC}D:\arenaplay\arenaplay.exe] => (Allow) D:\arenaplay\arenaplay.exe No File
FirewallRules: [{23B4CF72-4620-4285-AA01-60F2A17D28EC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A93E9845-83D9-49B7-8681-68F342E328E4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{879298AA-EE83-4CF8-B069-0945E49E575B}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{BEC13AB3-9870-41D4-8E37-AADEF9F9250D}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{086499CA-7418-49DE-B0BF-4ADCE8624893}C:\users\user\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\user\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [TCP Query User{5ED827FC-ADC1-4385-A205-92D7C4294270}C:\users\user\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\user\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{839E39CA-5F9D-4195-A6BC-B3DA7ECD2F92}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [TCP Query User{18B92560-ACE1-45D1-9221-D452B36F0F11}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [UDP Query User{FAC03D3C-55BC-4A8F-86D9-3DBB13D2433E}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [TCP Query User{C9EAECB1-7EBF-4DB6-9DDB-E7E97AE7FF72}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [UDP Query User{30E14C1B-AD18-47FE-A7AE-B3D7C389EE7E}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [TCP Query User{4AC1579F-FB86-4352-BC6E-1B39D16861D2}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [UDP Query User{08343F70-5E64-4042-BA7D-8CD9C2CFAE2F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{81CCB718-BACA-4007-B543-E5C6565BC070}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3D418353-805F-4C49-BCED-13766D9EAF5D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FDF05657-89C3-46EB-88F1-5C37D58802C3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B000AC22-EAC7-4524-AAF8-4D488695604E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{DA373BD4-9582-42BA-BD19-8DD91C5CB16E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A85CE694-7596-47FF-9A03-4039D797BF4B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{8C2329C4-38AB-46DE-BDF8-BB10074778ED}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{33466FD7-EC63-4653-B007-8DEA1BA4C490}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{7EE6F79D-CC36-4CB1-8963-66B4390937D5}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{EFC4C668-DF8F-4160-B2D9-34B53994A0B0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{E06B1C1C-6A29-424D-AF9F-155E40BE00F3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0A208126-7FFE-4015-ABBD-FAA14809BE28}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CEE3AE22-AA12-4358-8C5D-FFA8AFDBA88D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BDA847DB-7ECA-4DBA-B1DC-FA5959D2B8AA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{423249E7-B4A8-4129-ABF1-BF56D2840EBE}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{492A9893-970B-4496-BA2B-B8EBB2E10BAA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FBFCE1D4-32D9-4728-9BA8-65A5F01E668E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0D6B33BF-12BF-411E-A60C-83C81C661297}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{8041240E-CC47-4FA3-866D-8333A28BB3C6}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{137D374A-A400-4935-91A1-4C5FCC7C8C5B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4A64EEBF-DB3D-4945-9162-47B593959592}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{87FD80F5-1E74-4B4F-AF12-E00FBC2AD918}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BA90702F-59A9-4530-BCA3-9F23DB87D437}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E88FE424-D2E0-4492-A4BE-105500656DE2}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{C623CA49-FBED-4A96-A224-1850D47791D1}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3B2290D4-06B8-43EF-BA7A-583FECDDE1FD}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{931C85C2-9019-4F45-BB03-B945AAA0B7B2}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{05F111A4-A095-4F99-9CAB-5A8C8E3B43A1}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{75569D7D-4104-49AC-B83D-38D24B80485D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A270EF1F-4D0A-4AEA-AAC2-D730B6362C97}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FEB5E3D8-7EFA-4538-8194-1569C406CDA2}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{39612A48-F43C-41C2-B6EF-2F5BBF7D5860}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{2C11AF77-0234-4D9A-B83C-2396DD1B5426}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{61588D37-B684-44EA-80E3-C1E604CD29B0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F4376C25-BDB2-41B8-B784-62FBE936A3C9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{EE2874AE-2139-4FFB-BD5F-FDDF8FDE7F4D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{757C3AA9-7252-4BBC-9797-D40C93FEB413}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E4953609-8BBF-4C63-9F2C-E439DC1F1BFE}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1E798995-2D3A-4B6A-AFEE-98C10CA53BA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E81E1A9D-A845-4514-810E-487B729A85B1}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{C85E8184-7058-47E2-9006-D80F0EA3BFAD}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{5CF86962-76F8-476C-B3F5-10BFD40E5A44}D:\need for speed underground 2\speed2.exe] => (Allow) D:\need for speed underground 2\speed2.exe () [File not signed]
FirewallRules: [TCP Query User{718EC2B9-A00C-4950-8559-6130C144ABA6}D:\need for speed underground 2\speed2.exe] => (Allow) D:\need for speed underground 2\speed2.exe () [File not signed]
FirewallRules: [UDP Query User{91B7FC73-75C3-410A-AEB3-E04A0047DAA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A315A9D9-C2A2-4411-B881-97DA2CE34666}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{295F775B-8010-4A72-9BBF-5E7BD387B98F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CA7323C8-43D1-4215-ABDA-0CA61BBB6433}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [{B0AB3C38-28A2-4336-8835-62F4E20D0B0C}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{B430E698-3D99-402D-9BCD-CE9C4CD79249}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [UDP Query User{6E876B67-2678-4030-A018-0D6D97C7503B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{5F30D37D-C178-4E1C-9637-1B88C13EB473}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{94CEF22B-4D03-4A74-BD21-64D3B7180C8C}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Block) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{AAF34754-F9EC-4287-923E-EC2628678D6A}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Block) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{38685334-929B-477E-9F3A-B4E2E338872C}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CB0123F1-22BA-4F73-9A0B-11AEA4A67AA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{4AFD0456-A808-42E4-BFD5-F4E9563BC7FB}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{E0B7B7C4-9F0A-4DAE-9EE9-45F9CBCCC965}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{1C50329F-3924-404B-AB81-606A16B79A98}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{22517FFB-A2F0-4190-BF55-4F320FDF2CA0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe No File
FirewallRules: [{00DAEA2B-0B46-4404-92E3-AE771A238988}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C59BD872-D204-4DA2-870C-37FEA68FF6C4}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{99C8D147-DBD6-4ACB-A195-E2D142CAA56F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{03E1BF6F-A10A-4636-A59D-27F98A578E5B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A2DBA4D2-2D88-43D3-8018-73484DC4AD41}D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe] => (Block) D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe () [File not signed]
FirewallRules: [TCP Query User{93EB00E6-F18B-45F5-8B51-D409D0EC6F75}D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe] => (Block) D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe () [File not signed]
FirewallRules: [UDP Query User{5D351F29-A383-4F45-BFF4-41D31597E9CA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9FA57325-2B31-4716-B2EE-FD8ACF34631F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BAC46739-3020-4BEF-BA34-0442469B5664}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1CBB62B5-D868-4D79-9123-8A108B08D64E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{93F37543-874B-4C13-A8F7-5DFC567DEDF3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FEC3585B-9559-4956-9858-AFAC5CF4DD07}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [{F73A2EE0-27FC-4DC6-840D-826D90822A6F}] => (Allow) D:\steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{620C3D8B-C433-4BB6-87CF-44F0260A6B34}] => (Allow) D:\steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{3C895B85-5A12-4B2A-95C2-B9A819F25875}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A49DCD39-750A-4D6B-AAC1-E2BC2152C3DC}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{2529221B-1141-4188-AFF4-20AB58CD7EEF}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{090A28E9-955E-42F6-A536-B75ABBCB29E3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{CE780A28-717E-4A85-9530-741E9D2171BC}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{2C643B88-C936-45A9-B8CE-4674255A7F1F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{598D7C32-0C65-4655-A114-44BFB604E3E0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4A9ACF01-C9F3-4297-80FB-F1A9AD10E0F8}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1A2B8C39-BD5D-4FFD-B7E8-A7EC39EF0DB9}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{CC609483-79D0-4D81-A45A-43B0BA2247AD}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{AB20BE90-B0CB-40C3-9CE1-B2F1101366E9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{0056F67B-FBEC-492F-9324-D01B90BC8272}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [{982F1FDB-68F5-49FB-AA01-D04962809B94}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [{E3BDD875-0813-481E-A306-2DBE85768323}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{0FDFA0BE-0EC9-4F95-8553-1A356BF1D1E7}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{9750CA83-DB0A-49ED-9FB1-8DD49031A4D8}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{65FBB822-EA27-4EED-93AB-31BA54AADA1A}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{69F55623-19B9-4D8F-826E-1D18DDA728DE}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{E77B7E6B-3EB1-4BEA-968D-7FA79A986AAF}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [{CC6DBEC4-CDF3-4392-BD6A-446BCC4CB6A4}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{C3432862-03F6-4B7C-966B-F6936B0B0130}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{8EAAC9EC-973B-42B3-A79C-FC635F67FABA}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{E6C65447-FFC5-4C51-BB9E-5A7B4144EB5F}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{5F2EB398-6113-4A0C-AD76-9CDE5ECC42F0}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [UDP Query User{67569C8F-235A-483F-9D71-D19A7C616E71}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{77A09CE2-80DA-40B0-A954-7916E2013D3F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe No File
FirewallRules: [{C0078B59-7F7E-439B-890D-F96188FC5AB9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe No File
FirewallRules: [{D303666D-96EF-42C2-BB18-DD989DD16441}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [{BD95E4E4-8F87-4710-BB8F-04824CB66DC4}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [UDP Query User{8F24552F-DE12-456A-AC3D-ADC00BD8C520}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe No File
FirewallRules: [TCP Query User{414E6773-74FB-4D35-8730-0A75740A65AF}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe No File
FirewallRules: [UDP Query User{428AFC87-AC66-414C-98ED-D667057AE407}E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{6B8F2B6B-FFE0-4373-8E3E-0C0B0D053414}E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{5E2045E3-FD5E-4B24-9E9E-DBC42A00B664}E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{B97E58B2-F114-4EA9-864B-E232F94F18A3}E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [{AF8E07C2-25FD-4719-ACBC-E96C2899F26B}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{CB63E972-A11C-4348-A11B-F3C276ABDB2E}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{AE2D8CC4-4CC4-401B-9118-AB2AF9368877}] => (Allow) D:\steam\steamapps\common\Alan Wake\AlanWake.exe No File
FirewallRules: [{E9CBB2FB-62F4-42D9-9257-59AB69E5CC4C}] => (Allow) D:\steam\steamapps\common\Alan Wake\AlanWake.exe No File
FirewallRules: [{A4E129F2-86BD-463C-91AF-5DCA413E7498}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{30D6BE07-6F98-4985-A083-649E5E4A119D}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{DE481CEE-24CA-4C39-AA6A-0F1CDCC37A41}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1E10491D-065A-44E1-B70B-1684E390C344}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5A87209E-1714-47F6-BB64-5E9808924BEE}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A2652D3D-3240-4094-AE1A-BA3CE5AE91BB}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{316E5E4E-4D8B-4C87-884B-D07102C91EA6}] => (Allow) D:\Нова папка (2)\Steam.exe No File
FirewallRules: [{B9C6528E-584A-4F71-AF7D-AEED64C0B872}] => (Allow) D:\Нова папка (2)\Steam.exe No File
FirewallRules: [UDP Query User{81634972-DCF1-4219-A01F-F78DCC72E686}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F758194C-33B8-4C9D-9534-5451FC9B28F9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [{0B8503CF-B697-4C8C-AF39-176D9DC31448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66A6D1AD-AF64-4394-BAAE-D50C47777DC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B78D112F-F3A4-4751-BA28-62D47372E798}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{65A36A4D-0E66-4D40-8BC1-A043E7264525}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3B0DF89-DD96-400D-8484-3C92D7507A27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E7D14E42-1184-48BD-9DB9-400FABE305B0}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50B8CEEB-0199-4C68-B81C-B60A27DE3A08}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39A98F4B-D697-42D1-B92B-D0B3C3B7E665}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A43F5DAF-F364-4968-BB25-00BEC306D692}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B96BB8E1-D543-42C4-9B82-FD20AAD86B59}D:\games\the sims 4\game\bin\ts4.exe] => (Allow) D:\games\the sims 4\game\bin\ts4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{E8077BD5-F051-4C5A-9DA9-4EFFE005DE5D}D:\games\the sims 4\game\bin\ts4.exe] => (Allow) D:\games\the sims 4\game\bin\ts4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{0E57781D-F16A-42E8-A32B-28B67A1A1284}D:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{CAD72217-0032-4577-B7F4-935C8676217C}D:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{20965B95-C66C-4BFD-80EC-1B88C53E0697}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{46E6FDB2-21A2-4D5B-937F-997AE21EBF53}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{04EA8E8F-4EE0-4CA0-98A7-0C5BFAC60D7E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A5A05355-78C4-4D4B-8720-6A804D3C2A1D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{8DE81259-C457-4DDA-BE21-74E00A8D6658}] => (Allow) C:\Users\User\Downloads\DiscordSetup.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{EE2C36EE-82C6-4FDC-ADDA-E995E621613D}] => (Allow) C:\Users\User\Downloads\DiscordSetup.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{DCE9D003-2ABF-4FDF-8DC3-3200E15633F2}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{D87D36C5-EC9C-4D5C-B77C-74A50AE5A730}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{6A562E3F-B822-41E9-B79E-49A7650ED4A0}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{8EAE1891-F1BC-4FFB-BCF9-A997497BA439}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{81E0D436-E1BB-470D-A74E-3B486472908E}] => (Allow) D:\steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{DEAD566A-AC27-41EC-B631-5E80C84FC963}] => (Allow) D:\steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{C65D7A1D-AEAE-41AB-A664-3CA71E6495DD}] => (Allow) D:\steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{983B4EFD-21D7-412C-A259-B8BEEF5640DA}] => (Allow) D:\steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{A4FDEE47-AB89-4D89-8BFC-11A51A8AE071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B86DD47B-1C82-488F-90D4-C7D1920E60BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B952DC1-CBF1-4EB8-A15C-AB28971D531B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC52C5EB-6C84-4C33-A618-20EEC2C41099}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC22F263-0949-4A10-9078-E69F95FB356C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6ADDF291-66E7-4204-8EC6-15E9B3B2C341}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BDA53FED-24F0-45E6-B632-DF84791CB995}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{5FA3D9A2-52C5-4A09-9C8C-E16540C21E43}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{EBA3E1AD-F0DA-4CF9-B14C-965DABCA6040}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{A91F2F49-B13C-4336-98E1-1AAC0D7F94F3}] => (Allow) C:\Users\User\AppData\Local\Chromium\Application\chrome.exe No File
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:103.91 GB) (Free:44.46 GB) (43%)
==================== Faulty Device Manager Devices ============
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/31/2020 02:09:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4396,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/31/2020 01:53:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (01/31/2020 01:53:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (01/31/2020 01:44:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (01/31/2020 01:44:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (01/31/2020 01:29:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5240,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/31/2020 01:21:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2744,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/31/2020 12:53:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1772,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (01/31/2020 01:54:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Услуга AvastWscReporter не може да бъде стартирана поради следната грешка:
The system cannot find the file specified.
Error: (01/31/2020 01:53:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга NVIDIA Display Container LS беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата.
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга NVIDIA LocalSystem Container беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата.
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Hi-Rez Studios Authenticate and Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга LogMeIn Hamachi Tunneling Engine беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Wacom Professional Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Adobe Acrobat Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга PnkBstrB беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
Windows Defender:
===================================
Date: 2020-01-31 12:39:51.575
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {86CCFFB5-DC66-4247-B60D-3BA77C00022A}
Scan Type: Antimalware
Scan Parameters: Full Scan
Date: 2020-01-31 11:16:36.492
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\PROGRA~3\{51B76~1\tarodid.exe
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-01-31 11:16:34.233
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_c:\programdata\{51b76d8b-799f-15f3-21c7-3ddbc92fe503}\tarodid.exe; process:_pid:7260,ProcessStart:132249356434283126
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-01-31 11:14:23.156
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\PROGRA~3\{51B76~1\tarodid.exe
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-01-31 11:14:10.925
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_c:\programdata\{51b76d8b-799f-15f3-21c7-3ddbc92fe503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-01-31 11:54:33.032
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: Програмата не успя да открие злонамерен и друг потенциално нежелан софтуер на устройството.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2020-01-31 11:42:54.307
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2020-01-22 17:16:06.544
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.2803.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee2
Error description: The operation timed out
CodeIntegrity:
===================================
Date: 2020-01-31 11:43:03.265
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.251
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.234
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.220
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.207
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.190
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.168
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.155
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.20 10/14/2013
Motherboard: ASRock FM2A55M-HD+
Processor: AMD A8-6600K APU with Radeon HD Graphics
Percentage of memory in use: 47%
Total physical RAM: 8118.7 MB
Available physical RAM: 4224.42 MB
Total Virtual: 12214.7 MB
Available Virtual: 6717.14 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:103.91 GB) (Free:44.46 GB) NTFS
Drive d: () (Fixed) (Total:413.5 GB) (Free:230.37 GB) NTFS
Drive e: () (Fixed) (Total:413.5 GB) (Free:407.39 GB) NTFS
\\?\Volume{b9268b8f-cdf0-4441-8cbe-ed5ddde2761a}\ (Възстановяване) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{c1a9056b-b388-44b5-8dff-7b7a58982c78}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 21F41539)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2020
Ran by User (administrator) on DESKTOP-3PN82DU (31-01-2020 14:19:47)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User & sasuk)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Български (България)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hi-Rez Studios) [File not signed] D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SOMICC71BSound] => C:\Program Files\SOMIC 7.1 GAMING HEADSET\CPL\Somic Audio Center_x64.exe [2369024 2016-01-28] () [File not signed]
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1786808 2018-03-14] (LG Electronics Inc. -> TODO: <Company name>)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Steam] => D:\steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Gaijin.Net Updater] => C:\Users\User\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-12-12] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\MountPoints2: {c83ea583-c92d-11e8-9702-bc5ff4ee6426} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0059A6B4-860C-459A-94BF-FAC996FDADF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0A5E8CB4-DE4D-4EA5-B040-1E3C57899507} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {337ED8ED-722C-4D4A-961C-5A7E76ACD5DD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36193340-C1EE-4464-A38D-512ABF4D8540} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {36F48C80-857A-4CDE-9C14-C9B634A99F2F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {36FCFF99-CFB8-4D34-9441-02CEA9A5743B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {53571172-5480-47C7-9337-6CA3AC2F5623} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-14] (Google Inc -> Google LLC)
Task: {57685181-E605-4E58-B247-190B8D1AEFA9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58E18D72-4A02-4F49-A860-DE54CBF38A57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C331D4E-A639-4796-B269-C6D30BA5FD87} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MpCmdRun.exe [473544 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6F1B0E78-2F27-4B51-AE95-796460E39FC5} - System32\Tasks\Hetubu\{2AEDAAF0-7C98-E5A3-83E7-17006976522E} => C:\Users\User\AppData\Roaming\Megobabeto\Hetubu.exe [0 2013-04-23] ()
Task: {6F4F8E8A-711A-4D9C-BBB6-6516003629AB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7625FCDB-D405-4180-BAA8-CE132092CED4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {874D5BA2-DBD4-4D1C-B2C8-8EE6B8C5C425} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E55FE94-543A-4B5E-A66D-A225B77711EE} - System32\Tasks\update-S-1-5-21-1270643484-4035232020-1271303665-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {9871B34A-5AD6-4AF0-A58C-A4FC3CD50A76} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2498880-35B3-45A5-B7EE-01C5BBCCE2ED} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC78466C-B2EF-4CB9-B4F1-449062712D12} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2FDDB7C-054D-429C-AB67-8A5F6B696DBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-14] (Google Inc -> Google LLC)
Task: {B4A5905B-FD21-4352-AA5A-E0D5BC5631E3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CDC45FD2-4341-4265-9510-7A885A9FEF6F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E464706E-667E-48E4-B0A7-AACBCC81FCD7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E775FB88-6842-4DB6-A760-5D60F86E7BEE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {EBB6041D-18F2-4DD2-ABB0-962E5557D549} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC51E498-D4BA-4EC7-9461-960374574E00} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-1270643484-4035232020-1271303665-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 88.87.0.2 88.87.10.2
Tcpip\..\Interfaces\{2dee4765-6d13-42f5-972a-0641487b9df0}: [DhcpNameServer] 88.87.0.2 88.87.10.2
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
Edge Notifications: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001 -> hxxps://www.facebook.com
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2020-01-31]
CHR DownloadDir: C:\Users\User\Desktop
CHR Notifications: Default -> hxxps://gamehag.com
CHR HomePage: Default -> hxxps://www.google.bg/?gfe_rd=cr&ei=hFXfVdGhCrOz8wf_1IeoDg&gws_rd=ssl
CHR StartupUrls: Default -> "hxxps://www.google.bg/"
CHR DefaultSearchURL: Default -> hxxp://chromedhnewtab.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> chromedhnewtab
CHR Extension: (Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-19]
CHR Extension: (Документи) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-19]
CHR Extension: (Google Диск) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-19]
CHR Extension: (Blue Nebula - Full HD - Axlg) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpbfcgopniakghhkjcnnmpfdemapblij [2018-09-19]
CHR Extension: (Adblock Plus — безплатен блокер на реклами) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
CHR Extension: (chromedhnewtab) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjknaplhnlobleklkoloacadcobmiccl [2018-09-19]
CHR Extension: (Тъмна тема за Facebook и други уебсайтове) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfobiagdiioemjmpdecklcjaplpljdo [2019-10-26]
CHR Extension: (Google Документи офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-14]
CHR Extension: (Grammarly for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-01-30]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-01]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-07]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-09-10] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-12-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PAExec; C:\Windows\PAExec.exe [189112 2018-09-19] (Power Admin LLC -> Power Admin LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2019-11-27] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [215128 2019-12-07] (Even Balance, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\NisSrv.exe [3284840 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.6-0\MsMpEng.exe [103168 2020-01-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2156368 2019-08-02] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 C_71_B; C:\WINDOWS\System32\drivers\C_71_B.sys [3795608 2016-01-28] (WDKTestCert chou,130795027549068093 -> C-MEDIA Inc.)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-01-31] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\nvlddmkm.sys [23251968 2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [131736 2019-06-14] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-01-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-01-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-01-28] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-31 14:18 - 2020-01-31 14:19 - 000072690 _____ C:\Users\User\Desktop\Addition.txt
2020-01-31 14:16 - 2020-01-31 14:20 - 000027315 _____ C:\Users\User\Desktop\FRST.txt
2020-01-31 14:15 - 2020-01-31 14:20 - 000000000 ____D C:\FRST
2020-01-31 14:14 - 2020-01-31 14:14 - 002581504 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2020-01-31 13:54 - 2020-01-31 13:54 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-31 13:54 - 2020-01-31 13:54 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-01-31 13:42 - 2020-01-31 13:43 - 000000000 ____D C:\AdwCleaner
2020-01-31 13:31 - 2020-01-31 13:31 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-31 13:31 - 2020-01-31 13:31 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\mbamtray
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\mbam
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\Users\User\AppData\Local\cache
2020-01-31 13:31 - 2020-01-31 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-31 13:30 - 2020-01-31 13:30 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-01-31 13:30 - 2020-01-31 13:30 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-01-31 13:30 - 2020-01-31 13:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-31 13:29 - 2020-01-31 13:29 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-31 13:28 - 2020-01-31 13:34 - 002307368 _____ C:\Users\User\Desktop\Rkill.txt
2020-01-31 13:27 - 2020-01-31 13:28 - 008356016 _____ (Malwarebytes) C:\Users\User\Downloads\adwcleaner_8.0.2.exe
2020-01-31 13:27 - 2020-01-31 13:27 - 001883976 _____ (Malwarebytes) C:\Users\User\Downloads\malwarebytes_4.0.exe
2020-01-31 13:27 - 2020-01-31 13:27 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\User\Downloads\rkill_2.9.1.0.exe
2020-01-31 13:16 - 2020-01-31 13:16 - 000000000 ____D C:\Users\User\AppData\Roaming\Google
2020-01-31 12:47 - 2020-01-31 12:47 - 000000629 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-01-31 12:47 - 2020-01-31 12:47 - 000000629 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-01-31 12:47 - 2020-01-31 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-01-31 12:46 - 2020-01-31 12:46 - 007432520 _____ (VS Revo Group ) C:\Users\User\Downloads\revosetup.exe
2020-01-31 11:54 - 2020-01-31 11:54 - 000000000 ____D C:\ProgramData\ByteFence
2020-01-31 11:45 - 2020-01-31 11:45 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-01-31 11:16 - 2020-01-31 11:16 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-31 11:16 - 2020-01-31 11:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-31 11:15 - 2020-01-31 11:49 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2020-01-31 11:14 - 2020-01-31 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hetubu
2020-01-31 11:14 - 2020-01-31 11:14 - 000000000 ____D C:\Users\User\AppData\Roaming\Megobabeto
2020-01-31 11:13 - 2020-01-31 11:50 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-31 11:13 - 2020-01-31 11:15 - 000000000 ____D C:\ProgramData\bciff
2020-01-31 11:13 - 2020-01-31 11:14 - 000000000 ____D C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}
2020-01-31 11:13 - 2020-01-31 11:13 - 000001362 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2020-01-31 11:13 - 2020-01-31 11:13 - 000000000 ____D C:\Program Files\AVAST Software
2020-01-30 17:21 - 2020-01-30 17:21 - 000000000 ____D C:\Users\User\AppData\LocalLow\Riot Games
2020-01-30 17:20 - 2020-01-30 17:20 - 000001599 _____ C:\Users\User\Desktop\Legends of Runeterra.lnk
2020-01-30 17:20 - 2020-01-30 17:20 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-01-30 17:19 - 2020-01-30 17:19 - 068510896 _____ (Riot Games, Inc.) C:\Users\User\Downloads\Legends_Of_Runeterra_Installer.exe
2020-01-30 15:51 - 2020-01-30 15:54 - 000000000 ____D C:\Users\User\AppData\Roaming\.tlauncher
2020-01-30 15:51 - 2020-01-30 15:51 - 015370064 _____ (TLauncher Inc.) C:\Users\User\Downloads\TLauncher-2.68-Installer-0.5.2.exe
2020-01-30 15:51 - 2020-01-30 15:51 - 000001932 _____ C:\Users\User\Desktop\TLauncher.lnk
2020-01-29 17:20 - 2020-01-29 17:20 - 000000039 _____ C:\Users\User\AppData\Local\kritadisplayrc
2020-01-29 17:13 - 2020-01-29 17:13 - 003339582 _____ C:\Users\User\Desktop\game_cards.tif
2020-01-29 16:39 - 2020-01-29 16:39 - 007734230 _____ C:\Users\User\Desktop\game_money.tif
2020-01-28 21:04 - 2020-01-28 21:04 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-01-27 15:46 - 2020-01-27 15:46 - 000149090 _____ C:\Users\User\Downloads\igralno pole.tif
2020-01-27 15:42 - 2020-01-28 19:53 - 000781968 _____ C:\Users\User\Desktop\igralno pole.tif
2020-01-24 20:32 - 2020-01-25 13:36 - 000000000 ____D C:\Users\User\Creative Cloud Files
2020-01-24 17:11 - 2020-01-24 17:11 - 000000265 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
2020-01-24 15:56 - 2020-01-24 15:56 - 000000000 ____D C:\Users\User\AppData\Local\4kdownload.com
2020-01-24 15:55 - 2020-01-24 17:11 - 000000265 _____ C:\Users\User\Desktop\4K Video Downloader.lnk
2020-01-24 14:39 - 2020-01-24 14:40 - 085446656 _____ C:\Users\User\Downloads\4kvideodownloader_4.11.1_x64.msi
2020-01-23 22:54 - 2020-01-29 22:03 - 000000000 ____D C:\Users\User\Desktop\memes za klipove
2020-01-23 00:54 - 2020-01-30 03:42 - 000014333 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-01-22 14:32 - 2020-01-22 14:32 - 000011094 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-01-20 00:35 - 2020-01-20 00:47 - 000463438 _____ C:\Users\User\Desktop\Бисер Вангелов №2 12а.pptx
2020-01-18 15:03 - 2020-01-18 15:03 - 000391285 _____ C:\Users\User\Documents\Успоредни равнини_12а_7.pptx
2020-01-15 19:57 - 2020-01-29 17:21 - 000002232 _____ C:\Users\User\Desktop\Discord.lnk
2020-01-15 19:56 - 2020-01-15 19:57 - 000000000 ____D C:\Users\User\AppData\Local\Discord
2020-01-15 16:12 - 2020-01-15 16:12 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 16:12 - 2020-01-15 16:12 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 16:11 - 2020-01-15 16:12 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 16:11 - 2020-01-15 16:11 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 16:11 - 2020-01-15 16:11 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 16:11 - 2020-01-15 16:11 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 15:53 - 2020-01-15 15:53 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 15:53 - 2020-01-15 15:53 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 00:23 - 2020-01-28 01:45 - 000014651 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-01-13 23:21 - 2020-01-27 01:10 - 000012500 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-01-13 01:45 - 2020-01-22 00:56 - 000010692 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-01-12 11:35 - 2020-01-12 12:59 - 000000494 _____ C:\Users\User\Desktop\config.txt
2020-01-12 02:37 - 2020-01-26 02:39 - 000014211 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-01-12 00:26 - 2019-12-28 05:14 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001729440 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-12 00:26 - 2019-12-28 05:14 - 001079200 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 001079200 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000450176 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-12 00:26 - 2019-12-28 05:14 - 000354520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 011843088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 010169208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 000678264 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-01-12 00:26 - 2019-12-28 05:13 - 000544976 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 017462352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 015029504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 005383184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 004718512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 002076080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001570168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001485688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001371512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001145280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001064368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 001001816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000824064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000813984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000685256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000573784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-01-12 00:26 - 2019-12-28 05:12 - 000558080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-01-12 00:26 - 2019-12-28 05:12 - 000451320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-01-12 00:26 - 2019-12-28 05:11 - 040510200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-01-12 00:26 - 2019-12-28 05:11 - 035380240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-01-12 00:26 - 2019-12-28 05:11 - 000858032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-01-12 00:26 - 2019-12-24 14:03 - 000076477 _____ C:\WINDOWS\system32\nvinfo.pb
2020-01-12 00:07 - 2020-01-12 00:07 - 000000000 ____D C:\Users\User\AppData\Roaming\Valve Corporation
2020-01-11 14:31 - 2020-01-25 08:46 - 000014376 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-01-11 14:22 - 2020-01-31 13:53 - 000012229 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-01-10 15:18 - 2020-01-10 23:00 - 000013948 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1
2020-01-10 01:08 - 2020-01-10 15:18 - 000014334 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
2020-01-08 19:02 - 2020-01-09 17:37 - 002862884 _____ C:\Users\User\Desktop\igr.tif
2020-01-08 15:13 - 2020-01-09 00:51 - 000012615 _____ C:\ProgramData\DisplaySessionContainer21.log_backup1
2020-01-07 01:00 - 2020-01-07 23:13 - 000013615 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2020-01-03 13:00 - 2020-01-03 13:01 - 000000000 ____D C:\Users\User\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000001151 _____ C:\Users\User\Desktop\Adobe Premiere Pro 2019.lnk
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\Users\Public\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\ProgramData\Documents\Adobe
2020-01-03 12:02 - 2020-01-03 12:02 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-01-03 11:57 - 2020-01-03 12:02 - 000000000 ____D C:\Program Files\Adobe
2020-01-03 11:57 - 2020-01-03 11:57 - 000000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2020-01-03 11:57 - 2020-01-03 11:57 - 000000000 ____D C:\ProgramData\Documents\AdobeInstalledCodecs
2020-01-03 11:46 - 2020-01-03 11:47 - 000080969 _____ C:\Users\User\Downloads\Adobe Premiere Pro CC 2019 v13.1.4 Build 2.torrent
2020-01-03 11:45 - 2020-01-03 11:45 - 002076286 _____ C:\Users\User\Downloads\arriraw_p1_win_092712.zip
2020-01-03 01:40 - 2020-01-04 03:09 - 000013938 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2020-01-02 10:09 - 2020-01-03 01:40 - 000012479 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2020-01-01 10:14 - 2020-01-02 01:12 - 000012262 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2020-01-01 00:48 - 2020-01-01 10:14 - 000012811 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-31 14:15 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-31 14:03 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-31 14:02 - 2018-09-19 11:53 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-31 13:55 - 2019-09-13 15:05 - 000000000 ____D C:\Users\User\AppData\Roaming\WTablet
2020-01-31 13:55 - 2018-09-19 18:17 - 000000152 _____ C:\Users\Public\Documents\OSCFile.txt
2020-01-31 13:55 - 2018-09-19 18:17 - 000000152 _____ C:\ProgramData\Documents\OSCFile.txt
2020-01-31 13:54 - 2019-09-27 01:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-31 13:53 - 2019-12-30 17:48 - 000018900 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-01-31 13:53 - 2019-12-30 17:48 - 000008676 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-01-31 13:53 - 2019-12-30 17:48 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-01-31 13:53 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-31 13:41 - 2019-09-27 00:56 - 000000000 ____D C:\Users\sasuk
2020-01-31 13:30 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-31 13:02 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-31 12:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-31 11:54 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-31 11:53 - 2018-09-19 11:52 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2020-01-31 11:52 - 2018-09-19 11:49 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2020-01-31 11:05 - 2019-09-27 00:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-31 10:21 - 2019-09-27 01:12 - 000004206 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F9A8A5B0-A0EE-4809-9ABB-B9C56B369613}
2020-01-31 02:24 - 2019-12-30 17:48 - 000014142 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2020-01-30 17:21 - 2019-10-09 20:13 - 000000000 ____D C:\Users\User\AppData\Local\Riot Games
2020-01-30 17:20 - 2018-09-19 21:02 - 000001671 _____ C:\Users\Public\Desktop\League of Legends.lnk
2020-01-30 17:20 - 2018-09-19 21:02 - 000001671 _____ C:\ProgramData\Desktop\League of Legends.lnk
2020-01-30 15:56 - 2019-05-15 19:07 - 000000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2020-01-30 11:29 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Roaming\discord
2020-01-30 11:02 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-29 17:21 - 2019-11-16 12:29 - 000002440 _____ C:\Users\User\Desktop\Legacy of Discord.lnk
2020-01-29 17:21 - 2019-11-16 12:29 - 000002136 _____ C:\Users\User\Desktop\GTarcade.lnk
2020-01-29 17:21 - 2019-09-13 15:02 - 000002070 _____ C:\Users\User\Desktop\Wacom Desktop Center.lnk
2020-01-29 17:21 - 2019-09-13 15:02 - 000001969 _____ C:\Users\User\Desktop\Wacom Tablet Properties.lnk
2020-01-29 17:21 - 2019-09-08 14:18 - 000001014 _____ C:\Users\User\Desktop\osu!.lnk
2020-01-29 17:21 - 2018-12-05 18:52 - 000002160 _____ C:\Users\User\Desktop\Somic Audio Center.lnk
2020-01-28 20:54 - 2018-09-19 11:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-01-24 22:43 - 2018-09-19 19:56 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2020-01-24 17:09 - 2018-09-24 19:10 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2020-01-22 11:33 - 2018-10-12 12:48 - 000000000 ____D C:\Users\sasuk\AppData\Local\CrashDumps
2020-01-22 11:05 - 2019-09-14 14:56 - 000000000 ____D C:\Users\sasuk\AppData\Roaming\WTablet
2020-01-22 00:53 - 2019-06-14 13:31 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-22 00:53 - 2019-06-14 13:31 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-22 00:53 - 2019-06-14 13:31 - 000002258 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-20 20:02 - 2019-09-27 01:12 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1270643484-4035232020-1271303665-1002
2020-01-20 20:02 - 2019-09-27 00:56 - 000002395 _____ C:\Users\sasuk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-20 20:02 - 2018-10-12 12:48 - 000000000 ___RD C:\Users\sasuk\OneDrive
2020-01-19 19:38 - 2019-09-27 01:12 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1270643484-4035232020-1271303665-1001
2020-01-19 19:38 - 2019-09-27 00:56 - 000002392 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 19:38 - 2018-09-19 11:54 - 000000000 ___RD C:\Users\User\OneDrive
2020-01-16 16:28 - 2019-10-02 16:35 - 000000000 ____D C:\Users\User\Desktop\drawing [bleep]
2020-01-16 15:45 - 2018-09-19 20:48 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA
2020-01-16 15:42 - 2019-09-27 00:49 - 000447040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 01:11 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 19:57 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-01-15 19:57 - 2018-09-24 18:58 - 000000000 ____D C:\Users\User\AppData\Local\SquirrelTemp
2020-01-15 16:21 - 2018-09-19 12:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 16:16 - 2018-09-19 11:59 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 16:26 - 2019-11-16 12:28 - 000000000 ____D C:\Users\User\AppData\Local\Gtarcade
2020-01-14 16:20 - 2019-08-05 17:21 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout
2020-01-12 00:28 - 2018-09-19 11:52 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-10 15:37 - 2018-10-12 12:41 - 000000000 ____D C:\Users\sasuk\AppData\Local\Packages
2020-01-08 18:55 - 2019-09-13 15:57 - 000017922 _____ C:\Users\User\AppData\Local\kritarc
2020-01-06 23:35 - 2018-09-19 20:48 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA Corporation
2020-01-03 13:01 - 2018-09-19 11:49 - 000000000 ____D C:\Users\User\AppData\Roaming\Adobe
2020-01-03 12:06 - 2019-04-19 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-01-03 11:57 - 2018-09-19 20:38 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-03 11:57 - 2018-09-19 12:27 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-01-03 11:55 - 2018-09-19 12:26 - 000000000 ____D C:\ProgramData\Adobe
2020-01-03 11:55 - 2018-09-19 12:25 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2020-01-03 11:54 - 2018-09-19 12:28 - 000000000 ____D C:\Users\User\AppData\LocalLow\Adobe
2020-01-01 16:00 - 2019-09-23 13:42 - 000000000 ____D C:\Users\User\AppData\Roaming\RenPy
2020-01-01 00:48 - 2019-12-31 02:32 - 000012612 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
==================== Files in the root of some directories ========
2018-09-19 20:48 - 2018-09-19 20:48 - 052531200 _____ () C:\Program Files (x86)\GUTF082.tmp
2019-11-25 17:00 - 2019-11-25 17:00 - 000000385 _____ () C:\Users\User\AppData\Local\karboncalligraphyrc
2019-09-13 15:56 - 2020-01-29 17:20 - 000103244 _____ () C:\Users\User\AppData\Local\krita.log
2020-01-29 17:20 - 2020-01-29 17:20 - 000000039 _____ () C:\Users\User\AppData\Local\kritadisplayrc
2019-09-13 15:57 - 2020-01-08 18:55 - 000017922 _____ () C:\Users\User\AppData\Local\kritarc
2018-09-19 19:19 - 2018-09-19 19:19 - 000000003 _____ () C:\Users\User\AppData\Local\updater.log
2018-09-19 19:19 - 2018-09-19 19:19 - 000000425 _____ () C:\Users\User\AppData\Local\UserProducts.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2020
Ran by User (31-01-2020 14:21:04)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1903 18362.592 (X64) (2019-09-26 23:13:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1270643484-4035232020-1271303665-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1270643484-4035232020-1271303665-503 - Limited - Disabled)
Guest (S-1-5-21-1270643484-4035232020-1271303665-501 - Limited - Disabled)
sasuk (S-1-5-21-1270643484-4035232020-1271303665-1002 - Limited - Enabled) => C:\Users\sasuk
User (S-1-5-21-1270643484-4035232020-1271303665-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-1270643484-4035232020-1271303665-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 4.11 (HKLM\...\{95BBB00C-272E-45A4-A965-6DEFE2F979B6}) (Version: 4.11.1.3390 - Open Media LLC)
60 Seconds Rocket Science (HKLM-x32\...\60 Seconds Rocket Science_is1) (Version: - )
7.1 SOUND EFFECT GAMING HEADSET (HKLM-x32\...\{D8D9AEBE-1712-4A4A-BC70-4CD9C82D108B}) (Version: 1.01 - Somic,Inc)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_4) (Version: 13.1.4 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Autodesk SketchBook (HKLM\...\{AE6C5657-D663-4968-BEB5-1E2ED89CB2D2}) (Version: 8.60.0000 - Autodesk)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.63.1070 - AB Team, d.o.o.)
Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
Crossout Launcher 1.0.3.106 (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\CrossOutLauncher_is1) (Version: - )
Discord (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Frostpunk v.1.3.0 (HKLM-x32\...\Frostpunk_is1) (Version: - )
GameRanger (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GTarcade (HKU-x32\S-1-5-21-1270643484-4035232020-1271303665-1001\...\gtarcade) (Version: 2.1.0 - YOOZOO Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitFilm Express (HKLM\...\{30792CB5-3EBA-483C-98E3-BF08A3CC6B83}) (Version: 12.3.8815.07201 - FXHOME)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Krita (x64) 4.2.6 (HKLM\...\Krita_x64) (Version: 4.2.6.0 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Legends of Runeterra (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\Riot Game bacon.live) (Version: - Riot Games, Inc)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
LS-USBMX1/2/3 Steering Wheel W/Vibration (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM-x32\...\Need for Speed Underground 2) (Version: - )
Neighbours From [bleep] (HKLM-x32\...\1207663903_is1) (Version: 1.00 - GOG.com)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 2.95 - LG Electronics Inc)
osu! (HKLM-x32\...\{8c511a3c-c368-40e6-8a64-8642766d108b}) (Version: latest - ppy Pty Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Skype, версия 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3114846) 64-Bit Edition (HKLM\...\{90160000-012B-0402-1000-0000000FF1CE}_Office16.PROPLUS_{286F464B-2FDF-4107-83A5-DEB08D2AD268}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.36-1 - Wacom Technology Corp.)
WinRAR 5.31 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-30] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Време -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-12-30] (NVIDIA Corp.)
Torrex Lite - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexLite-TorrentDownloader_1.3.97.0_x64__b6e429xa66pga [2019-06-21] (Finebits OÜ) [MS Ad] [Startup Task]
Добавка за „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-05] (Microsoft Corporation)
Добавка за приложението за мултимедийни файлове „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-23] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1270643484-4035232020-1271303665-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\nvshext.dll [2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\User\Desktop\Frostpunk - Пряк път.lnk -> D:\Frostpunk\Frostpunk.exe (11 bit studios S.A.) <==== Cyrillic
Shortcut: C:\Users\User\Desktop\Steam - Пряк път.lnk -> D:\steam\Steam.exe (Valve Corporation) <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Какво е новото в последната версия.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Помощен файл на WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ръководство за конзолната версия на RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () <==== Cyrillic
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive за бизнеса.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\grv_icons.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype за бизнеса 2016.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\lyncicon.exe () <==== Cyrillic
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\SendTo\Получател на факса.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo <==== Cyrillic
==================== Loaded Modules (Whitelisted) =============
2014-02-11 05:08 - 2014-02-11 05:08 - 000817152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2018-09-19 19:19 - 2017-05-23 13:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-09-19 19:19 - 2017-05-23 13:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482]
AlternateDataStreams: C:\Users\User\AppData\Local\Temp:$DATA [16]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2020-01-31 12:37 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\body_of_water_planet_horizon_92570_1920x1080.jpg
DNS Servers: 88.87.0.2 - 88.87.10.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: EpicGamesLauncher => E:\nz\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
HKLM\...\StartupApproved\Run: => "SOMICC71BSound"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_EA977365BF5B2185FA52414E130E9AF9"
HKU\S-1-5-21-1270643484-4035232020-1271303665-1001\...\StartupApproved\Run: => "Chromium"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{7D508BF2-B968-4D38-879A-15B6F811A73F}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{45A6A043-BDB6-4054-BA29-2C479D1B9E38}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{1011CF12-0A9A-4CBE-B3D8-AB674E596EE2}D:\liga\instalaciq\game\league of legends.exe] => (Allow) D:\liga\instalaciq\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{F251D6F0-D57E-4D93-8271-F16FAA71B86B}D:\liga\instalaciq\game\league of legends.exe] => (Allow) D:\liga\instalaciq\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{5CCD9118-386E-43C5-8FE9-334C388D2134}C:\program files (x86)\arenaplay\arenaplay.exe] => (Allow) C:\program files (x86)\arenaplay\arenaplay.exe No File
FirewallRules: [TCP Query User{29865C54-42C0-4223-BCDD-E547BB2D49C3}C:\program files (x86)\arenaplay\arenaplay.exe] => (Allow) C:\program files (x86)\arenaplay\arenaplay.exe No File
FirewallRules: [UDP Query User{927795C9-1E7A-442E-B973-7C7110491ED6}D:\arenaplay\arenaplay.exe] => (Allow) D:\arenaplay\arenaplay.exe No File
FirewallRules: [TCP Query User{C38DF958-819F-4320-BC2A-E9F5D77B2DAC}D:\arenaplay\arenaplay.exe] => (Allow) D:\arenaplay\arenaplay.exe No File
FirewallRules: [{23B4CF72-4620-4285-AA01-60F2A17D28EC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A93E9845-83D9-49B7-8681-68F342E328E4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{879298AA-EE83-4CF8-B069-0945E49E575B}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{BEC13AB3-9870-41D4-8E37-AADEF9F9250D}D:\crossout\launcher.exe] => (Allow) D:\crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{086499CA-7418-49DE-B0BF-4ADCE8624893}C:\users\user\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\user\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [TCP Query User{5ED827FC-ADC1-4385-A205-92D7C4294270}C:\users\user\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\user\appdata\local\gamecenter\gamecenter.exe No File
FirewallRules: [UDP Query User{839E39CA-5F9D-4195-A6BC-B3DA7ECD2F92}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [TCP Query User{18B92560-ACE1-45D1-9221-D452B36F0F11}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe No File
FirewallRules: [UDP Query User{FAC03D3C-55BC-4A8F-86D9-3DBB13D2433E}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [TCP Query User{C9EAECB1-7EBF-4DB6-9DDB-E7E97AE7FF72}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe No File
FirewallRules: [UDP Query User{30E14C1B-AD18-47FE-A7AE-B3D7C389EE7E}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [TCP Query User{4AC1579F-FB86-4352-BC6E-1B39D16861D2}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [UDP Query User{08343F70-5E64-4042-BA7D-8CD9C2CFAE2F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{81CCB718-BACA-4007-B543-E5C6565BC070}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3D418353-805F-4C49-BCED-13766D9EAF5D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FDF05657-89C3-46EB-88F1-5C37D58802C3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.199\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B000AC22-EAC7-4524-AAF8-4D488695604E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{DA373BD4-9582-42BA-BD19-8DD91C5CB16E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A85CE694-7596-47FF-9A03-4039D797BF4B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{8C2329C4-38AB-46DE-BDF8-BB10074778ED}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{33466FD7-EC63-4653-B007-8DEA1BA4C490}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{7EE6F79D-CC36-4CB1-8963-66B4390937D5}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{EFC4C668-DF8F-4160-B2D9-34B53994A0B0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{E06B1C1C-6A29-424D-AF9F-155E40BE00F3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0A208126-7FFE-4015-ABBD-FAA14809BE28}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CEE3AE22-AA12-4358-8C5D-FFA8AFDBA88D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BDA847DB-7ECA-4DBA-B1DC-FA5959D2B8AA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{423249E7-B4A8-4129-ABF1-BF56D2840EBE}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{492A9893-970B-4496-BA2B-B8EBB2E10BAA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FBFCE1D4-32D9-4728-9BA8-65A5F01E668E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.191\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0D6B33BF-12BF-411E-A60C-83C81C661297}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{8041240E-CC47-4FA3-866D-8333A28BB3C6}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{137D374A-A400-4935-91A1-4C5FCC7C8C5B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4A64EEBF-DB3D-4945-9162-47B593959592}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{87FD80F5-1E74-4B4F-AF12-E00FBC2AD918}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BA90702F-59A9-4530-BCA3-9F23DB87D437}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E88FE424-D2E0-4492-A4BE-105500656DE2}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{C623CA49-FBED-4A96-A224-1850D47791D1}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.188\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3B2290D4-06B8-43EF-BA7A-583FECDDE1FD}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{931C85C2-9019-4F45-BB03-B945AAA0B7B2}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [UDP Query User{05F111A4-A095-4F99-9CAB-5A8C8E3B43A1}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{75569D7D-4104-49AC-B83D-38D24B80485D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.187\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A270EF1F-4D0A-4AEA-AAC2-D730B6362C97}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FEB5E3D8-7EFA-4538-8194-1569C406CDA2}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.186\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{39612A48-F43C-41C2-B6EF-2F5BBF7D5860}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{2C11AF77-0234-4D9A-B83C-2396DD1B5426}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.185\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{61588D37-B684-44EA-80E3-C1E604CD29B0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F4376C25-BDB2-41B8-B784-62FBE936A3C9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{EE2874AE-2139-4FFB-BD5F-FDDF8FDE7F4D}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{757C3AA9-7252-4BBC-9797-D40C93FEB413}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E4953609-8BBF-4C63-9F2C-E439DC1F1BFE}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1E798995-2D3A-4B6A-AFEE-98C10CA53BA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.182\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E81E1A9D-A845-4514-810E-487B729A85B1}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{C85E8184-7058-47E2-9006-D80F0EA3BFAD}C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\user\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{5CF86962-76F8-476C-B3F5-10BFD40E5A44}D:\need for speed underground 2\speed2.exe] => (Allow) D:\need for speed underground 2\speed2.exe () [File not signed]
FirewallRules: [TCP Query User{718EC2B9-A00C-4950-8559-6130C144ABA6}D:\need for speed underground 2\speed2.exe] => (Allow) D:\need for speed underground 2\speed2.exe () [File not signed]
FirewallRules: [UDP Query User{91B7FC73-75C3-410A-AEB3-E04A0047DAA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A315A9D9-C2A2-4411-B881-97DA2CE34666}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{295F775B-8010-4A72-9BBF-5E7BD387B98F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CA7323C8-43D1-4215-ABDA-0CA61BBB6433}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe No File
FirewallRules: [{B0AB3C38-28A2-4336-8835-62F4E20D0B0C}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{B430E698-3D99-402D-9BCD-CE9C4CD79249}] => (Allow) D:\steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [UDP Query User{6E876B67-2678-4030-A018-0D6D97C7503B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{5F30D37D-C178-4E1C-9637-1B88C13EB473}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{94CEF22B-4D03-4A74-BD21-64D3B7180C8C}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Block) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{AAF34754-F9EC-4287-923E-EC2628678D6A}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Block) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{38685334-929B-477E-9F3A-B4E2E338872C}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CB0123F1-22BA-4F73-9A0B-11AEA4A67AA7}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{4AFD0456-A808-42E4-BFD5-F4E9563BC7FB}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{E0B7B7C4-9F0A-4DAE-9EE9-45F9CBCCC965}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{1C50329F-3924-404B-AB81-606A16B79A98}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{22517FFB-A2F0-4190-BF55-4F320FDF2CA0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe No File
FirewallRules: [{00DAEA2B-0B46-4404-92E3-AE771A238988}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C59BD872-D204-4DA2-870C-37FEA68FF6C4}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{99C8D147-DBD6-4ACB-A195-E2D142CAA56F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{03E1BF6F-A10A-4636-A59D-27F98A578E5B}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A2DBA4D2-2D88-43D3-8018-73484DC4AD41}D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe] => (Block) D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe () [File not signed]
FirewallRules: [TCP Query User{93EB00E6-F18B-45F5-8B51-D409D0EC6F75}D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe] => (Block) D:\pingvinite24\pingvina\yu-gi-oh! kaiba corp ultimate masters mod\kc utimate masters.exe () [File not signed]
FirewallRules: [UDP Query User{5D351F29-A383-4F45-BFF4-41D31597E9CA}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9FA57325-2B31-4716-B2EE-FD8ACF34631F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BAC46739-3020-4BEF-BA34-0442469B5664}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1CBB62B5-D868-4D79-9123-8A108B08D64E}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{93F37543-874B-4C13-A8F7-5DFC567DEDF3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{FEC3585B-9559-4956-9858-AFAC5CF4DD07}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [{F73A2EE0-27FC-4DC6-840D-826D90822A6F}] => (Allow) D:\steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{620C3D8B-C433-4BB6-87CF-44F0260A6B34}] => (Allow) D:\steam\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{3C895B85-5A12-4B2A-95C2-B9A819F25875}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A49DCD39-750A-4D6B-AAC1-E2BC2152C3DC}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{2529221B-1141-4188-AFF4-20AB58CD7EEF}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{090A28E9-955E-42F6-A536-B75ABBCB29E3}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{CE780A28-717E-4A85-9530-741E9D2171BC}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{2C643B88-C936-45A9-B8CE-4674255A7F1F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{598D7C32-0C65-4655-A114-44BFB604E3E0}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{4A9ACF01-C9F3-4297-80FB-F1A9AD10E0F8}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{1A2B8C39-BD5D-4FFD-B7E8-A7EC39EF0DB9}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User{CC609483-79D0-4D81-A45A-43B0BA2247AD}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{AB20BE90-B0CB-40C3-9CE1-B2F1101366E9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{0056F67B-FBEC-492F-9324-D01B90BC8272}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [{982F1FDB-68F5-49FB-AA01-D04962809B94}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [{E3BDD875-0813-481E-A306-2DBE85768323}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{0FDFA0BE-0EC9-4F95-8553-1A356BF1D1E7}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{9750CA83-DB0A-49ED-9FB1-8DD49031A4D8}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{65FBB822-EA27-4EED-93AB-31BA54AADA1A}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{69F55623-19B9-4D8F-826E-1D18DDA728DE}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{E77B7E6B-3EB1-4BEA-968D-7FA79A986AAF}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [{CC6DBEC4-CDF3-4392-BD6A-446BCC4CB6A4}] => (Allow) D:\steam\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{C3432862-03F6-4B7C-966B-F6936B0B0130}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{8EAAC9EC-973B-42B3-A79C-FC635F67FABA}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{E6C65447-FFC5-4C51-BB9E-5A7B4144EB5F}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{5F2EB398-6113-4A0C-AD76-9CDE5ECC42F0}] => (Allow) D:\steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [UDP Query User{67569C8F-235A-483F-9D71-D19A7C616E71}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{77A09CE2-80DA-40B0-A954-7916E2013D3F}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe No File
FirewallRules: [{C0078B59-7F7E-439B-890D-F96188FC5AB9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe No File
FirewallRules: [{D303666D-96EF-42C2-BB18-DD989DD16441}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [{BD95E4E4-8F87-4710-BB8F-04824CB66DC4}] => (Allow) D:\steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [UDP Query User{8F24552F-DE12-456A-AC3D-ADC00BD8C520}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe No File
FirewallRules: [TCP Query User{414E6773-74FB-4D35-8730-0A75740A65AF}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe No File
FirewallRules: [UDP Query User{428AFC87-AC66-414C-98ED-D667057AE407}E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{6B8F2B6B-FFE0-4373-8E3E-0C0B0D053414}E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File
FirewallRules: [UDP Query User{5E2045E3-FD5E-4B24-9E9E-DBC42A00B664}E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [TCP Query User{B97E58B2-F114-4EA9-864B-E232F94F18A3}E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\nz\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File
FirewallRules: [{AF8E07C2-25FD-4719-ACBC-E96C2899F26B}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{CB63E972-A11C-4348-A11B-F3C276ABDB2E}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe No File
FirewallRules: [{AE2D8CC4-4CC4-401B-9118-AB2AF9368877}] => (Allow) D:\steam\steamapps\common\Alan Wake\AlanWake.exe No File
FirewallRules: [{E9CBB2FB-62F4-42D9-9257-59AB69E5CC4C}] => (Allow) D:\steam\steamapps\common\Alan Wake\AlanWake.exe No File
FirewallRules: [{A4E129F2-86BD-463C-91AF-5DCA413E7498}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{30D6BE07-6F98-4985-A083-649E5E4A119D}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{DE481CEE-24CA-4C39-AA6A-0F1CDCC37A41}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1E10491D-065A-44E1-B70B-1684E390C344}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5A87209E-1714-47F6-BB64-5E9808924BEE}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A2652D3D-3240-4094-AE1A-BA3CE5AE91BB}] => (Allow) D:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{316E5E4E-4D8B-4C87-884B-D07102C91EA6}] => (Allow) D:\Нова папка (2)\Steam.exe No File
FirewallRules: [{B9C6528E-584A-4F71-AF7D-AEED64C0B872}] => (Allow) D:\Нова папка (2)\Steam.exe No File
FirewallRules: [UDP Query User{81634972-DCF1-4219-A01F-F78DCC72E686}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F758194C-33B8-4C9D-9534-5451FC9B28F9}D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) D:\liga\instalaciq\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [{0B8503CF-B697-4C8C-AF39-176D9DC31448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66A6D1AD-AF64-4394-BAAE-D50C47777DC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B78D112F-F3A4-4751-BA28-62D47372E798}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{65A36A4D-0E66-4D40-8BC1-A043E7264525}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3B0DF89-DD96-400D-8484-3C92D7507A27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E7D14E42-1184-48BD-9DB9-400FABE305B0}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50B8CEEB-0199-4C68-B81C-B60A27DE3A08}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{39A98F4B-D697-42D1-B92B-D0B3C3B7E665}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A43F5DAF-F364-4968-BB25-00BEC306D692}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B96BB8E1-D543-42C4-9B82-FD20AAD86B59}D:\games\the sims 4\game\bin\ts4.exe] => (Allow) D:\games\the sims 4\game\bin\ts4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{E8077BD5-F051-4C5A-9DA9-4EFFE005DE5D}D:\games\the sims 4\game\bin\ts4.exe] => (Allow) D:\games\the sims 4\game\bin\ts4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{0E57781D-F16A-42E8-A32B-28B67A1A1284}D:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{CAD72217-0032-4577-B7F4-935C8676217C}D:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{20965B95-C66C-4BFD-80EC-1B88C53E0697}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{46E6FDB2-21A2-4D5B-937F-997AE21EBF53}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{04EA8E8F-4EE0-4CA0-98A7-0C5BFAC60D7E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A5A05355-78C4-4D4B-8720-6A804D3C2A1D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{8DE81259-C457-4DDA-BE21-74E00A8D6658}] => (Allow) C:\Users\User\Downloads\DiscordSetup.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{EE2C36EE-82C6-4FDC-ADDA-E995E621613D}] => (Allow) C:\Users\User\Downloads\DiscordSetup.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{DCE9D003-2ABF-4FDF-8DC3-3200E15633F2}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{D87D36C5-EC9C-4D5C-B77C-74A50AE5A730}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{6A562E3F-B822-41E9-B79E-49A7650ED4A0}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{8EAE1891-F1BC-4FFB-BCF9-A997497BA439}] => (Allow) C:\Users\User\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
FirewallRules: [{81E0D436-E1BB-470D-A74E-3B486472908E}] => (Allow) D:\steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{DEAD566A-AC27-41EC-B631-5E80C84FC963}] => (Allow) D:\steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd)
FirewallRules: [{C65D7A1D-AEAE-41AB-A664-3CA71E6495DD}] => (Allow) D:\steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{983B4EFD-21D7-412C-A259-B8BEEF5640DA}] => (Allow) D:\steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{A4FDEE47-AB89-4D89-8BFC-11A51A8AE071}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B86DD47B-1C82-488F-90D4-C7D1920E60BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B952DC1-CBF1-4EB8-A15C-AB28971D531B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC52C5EB-6C84-4C33-A618-20EEC2C41099}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC22F263-0949-4A10-9078-E69F95FB356C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6ADDF291-66E7-4204-8EC6-15E9B3B2C341}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BDA53FED-24F0-45E6-B632-DF84791CB995}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{5FA3D9A2-52C5-4A09-9C8C-E16540C21E43}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{EBA3E1AD-F0DA-4CF9-B14C-965DABCA6040}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{A91F2F49-B13C-4336-98E1-1AAC0D7F94F3}] => (Allow) C:\Users\User\AppData\Local\Chromium\Application\chrome.exe No File
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:103.91 GB) (Free:44.46 GB) (43%)
==================== Faulty Device Manager Devices ============
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/31/2020 02:09:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4396,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/31/2020 01:53:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (01/31/2020 01:53:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (01/31/2020 01:44:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (01/31/2020 01:44:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (01/31/2020 01:29:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5240,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/31/2020 01:21:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2744,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/31/2020 12:53:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1772,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (01/31/2020 01:54:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Услуга AvastWscReporter не може да бъде стартирана поради следната грешка:
The system cannot find the file specified.
Error: (01/31/2020 01:53:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга NVIDIA Display Container LS беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата.
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга NVIDIA LocalSystem Container беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата.
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Hi-Rez Studios Authenticate and Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга LogMeIn Hamachi Tunneling Engine беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Wacom Professional Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Adobe Acrobat Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
Error: (01/31/2020 01:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга PnkBstrB беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).
Windows Defender:
===================================
Date: 2020-01-31 12:39:51.575
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {86CCFFB5-DC66-4247-B60D-3BA77C00022A}
Scan Type: Antimalware
Scan Parameters: Full Scan
Date: 2020-01-31 11:16:36.492
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\PROGRA~3\{51B76~1\tarodid.exe
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-01-31 11:16:34.233
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_c:\programdata\{51b76d8b-799f-15f3-21c7-3ddbc92fe503}\tarodid.exe; process:_pid:7260,ProcessStart:132249356434283126
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-01-31 11:14:23.156
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_C:\ProgramData\{51B76D8B-799F-15F3-21C7-3DDBC92FE503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\PROGRA~3\{51B76~1\tarodid.exe
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-01-31 11:14:10.925
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Detplock
ID: 2147680291
Severity: Много високо
Category: Троянски кон
Path: file:_c:\programdata\{51b76d8b-799f-15f3-21c7-3ddbc92fe503}\tarodid.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.309.74.0, AS: 1.309.74.0, NIS: 1.309.74.0
Engine Version: AM: 1.1.16700.3, NIS: 1.1.16700.3
Date: 2020-01-31 11:54:33.032
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: Програмата не успя да открие злонамерен и друг потенциално нежелан софтуер на устройството.
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2020-01-31 11:42:54.307
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2020-01-22 17:16:06.544
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.2803.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee2
Error description: The operation timed out
CodeIntegrity:
===================================
Date: 2020-01-31 11:43:03.265
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.251
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.234
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.220
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.207
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.190
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.168
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-31 11:43:03.155
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.20 10/14/2013
Motherboard: ASRock FM2A55M-HD+
Processor: AMD A8-6600K APU with Radeon HD Graphics
Percentage of memory in use: 50%
Total physical RAM: 8118.7 MB
Available physical RAM: 4046.12 MB
Total Virtual: 12214.7 MB
Available Virtual: 6285.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:103.91 GB) (Free:44.46 GB) NTFS
Drive d: () (Fixed) (Total:413.5 GB) (Free:230.37 GB) NTFS
Drive e: () (Fixed) (Total:413.5 GB) (Free:407.39 GB) NTFS
\\?\Volume{b9268b8f-cdf0-4441-8cbe-ed5ddde2761a}\ (Възстановяване) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{c1a9056b-b388-44b5-8dff-7b7a58982c78}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 21F41539)
Partition: GPT.
==================== End of Addition.txt =======================
http://prntscr.com/qvlcotthis is what I found suspicios
http://prntscr.com/qvlt0b