VlaxiXD Posted August 11, 2018 ID:1262859 Share Posted August 11, 2018 FRST: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018 Ran by Vlada (administrator) on DESKTOP-46C4RDO (11-08-2018 22:56:02) Running from C:\Users\Vlada\Downloads Loaded Profiles: Vlada (Available Profiles: Vlada) Platform: Windows 10 Pro Version 1709 16299.547 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\WINDOWS\System32\DriverStore\FileRepository\c0326037.inf_amd64_6cad8aeb5717c52d\B326079\atiesrxx.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe () C:\WINDOWS\SysWOW64\PnkBstrA.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (AMD) C:\WINDOWS\System32\DriverStore\FileRepository\c0326037.inf_amd64_6cad8aeb5717c52d\B326079\atieclxx.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\WINDOWS\System32\Taskmgr.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Black Tree Gaming) C:\Program Files\Nexus Mod Manager\NexusClient.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-17] (Realtek Semiconductor) HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation) HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3206432 2018-08-09] (Valve Corporation) HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\Run: [Discord] => C:\Users\Vlada\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.) HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net) HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3112744 2018-07-19] (Electronic Arts) HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2018-05-07] (Glarysoft Ltd) HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32966032 2018-07-20] (Epic Games, Inc.) Startup: C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-03-11] ShortcutTarget: Twitch.lnk -> C:\Users\Vlada\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.) BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50 Tcpip\..\Interfaces\{5cd2e0b6-005f-4703-8106-7f0a4fe649cd}: [DhcpNameServer] 89.216.1.30 89.216.1.50 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKU\S-1-5-21-3769795628-1337388277-3111980596-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 SearchScopes: HKU\S-1-5-21-3769795628-1337388277-3111980596-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 SearchScopes: HKU\S-1-5-21-3769795628-1337388277-3111980596-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10454__180623__yaie&p={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-07-07] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-07-07] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-07-07] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-07-07] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems) Chrome: ======= CHR HomePage: Default -> hxxp://encrypted.google.com/ CHR StartupUrls: Default -> "hxxp://encrypted.google.com/" CHR Profile: C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default [2018-08-11] CHR Extension: (Slides) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-23] CHR Extension: (Docs) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-23] CHR Extension: (Google Drive) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-23] CHR Extension: (YouTube) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-23] CHR Extension: (Adblock Plus) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-07-17] CHR Extension: (Tampermonkey) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-08-10] CHR Extension: (Sheets) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-23] CHR Extension: (Google Docs Offline) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-23] CHR Extension: (ScriptMonkey) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-08-10] CHR Extension: (Chrome Web Store Payments) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-23] CHR Extension: (Chrome Media Router) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-04] Opera: ======= OPR Extension: (Tampermonkey) - C:\Users\Vlada\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-08-10] OPR Extension: (ScriptMonkey) - C:\Users\Vlada\AppData\Roaming\Opera Software\Opera Stable\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-08-10] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated) R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0326037.inf_amd64_6cad8aeb5717c52d\B326079\atiesrxx.exe [481768 2018-03-23] (AMD) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] () R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed] R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2195280 2018-06-07] (Bitdefender) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-01] () S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-30] (EasyAntiCheat Ltd) S3 EQU8_tabg; E:\SteamLibrary\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds_Data\Plugins\agent.x64.equ8.exe [3444216 2018-07-04] (Int3 Software AB) S3 HnGSteamService; E:\SteamLibrary\steamapps\common\Heroes & Generals\hngservice.exe [754984 2018-08-07] (Reto-Moto ApS) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2205504 2018-07-19] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3075400 2018-07-19] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2018-07-07] () R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1275776 2018-05-16] (Bitdefender) R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [294912 2018-08-03] (Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation) R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2017-10-17] (Popcorn Time) [File not signed] R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [239400 2018-06-07] (Bitdefender) R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [239400 2018-06-07] (Bitdefender) R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [239400 2018-06-07] (Bitdefender) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-10] (Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-10] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0326037.inf_amd64_6cad8aeb5717c52d\B326079\atikmdag.sys [41595872 2018-03-23] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0326037.inf_amd64_6cad8aeb5717c52d\B326079\atikmpag.sys [546280 2018-03-23] (Advanced Micro Devices, Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] () R0 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1283464 2018-06-07] (BitDefender S.R.L. Bucharest, ROMANIA) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-21] (Advanced Micro Devices) R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1723552 2018-05-11] (BitDefender) R0 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [152648 2018-05-11] (Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23032 2018-05-11] (Bitdefender) S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-23] (Bluestack System Inc. ) R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [246064 2018-05-11] (BitDefender S.R.L. Bucharest, ROMANIA) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28424 2018-05-10] (Glarysoft Ltd) R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [193184 2018-07-04] (BitDefender LLC) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-08-11] (Malwarebytes) S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2016-06-15] (The OpenVPN Project) S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [151552 2017-09-29] (Microsoft Corporation) R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [607640 2018-05-11] (Bitdefender) R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-03-15] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-10] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-10] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-10] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-08-11 22:56 - 2018-08-11 22:57 - 000019183 _____ C:\Users\Vlada\Downloads\FRST.txt 2018-08-11 22:55 - 2018-08-11 22:56 - 000000000 ____D C:\FRST 2018-08-11 22:55 - 2018-08-11 22:55 - 002412544 _____ (Farbar) C:\Users\Vlada\Downloads\FRST64.exe 2018-08-10 23:38 - 2018-08-10 23:38 - 000000000 ____D C:\Users\Vlada\Documents\Electronic Arts 2018-08-10 23:33 - 2018-08-11 01:32 - 000000000 ____D C:\WINDOWS\{6CD4963C-603E-45BC-A07A-EB9A6137CC9A} 2018-08-10 21:32 - 2018-08-10 21:32 - 000000002 _____ C:\Users\Vlada\AppData\Local\imw.ini 2018-08-08 21:24 - 2018-08-08 21:53 - 000000000 ____D C:\Users\Vlada\Desktop\sd card 2018-08-08 20:15 - 2018-08-08 20:15 - 000000279 _____ C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk 2018-08-08 19:30 - 2018-08-08 19:30 - 000002667 _____ C:\Users\Public\Desktop\SD Card Formatter.lnk 2018-08-08 19:30 - 2018-08-08 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SD Association 2018-08-08 19:30 - 2018-08-08 19:30 - 000000000 ____D C:\Program Files (x86)\SDA 2018-08-08 16:53 - 2018-08-08 16:53 - 000000000 ____D C:\Users\Vlada\Desktop\GameBoy games 2018-08-08 13:55 - 2018-08-08 20:15 - 000000000 ____D C:\Users\Vlada\Desktop\Ds games 2018-08-08 10:55 - 2018-08-08 10:55 - 000004210 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1533718542 2018-08-08 10:55 - 2018-08-08 10:55 - 000001368 _____ C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk 2018-08-08 10:55 - 2018-08-08 10:55 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\Opera Software 2018-08-08 10:55 - 2018-08-08 10:55 - 000000000 ____D C:\Users\Vlada\AppData\Local\Opera Software 2018-08-08 10:55 - 2018-08-08 10:55 - 000000000 ____D C:\ProgramData\Canneverbe Limited 2018-08-08 10:54 - 2018-08-08 10:54 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\Canneverbe Limited 2018-08-06 11:02 - 2018-08-11 01:42 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-08-06 03:57 - 2018-08-06 03:57 - 000000000 _____ C:\WINDOWS\Minidump\080618-32093-01.dmp 2018-08-02 12:49 - 2018-08-02 12:49 - 000000000 _____ C:\Users\Vlada\Desktop\New Text Document (2).txt 2018-08-02 02:14 - 2018-08-02 02:14 - 000000931 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk 2018-08-02 02:14 - 2018-08-02 02:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager 2018-08-01 19:01 - 2018-08-01 19:01 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F4SE 2018-08-01 15:45 - 2018-08-01 15:57 - 000000000 ____D C:\Users\Vlada\Desktop\CODEX 2018-08-01 00:00 - 2018-08-01 18:17 - 000000000 ____D C:\Users\Vlada\Desktop\mods 2018-07-31 23:18 - 2018-07-31 23:25 - 000000000 ___HD C:\$WINDOWS.~BT 2018-07-31 01:36 - 2018-07-31 01:37 - 000000000 ____D C:\Users\Vlada\Desktop\Saves 2018-07-30 18:37 - 2018-07-30 18:38 - 000000000 ____D C:\Users\Vlada\Desktop\New folder (2) 2018-07-30 13:35 - 2018-08-02 12:02 - 000000000 ____D C:\Users\Vlada\Desktop\New folder 2018-07-30 13:15 - 2018-08-02 02:14 - 000000000 ____D C:\Program Files\Nexus Mod Manager 2018-07-30 02:57 - 2018-07-30 02:57 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip 2018-07-30 02:57 - 2018-07-30 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2018-07-30 02:57 - 2018-07-30 02:57 - 000000000 ____D C:\Program Files\7-Zip 2018-07-29 20:06 - 2017-09-28 19:05 - 006917632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0c1a.dll 2018-07-29 20:06 - 2017-09-28 19:02 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0c1a.dll 2018-07-29 20:06 - 2017-09-28 18:44 - 006917632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0c1a.dll 2018-07-29 20:06 - 2017-09-28 18:43 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0c1a.dll 2018-07-27 22:12 - 2018-08-01 22:49 - 000000000 ____D C:\Users\Vlada\Desktop\Data 2018-07-27 17:19 - 2018-07-29 20:08 - 000000296 _____ C:\Users\Vlada\Desktop\New Text Document.txt 2018-07-26 04:00 - 2018-07-26 04:00 - 000000000 ____D C:\Users\Vlada\AppData\LocalLow\Team2B 2018-07-25 21:47 - 2018-07-04 15:48 - 000193184 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys 2018-07-25 21:47 - 2018-06-19 14:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-07-25 21:47 - 2018-06-07 13:25 - 001283464 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys 2018-07-25 21:47 - 2018-05-11 13:00 - 001723552 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys 2018-07-25 21:47 - 2018-05-11 13:00 - 000607640 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys 2018-07-25 21:47 - 2018-05-11 13:00 - 000246064 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys 2018-07-25 21:47 - 2018-05-11 13:00 - 000152648 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys 2018-07-23 15:19 - 2018-07-23 15:19 - 000000000 ____D C:\Users\Vlada\AppData\LocalLow\Zorro Svärdendahl 2018-07-18 20:34 - 2016-06-17 08:16 - 015202040 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll 2018-07-18 20:34 - 2016-06-17 08:16 - 003299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll 2018-07-18 20:34 - 2016-06-17 08:16 - 002190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll 2018-07-18 20:34 - 2014-04-14 17:52 - 000003008 _____ C:\WINDOWS\system32\Drivers\DTSU2P.DAT 2018-07-18 20:33 - 2016-06-17 08:16 - 002706864 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 002203752 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 002110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 001435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 001382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 001336544 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000962056 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000873472 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000582016 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000570096 _____ (Intel Corporation) C:\WINDOWS\system32\tbb_waves.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000447104 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000341160 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000258872 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000221976 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll 2018-07-18 20:33 - 2016-06-17 08:16 - 000075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 072520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2018-07-18 20:33 - 2016-06-17 08:15 - 006318576 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2018-07-18 20:33 - 2016-06-17 08:15 - 005152512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2018-07-18 20:33 - 2016-06-17 08:15 - 003283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 003199744 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 003181209 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat 2018-07-18 20:33 - 2016-06-17 08:15 - 003101912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 002895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2018-07-18 20:33 - 2016-06-17 08:15 - 002731064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 001355616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 001041744 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000927424 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000716112 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000589080 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL 2018-07-18 20:33 - 2016-06-17 08:15 - 000450120 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll 2018-07-18 20:33 - 2016-06-17 08:15 - 000023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 024404696 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRenderAVX64.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 024312224 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRender64.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 017362784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioCapture64.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 014057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 013122584 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 012988352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 010512456 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 007172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 006402440 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 005776968 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 005593624 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 002825112 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 002060032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 002050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 001422936 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 001334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 001213664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 001186832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 001166160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 001003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000999856 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000678192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000677680 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000472312 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000371456 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000366128 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000360352 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000190936 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000179608 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000134208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll 2018-07-18 20:32 - 2016-06-17 08:15 - 000084624 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 007096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 006264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 005339552 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 003282544 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 002437760 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 001780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 001591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 001508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 001061120 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000445408 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll 2018-07-18 20:31 - 2016-06-17 08:15 - 000154368 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 001965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 001959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 001608128 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000586432 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CAF64APO2.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000362064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000118600 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000112496 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Caf64api.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000105312 _____ C:\WINDOWS\system32\audioLibVc.dll 2018-07-18 20:30 - 2016-06-17 08:15 - 000007756 _____ C:\WINDOWS\system32\cxapo.prop 2018-07-18 20:18 - 2018-07-18 20:18 - 000000000 ____D C:\Program Files (x86)\ASUS 2018-07-18 20:18 - 2015-05-08 14:26 - 000028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll 2018-07-18 20:18 - 2015-05-08 14:26 - 000015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys 2018-07-18 20:17 - 2018-07-18 20:18 - 000000000 ____D C:\Users\Vlada\Desktop\Realtek_Audio_V7848_20160617 2018-07-18 19:48 - 2018-07-18 19:48 - 000000000 _____ C:\ProgramData\DP45977C.lfl 2018-07-18 19:47 - 2018-07-26 23:59 - 000000000 ____D C:\WINDOWS\system32\DAX3 2018-07-18 19:47 - 2018-07-18 20:36 - 000000000 ____D C:\WINDOWS\system32\DAX2 2018-07-18 19:47 - 2018-07-18 19:47 - 000000000 ____D C:\ProgramData\Audyssey Labs 2018-07-18 19:46 - 2018-07-18 20:35 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2018-07-18 19:46 - 2018-07-18 19:46 - 000000000 ____D C:\Program Files\Realtek 2018-07-18 19:42 - 2017-06-29 18:55 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll 2018-07-18 19:42 - 2017-06-29 18:55 - 000877424 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll 2018-07-18 19:42 - 2017-06-29 18:54 - 000406448 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll 2018-07-18 19:42 - 2017-06-29 03:05 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat 2018-07-18 19:41 - 2018-07-18 19:41 - 000000000 ____D C:\Program Files (x86)\Realtek 2018-07-18 19:41 - 2017-06-29 18:53 - 001554600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll 2018-07-18 19:41 - 2017-06-29 18:53 - 001529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll 2018-07-18 19:41 - 2017-06-29 18:53 - 001326424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll 2018-07-18 19:41 - 2017-06-29 18:53 - 001170872 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll 2018-07-18 19:41 - 2017-06-29 18:52 - 002993720 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll 2018-07-18 19:41 - 2017-06-29 03:05 - 000005604 _____ C:\WINDOWS\system32\cxapo.lncs 2018-07-18 19:40 - 2018-07-18 19:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-07-18 19:23 - 2018-07-18 20:37 - 000000000 ___HD C:\Program Files (x86)\Temp 2018-07-18 19:23 - 2016-09-22 14:55 - 002839520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll 2018-07-18 18:47 - 2018-07-18 18:54 - 000000000 ____D C:\Users\Vlada\AppData\Local\Voicemod 2018-07-18 18:47 - 2018-07-18 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voicemod Desktop 2018-07-18 18:47 - 2018-03-15 15:20 - 000045408 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vmdrv.sys 2018-07-18 02:24 - 2018-07-18 02:24 - 000000000 ____D C:\Users\Vlada\AppData\Local\FOMM 2018-07-16 16:49 - 2018-07-26 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm 2018-07-16 16:49 - 2018-07-16 16:49 - 000000587 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk 2018-07-16 16:41 - 2018-07-26 17:25 - 000000000 ____D C:\Heroes of the Storm 2018-07-16 16:41 - 2018-07-16 16:41 - 000000000 ____D C:\Users\Vlada\Documents\Heroes of the Storm 2018-07-16 14:57 - 2018-07-26 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch 2018-07-16 14:57 - 2018-07-16 14:57 - 000000409 _____ C:\Users\Public\Desktop\Overwatch.lnk 2018-07-14 11:35 - 2018-08-09 15:09 - 000000000 ____D C:\Users\Vlada\Documents\Nexus Mod Manager 2018-07-14 11:35 - 2018-08-02 02:14 - 000000000 ____D C:\Users\Vlada\AppData\Local\Black_Tree_Gaming 2018-07-12 20:38 - 2018-07-12 20:38 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\Yacht Club Games 2018-07-12 11:14 - 2018-07-26 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-07-12 11:14 - 2018-07-12 11:14 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-07-12 11:13 - 2018-07-12 11:13 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-07-12 11:13 - 2018-07-12 11:13 - 000000000 ____D C:\Program Files\Malwarebytes ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-08-11 22:57 - 2018-01-23 16:54 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free 2018-08-11 21:51 - 2018-04-20 00:32 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EC7ED1B5-06BE-4756-B6DF-C70E4E236995} 2018-08-11 19:14 - 2018-01-23 20:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-08-11 15:22 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-08-11 15:22 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-08-11 15:20 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-08-11 15:16 - 2018-05-10 14:00 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5 2018-08-11 15:15 - 2018-01-23 17:28 - 000000000 ____D C:\Program Files (x86)\Steam 2018-08-11 15:14 - 2017-09-29 10:45 - 000131072 _____ C:\WINDOWS\system32\config\ELAM 2018-08-11 01:42 - 2018-01-23 20:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-08-11 01:41 - 2018-01-23 16:15 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2018-08-11 01:41 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-08-11 00:04 - 2018-01-23 16:33 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\uTorrent 2018-08-10 23:37 - 2018-01-24 16:26 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2018-08-10 23:37 - 2018-01-23 17:46 - 000000000 ____D C:\Users\Vlada\Desktop\Igrice 2018-08-10 05:48 - 2018-01-23 20:26 - 000000000 ____D C:\Users\Vlada 2018-08-10 03:08 - 2018-07-10 21:08 - 000000000 ____D C:\Program Files\rempl 2018-08-10 03:07 - 2018-04-25 16:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-08-09 22:26 - 2018-01-31 16:57 - 000000000 ____D C:\WINDOWS\Minidump 2018-08-08 22:53 - 2018-01-23 22:54 - 000000000 ____D C:\Users\Vlada\AppData\Local\Ubisoft Game Launcher 2018-08-08 21:13 - 2018-01-23 16:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-08-08 20:14 - 2018-07-06 15:12 - 000000000 ____D C:\Users\Vlada\Desktop\dungeons2 2018-08-08 19:28 - 2018-05-27 17:48 - 000000000 ____D C:\Users\Vlada\AppData\Local\Downloaded Installations 2018-08-08 16:25 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF 2018-08-08 13:53 - 2018-01-23 20:47 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\discord 2018-08-08 02:32 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-08-06 11:02 - 2018-01-23 16:52 - 000000000 ____D C:\Program Files\Bitdefender Agent 2018-08-02 20:57 - 2018-01-24 16:26 - 000000000 ____D C:\Games 2018-08-02 11:44 - 2018-02-08 00:51 - 000000000 ____D C:\ProgramData\Origin 2018-08-01 17:51 - 2018-01-23 16:17 - 000000000 ____D C:\ProgramData\Package Cache 2018-08-01 15:45 - 2018-06-11 21:48 - 000000000 ____D C:\Users\Vlada\AppData\Local\Fallout4 2018-07-31 23:25 - 2018-01-23 20:38 - 000001908 _____ C:\WINDOWS\diagwrn.xml 2018-07-31 23:25 - 2018-01-23 20:38 - 000001908 _____ C:\WINDOWS\diagerr.xml 2018-07-31 23:21 - 2018-01-23 16:38 - 000000000 ___DC C:\WINDOWS\Panther 2018-07-31 15:24 - 2018-07-03 15:43 - 000000000 ____D C:\ProgramData\Packages 2018-07-29 20:06 - 2017-09-29 16:41 - 000000000 ____D C:\WINDOWS\OCR 2018-07-29 20:03 - 2018-01-23 20:41 - 000000000 ____D C:\Users\Vlada\AppData\Local\ConnectedDevicesPlatform 2018-07-26 23:59 - 2018-07-02 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2018-07-26 23:59 - 2018-06-23 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2018-07-26 23:59 - 2018-06-23 04:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thief 2 - The Metal Age [GOG.com] 2018-07-26 23:59 - 2018-06-22 04:52 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2018-07-26 23:59 - 2018-06-21 18:58 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2018-07-26 23:59 - 2018-05-21 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin 2018-07-26 23:59 - 2018-05-21 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project64 2.3 2018-07-26 23:59 - 2018-05-10 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2018-07-26 23:59 - 2018-05-08 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall™ 2 2018-07-26 23:59 - 2018-04-20 01:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2018-07-26 23:59 - 2018-04-12 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher 2018-07-26 23:59 - 2018-04-10 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings 2018-07-26 23:59 - 2018-04-08 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 2018-07-26 23:59 - 2018-04-01 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2018-07-26 23:59 - 2018-03-27 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard 2018-07-26 23:59 - 2018-03-25 03:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity 2018-07-26 23:59 - 2018-03-25 03:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2017.4.0f1 (64-bit) 2018-07-26 23:59 - 2018-03-01 01:33 - 000000000 ____D C:\WINDOWS\system32\tmp00006a66 2018-07-26 23:59 - 2018-02-28 00:19 - 000000000 ____D C:\WINDOWS\system32\tmp000047ca 2018-07-26 23:59 - 2018-02-26 19:36 - 000000000 ____D C:\WINDOWS\system32\tmp000051fa 2018-07-26 23:59 - 2018-02-25 16:04 - 000000000 ____D C:\WINDOWS\system32\tmp0000785c 2018-07-26 23:59 - 2018-02-25 03:56 - 000000000 ____D C:\WINDOWS\system32\tmp00003b3f 2018-07-26 23:59 - 2018-02-24 10:53 - 000000000 ____D C:\WINDOWS\system32\tmp000011dd 2018-07-26 23:59 - 2018-02-23 18:15 - 000000000 ____D C:\WINDOWS\system32\tmp00001d7d 2018-07-26 23:59 - 2018-02-23 18:09 - 000000000 ____D C:\WINDOWS\system32\tmp00004d66 2018-07-26 23:59 - 2018-02-19 17:44 - 000000000 ____D C:\WINDOWS\system32\tmp00000ac6 2018-07-26 23:59 - 2018-02-19 15:58 - 000000000 ____D C:\WINDOWS\system32\tmp000045d4 2018-07-26 23:59 - 2018-01-26 15:18 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2018-07-26 23:59 - 2018-01-25 16:33 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2018-07-26 23:59 - 2018-01-23 20:47 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2018-07-26 23:59 - 2018-01-23 19:52 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-07-26 23:59 - 2018-01-23 18:30 - 000000000 ____D C:\Program Files\UNP 2018-07-26 23:59 - 2018-01-23 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2018-07-26 23:59 - 2018-01-23 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free 2018-07-26 23:59 - 2018-01-23 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler 2018-07-26 23:59 - 2018-01-23 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2018-07-26 23:59 - 2018-01-23 16:41 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-07-26 23:59 - 2018-01-23 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-07-26 23:59 - 2018-01-23 16:15 - 000000000 ____D C:\Program Files\AMD 2018-07-26 23:59 - 2017-09-29 15:46 - 000000000 __SHD C:\Users\Public\Libraries 2018-07-26 23:59 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2018-07-26 23:59 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\spool 2018-07-26 23:59 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-07-26 23:59 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-07-26 23:59 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-07-26 23:59 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-07-26 17:47 - 2018-04-01 15:03 - 000000000 ____D C:\Users\Vlada\AppData\Local\Battle.net 2018-07-26 17:08 - 2016-06-20 13:04 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2018-07-26 17:07 - 2018-04-01 14:00 - 000000000 ____D C:\Program Files (x86)\Battle.net 2018-07-26 13:57 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Registration 2018-07-26 13:47 - 2018-01-23 20:37 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat 2018-07-23 15:19 - 2017-07-16 19:15 - 000000000 ____D C:\Resize 2018-07-23 03:06 - 2018-02-08 00:52 - 000000000 ____D C:\Program Files (x86)\Origin 2018-07-22 13:46 - 2018-02-08 00:52 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\Origin 2018-07-21 10:25 - 2018-03-11 00:34 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\Twitch 2018-07-20 20:41 - 2018-07-02 10:25 - 000000000 ____D C:\Users\Vlada\AppData\Roaming\.minecraft 2018-07-19 20:50 - 2018-06-15 14:06 - 000000000 ____D C:\Users\Vlada\AppData\LocalLow\Heroes and Generals 2018-07-18 19:20 - 2018-04-11 22:45 - 000000000 ____D C:\Users\Vlada\AppData\Local\ElevatedDiagnostics 2018-07-18 19:04 - 2018-01-23 20:38 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3769795628-1337388277-3111980596-1002 2018-07-18 19:04 - 2018-01-23 16:12 - 000002367 _____ C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-07-18 19:04 - 2018-01-23 16:12 - 000000000 ___RD C:\Users\Vlada\OneDrive 2018-07-14 11:40 - 2018-03-19 20:27 - 000000000 ____D C:\Users\Vlada\AppData\Local\FalloutNV 2018-07-12 21:04 - 2018-03-25 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ 2018-07-12 15:27 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache ==================== Files in the root of some directories ======= 2017-09-29 15:42 - 2017-09-29 15:42 - 000059904 ____N (Microsoft Corporation) C:\Users\Vlada\AppData\Roaming\FoREpQ.exe 2018-08-10 21:32 - 2018-08-10 21:32 - 000000002 _____ () C:\Users\Vlada\AppData\Local\imw.ini 2017-09-29 15:42 - 2017-09-29 15:42 - 000174592 ____N (Microsoft Corporation) C:\Users\Vlada\AppData\Local\KCQIAdYFua.exe 2017-09-29 15:42 - 2017-09-29 15:42 - 000059904 ____N (Microsoft Corporation) C:\Users\Vlada\AppData\Local\nRCjlAoGbwLik.exe Some files in TEMP: ==================== 2018-08-10 21:26 - 2018-08-10 21:26 - 005518337 _____ () C:\Users\Vlada\AppData\Local\Temp\ferrrr.exe 2018-08-08 10:56 - 2018-08-08 10:56 - 002611200 _____ (Opera Software) C:\Users\Vlada\AppData\Local\Temp\Opera_installer_18080808561537810096.dll 2018-08-08 11:11 - 2018-08-08 11:11 - 002611200 _____ (Opera Software) C:\Users\Vlada\AppData\Local\Temp\Opera_installer_1808080911540483448.dll 2018-08-10 21:26 - 2018-08-10 21:26 - 001820059 _____ () C:\Users\Vlada\AppData\Local\Temp\timy.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-08-08 05:20 Addition: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018 Ran by Vlada (11-08-2018 22:59:14) Running from C:\Users\Vlada\Downloads Windows 10 Pro Version 1709 16299.547 (X64) (2018-01-23 18:41:28) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3769795628-1337388277-3111980596-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3769795628-1337388277-3111980596-503 - Limited - Disabled) Guest (S-1-5-21-3769795628-1337388277-3111980596-501 - Limited - Disabled) Vlada (S-1-5-21-3769795628-1337388277-3111980596-1002 - Administrator - Enabled) => C:\Users\Vlada WDAGUtilityAccount (S-1-5-21-3769795628-1337388277-3111980596-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.) 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated) Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0_1) (Version: 19.0.1 - Adobe Systems Incorporated) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.3.4 - Advanced Micro Devices, Inc.) Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender) Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.9.69 - Bitdefender) BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.56.76.1867 - BlueStack Systems, Inc.) Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) Discord (HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\Discord) (Version: 0.0.301 - Discord Inc.) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) Epic Games Launcher (HKLM-x32\...\{2B6AC31A-9883-465C-AFC6-1EC5AA48F5BD}) (Version: 1.1.138.0 - Epic Games, Inc.) Fallout 4 GOTY (HKLM\...\Fallout 4 GOTY_is1) (Version: 1.10.82.0 - ) Fallout New Vegas Ultimate Edition version 1.4.0.525 (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version: 1.4.0.525 - Mr DJ) Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen) Glary Utilities 5.97 (HKLM-x32\...\Glary Utilities 5) (Version: 5.97.0.119 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Metal Gear Solid V: The Phantom Pain (HKLM-x32\...\{48397BFF-7C01-4B64-8F1A-0D468DDE5D73}_is1) (Version: - Kojima Productions) Microsoft OneDrive (HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.15.3248.309 - Microsoft Corporation) Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{756E195A-CB58-4B99-917F-0DDA0D881204}) (Version: 1.0.4.0 - Mojang) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.24.5022 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.7.2.0 - Popcorn Time) <==== ATTENTION Project64 version 2.3.0.210 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.0.210 - ) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7848 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.) Roblox Player for Vlada (HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation) SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0000-1000-0000000FF1CE}_Office14.WORD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - ) Thief 2 - The Metal Age (HKLM-x32\...\GOGPACKTHIEF2_is1) (Version: 2.0.0.18 - GOG.com) Twitch (HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A951B9A0-13C0-4A4B-8E04-3CCF05701086}) (Version: 2.47.0.0 - Microsoft Corporation) Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft) Visual Studio Community 2017 (HKLM-x32\...\25d50f5b) (Version: 15.6.27428.2015 - Microsoft Corporation) vs_communitymsi (HKLM-x32\...\{C2749223-157E-48F0-9410-A510361D6803}) (Version: 15.6.27406 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{02DD895F-089F-4A63-81A9-78D00142AF20}) (Version: 15.6.27406 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{E6A92308-33DF-494B-A91A-3B80FBC97F2B}) (Version: 15.6.27406 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{6B45EEA3-85F8-4B26-B952-6830A45F2688}) (Version: 15.6.27323 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{13E08AD0-D6AC-44C4-9F5B-0AE2EB56B105}) (Version: 15.6.27421 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3769795628-1337388277-3111980596-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-10CDB27729B5}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File CustomCLSID: HKU\S-1-5-21-3769795628-1337388277-3111980596-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] () ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] () ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-03-22] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] () ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00B8982B-0D79-4E30-8E4D-DC333CACD09A} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-46C4RDO-Vlada => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated) Task: {057930F1-6284-41A0-B0FC-0D53AD149C59} - System32\Tasks\S-1-5-21-3769795628-1337388277-3111980596-1002\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation) Task: {0C85CA86-3A84-4843-9C9B-9C6A3933ED0E} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-46C4RDO-Vlada => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated) Task: {2BF65C19-0EEE-462B-A14D-E71D40D2FD3D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-03-22] (Advanced Micro Devices, Inc.) Task: {50BBC2AF-855A-44FA-902F-833748083A3B} - System32\Tasks\Opera scheduled Autoupdate 1533718542 => C:\Users\Vlada\AppData\Local\Programs\Opera\launcher.exe Task: {6150EDE3-09D3-412B-A762-8BCACF235CB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-23] (Google Inc.) Task: {852E99FD-8E4D-4630-B03F-B6F16BFCA9E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-23] (Google Inc.) Task: {AB196E41-DDBD-44D8-AC00-43BBE36D3ABB} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-03-22] (Advanced Micro Devices, Inc.) Task: {AFC190C5-7F99-4C42-83BF-A9CFBBA26A98} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {C58429A4-9713-40C2-B5A1-A8B8C87327B5} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-08-03] (Microsoft Corporation) Task: {D346CD0E-B20A-4DD8-BCCF-E4E26BBA59BA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-05-16] (Bitdefender) Task: {E08B994B-063D-473F-BE60-A14B70B60C21} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2018-05-07] (Glarysoft Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-07-18 20:18 - 2014-04-24 14:29 - 001360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2018-07-18 20:18 - 2015-05-08 14:26 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe 2018-07-12 11:14 - 2018-06-18 13:32 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-06-30 22:46 - 2018-07-07 10:06 - 000076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2018-05-03 14:29 - 2018-06-07 13:25 - 000278280 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll 2018-05-08 14:52 - 2018-05-08 14:52 - 000992704 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttpbr.mdl 2018-05-08 14:52 - 2018-05-08 14:52 - 000543344 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttpdsp.mdl 2018-05-08 14:52 - 2018-05-08 14:52 - 003228632 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttpph.mdl 2018-05-08 14:52 - 2018-05-08 14:52 - 001527808 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttprbl.mdl 2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll 2018-07-10 18:52 - 2018-06-29 10:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-07-10 18:52 - 2018-06-29 09:57 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-07-16 12:08 - 2018-07-16 12:08 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-07-16 12:08 - 2018-07-16 12:08 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-07-16 12:08 - 2018-07-16 12:08 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-07-16 12:08 - 2018-07-16 12:08 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll 2018-07-16 12:08 - 2018-07-16 12:08 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2017-12-15 21:17 - 2017-12-15 21:17 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL 2017-12-15 21:17 - 2017-12-15 21:17 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2018-08-08 21:13 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll 2018-08-08 21:13 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll 2018-07-18 20:18 - 2015-05-08 14:26 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll 2018-05-07 03:23 - 2018-05-07 03:23 - 000086992 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Vlada:Heroes & Generals [38] AlternateDataStreams: C:\Users\Public\AppData:CSM [468] AlternateDataStreams: C:\Users\Vlada\AppData\Local\Temp:$DATA [16] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Vlada\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Blue-Purple-Wallpaper.jpg DNS Servers: 89.216.1.30 - 89.216.1.50 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "BCSSync" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\StartupApproved\Run: => "World of Tanks" HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\StartupApproved\Run: => "Parsec.App.0" HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\StartupApproved\Run: => "Web Companion" HKU\S-1-5-21-3769795628-1337388277-3111980596-1002\...\StartupApproved\Run: => "EpicGamesLauncher" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{E345B4E7-82BD-48A0-9D6F-D3B957530D1C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{AA4CAD7A-46F0-4CE7-9E7A-3CF318610928}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{E6CB8FAD-CF7A-4812-8AA3-B833E197A1F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7A134F0D-3B0C-4DA7-8DC0-B51A45B83B1B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{DBBF718A-DC57-4FF0-9D08-E3B246A2EFB4}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{B06A4FCE-1EF0-43B5-8E48-FF572664A899}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{EA3026EC-4D7E-45A7-8858-88C2DB650390}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{9659A9A6-FD68-413E-AD87-C28A63BEE6BD}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{5B70B138-53D9-4189-8354-DF6901D9D89D}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{30E1750F-68F5-4706-9036-99F01C03D3AD}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{09D70538-F871-4A10-97AD-9F6F8C30A9EE}] => (Allow) C:\Users\Vlada\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8C7D040E-A883-4A47-ABD1-9C96FC8A8EAB}] => (Allow) C:\Users\Vlada\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FD48E3AE-8A3F-4974-B797-0A065A9919E2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{EF37C001-7B59-4983-971F-88CBC8E27395}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{F54D1F4E-1F0D-45BE-9DF1-CE8BF62B782C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe FirewallRules: [{0F80D178-E7E6-4AEE-BC8B-087DEBAE114E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe FirewallRules: [{9DA6FE20-1A23-440D-BAA9-FE148313FA2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{CBB90B04-7FD1-4617-A473-B99AE03F85F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [TCP Query User{5867E3C3-9FE7-4768-B236-3D93940ECD78}C:\users\vlada\desktop\igrice\igg-enter.the.gungeon\etg.exe] => (Allow) C:\users\vlada\desktop\igrice\igg-enter.the.gungeon\etg.exe FirewallRules: [UDP Query User{12E638D2-3DB5-4D49-8167-234AD193AC0B}C:\users\vlada\desktop\igrice\igg-enter.the.gungeon\etg.exe] => (Allow) C:\users\vlada\desktop\igrice\igg-enter.the.gungeon\etg.exe FirewallRules: [{4EA9AA77-8061-4045-92EB-3F8C0E77936E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{E9AF43FE-31D3-417C-9EB6-C54ADE2E5E2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{C22DD98D-DFD8-43EC-AF03-55F2EC775704}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [{4627D39F-BEB2-4BF1-B076-DEEC179829FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe FirewallRules: [TCP Query User{6A90EE5F-2CE6-4DAE-B4D5-374F422D31BE}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{BB767AE6-829C-4C7C-B5E5-EF6DA0318802}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{33ACC1DA-C18E-4D97-8436-71D9AEE116E3}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{C39E7C94-C068-4761-B783-4C3C3F113658}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{896705CF-E168-4438-BE98-D23108F51B05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{1FF8C1F3-E6A5-4B00-B848-4212F61126B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{DEF3B389-CB38-42FA-9F81-4AB0408138D2}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{F3E00E92-06BD-4EAF-90A5-B693C46C13D5}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{09BD5D47-A54C-4D7A-BE50-B0F20C132C55}E:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) E:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe FirewallRules: [UDP Query User{14EE831D-3F08-4FE1-A024-6963A678ACD8}E:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) E:\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe FirewallRules: [{BFFCDC80-3445-4CDD-8E5A-EB813CE18845}] => (Allow) E:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{9314EBB9-D419-4345-8C16-5887D1475DCA}] => (Allow) E:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe FirewallRules: [TCP Query User{84C4460A-3798-437E-BD48-2BD9A0E444FA}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{25FBA302-E490-4C8C-8A67-B084859CEEBF}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [TCP Query User{EF4D224C-2E3B-45C8-998A-39D80D47BC24}E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{DECF24C1-8022-4BD6-91EC-AB36DF7D82A3}E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{4B979E9A-FD35-4EAE-A018-73521DCE9BBA}] => (Allow) E:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{BABFA2BB-4E8C-475F-926D-A862F8368714}] => (Allow) E:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [TCP Query User{D41A3C5C-FAF5-4AD8-A44E-CDB839D8507C}C:\games\saints row iv nosteam\saintsrowiv.exe] => (Allow) C:\games\saints row iv nosteam\saintsrowiv.exe FirewallRules: [UDP Query User{D8225A8C-F244-4915-B1A1-110B5B4A40B7}C:\games\saints row iv nosteam\saintsrowiv.exe] => (Allow) C:\games\saints row iv nosteam\saintsrowiv.exe FirewallRules: [{5CFA3CC2-785B-436D-AEBD-ADD58CEBD93F}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior\dx11\launcher.exe FirewallRules: [{2522A0A5-C35D-42D1-97BA-F98D5DF0DFB2}] => (Allow) E:\SteamLibrary\steamapps\common\Shadow Warrior\dx11\launcher.exe FirewallRules: [{12A0266B-485F-4E86-B03A-180D8A60BE63}] => (Allow) E:\SteamLibrary\steamapps\common\Psychonauts\Psychonauts.exe FirewallRules: [{ADBFEB9F-8B58-4661-AC38-C94F648F292C}] => (Allow) E:\SteamLibrary\steamapps\common\Psychonauts\Psychonauts.exe FirewallRules: [{AF9FCFA2-3F48-4E53-AA12-9AE4BA76E5D0}] => (Allow) E:\SteamLibrary\steamapps\common\Fog Of War - Free Edition\Battalion_Beta\Binaries\Win64\Battalion_Beta_Shipping.exe FirewallRules: [{D7779861-7C8C-4257-9806-1CDC3BD09983}] => (Allow) E:\SteamLibrary\steamapps\common\Fog Of War - Free Edition\Battalion_Beta\Binaries\Win64\Battalion_Beta_Shipping.exe FirewallRules: [TCP Query User{2E235E8D-C4A7-4056-A9E2-6EFF6EC89288}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe FirewallRules: [UDP Query User{0B564350-D9EC-46B4-9097-6C5F717B4005}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe FirewallRules: [{667776BC-D365-41C7-85B5-FB956604B7AA}] => (Allow) E:\SteamLibrary\steamapps\common\H1Z1\H1Z1_BE.exe FirewallRules: [{F352FB32-7367-4FEA-9157-7812DAE97E64}] => (Allow) E:\SteamLibrary\steamapps\common\H1Z1\H1Z1_BE.exe FirewallRules: [TCP Query User{C6CBF86E-EFAF-4641-B286-7068DCC54946}E:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Block) E:\steamlibrary\steamapps\common\h1z1\h1z1.exe FirewallRules: [UDP Query User{43350CF8-D1F9-44A7-922E-C99EE4AB96BF}E:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Block) E:\steamlibrary\steamapps\common\h1z1\h1z1.exe FirewallRules: [{7959A31E-DB5D-40EE-A5CF-34CEFD2145D9}] => (Block) C:\Program Files\Unity\Editor\Unity.exe FirewallRules: [{AB76A4FA-B8D7-4E69-B60A-430828FA1A14}] => (Allow) C:\Program Files\Unity\Editor\Data\Tools\nodejs\node.exe FirewallRules: [{ECDF67EA-1637-418F-8D22-2F51BD287BBD}] => (Block) C:\Program Files\Unity\Editor\Data\Tools\nodejs\node.exe FirewallRules: [TCP Query User{9481B8EC-E06F-4E6C-A32D-2A603837CC93}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [UDP Query User{A22F38C5-C207-4235-AA13-61801A6E5142}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [TCP Query User{1A681D67-C7CE-4E7C-BB88-784CDDCBF2AA}E:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) E:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe FirewallRules: [UDP Query User{6DABE7B6-4AD4-4CF6-8C09-9C044537C496}E:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) E:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe FirewallRules: [{65426D5A-ADFC-4024-8251-EA9BF845A401}] => (Allow) C:\Program Files (x86)\Mr DJ\Call of Duty 2\CoD2SP_s.exe FirewallRules: [{525EC671-36EC-4F7E-B81B-9DBB03E06EFB}] => (Allow) C:\Program Files (x86)\Mr DJ\Call of Duty 2\CoD2SP_s.exe FirewallRules: [TCP Query User{6721A9A9-22C2-42DB-88CC-E39B9DC78DE6}C:\program files (x86)\mr dj\call of duty 2\cod2mp_s.exe] => (Block) C:\program files (x86)\mr dj\call of duty 2\cod2mp_s.exe FirewallRules: [UDP Query User{91E4B8CC-DCAB-4C34-84C0-458934DB8981}C:\program files (x86)\mr dj\call of duty 2\cod2mp_s.exe] => (Block) C:\program files (x86)\mr dj\call of duty 2\cod2mp_s.exe FirewallRules: [TCP Query User{1E5DD6E1-A2BF-48FC-9967-A86D81C6BC19}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe FirewallRules: [UDP Query User{CBE6F0D7-AF6F-496C-A21B-AB160DB7102E}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe FirewallRules: [TCP Query User{DAB44DC7-2471-430A-8170-4D4725EF34CA}C:\users\vlada\appdata\local\temp\rar$exa2812.5246\crack\duos.exe] => (Allow) C:\users\vlada\appdata\local\temp\rar$exa2812.5246\crack\duos.exe FirewallRules: [UDP Query User{350CCC01-88FD-4BBD-ADB8-94F1FDFF2549}C:\users\vlada\appdata\local\temp\rar$exa2812.5246\crack\duos.exe] => (Allow) C:\users\vlada\appdata\local\temp\rar$exa2812.5246\crack\duos.exe FirewallRules: [{C20B2DDD-4AAE-41DC-909A-44A023922228}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe FirewallRules: [TCP Query User{5B44BA31-8F66-48EE-9C71-A57587A8EDFD}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{2643AF50-55A8-46B9-8B78-F0DFBE8AAF64}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [TCP Query User{7C6A69D6-48F0-4127-859A-4F1F345DAD7D}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe FirewallRules: [UDP Query User{4758FE99-303B-4AC3-AA35-0DB3E21CC84A}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe FirewallRules: [{F96B0F00-37C1-4E89-808F-512BE57E0E2E}] => (Allow) E:\SteamLibrary\steamapps\common\Metro 2033 Redux\metro.exe FirewallRules: [{75DA726D-F45A-444B-9EDA-8EBF05CF6C1F}] => (Allow) E:\SteamLibrary\steamapps\common\Metro 2033 Redux\metro.exe FirewallRules: [TCP Query User{51DB0ED3-2E88-4695-B293-FF1B0627C104}E:\games\titanfall 2\titanfall2.exe] => (Allow) E:\games\titanfall 2\titanfall2.exe FirewallRules: [UDP Query User{0A23616D-1BE2-4EDE-A188-EB8285E42B03}E:\games\titanfall 2\titanfall2.exe] => (Allow) E:\games\titanfall 2\titanfall2.exe FirewallRules: [{B83E1D9F-D776-49C5-A0D4-45B4E2E76BD3}] => (Allow) E:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe FirewallRules: [{723E9E09-F3AC-44C7-BD79-DC556290890A}] => (Allow) E:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe FirewallRules: [{DAB4EC2B-33F6-4726-8F24-2134BEDBF183}] => (Allow) E:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe FirewallRules: [{E0F63E4E-FC10-4C1B-9916-F87BF495493D}] => (Allow) E:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe FirewallRules: [{1EF1953B-4D8F-4BC9-8E9A-C1307CF1F133}] => (Allow) E:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe FirewallRules: [{D8435CCE-D58C-4E3F-8C31-101FE4746AAC}] => (Allow) E:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe FirewallRules: [{1BE1B5FB-CAE8-4770-9869-8D6F7FD4BA44}] => (Allow) E:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe FirewallRules: [{4DE47C95-C241-4A76-9C5D-8ACC4A17EDCE}] => (Allow) E:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe FirewallRules: [{5D089AA4-0AB1-42FF-8480-15A23BE18684}] => (Allow) E:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe FirewallRules: [{B1CA42A9-ED3C-41AC-AD31-DB707D6F7C4F}] => (Allow) E:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe FirewallRules: [TCP Query User{A669A361-1404-4517-91AB-07667FE990D7}E:\client\bin\pc\quakechampions.exe] => (Allow) E:\client\bin\pc\quakechampions.exe FirewallRules: [UDP Query User{5D764751-907A-4454-88C9-ED94021939E1}E:\client\bin\pc\quakechampions.exe] => (Allow) E:\client\bin\pc\quakechampions.exe FirewallRules: [TCP Query User{342722A8-827E-438C-ACD1-5D47947B22E7}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe FirewallRules: [UDP Query User{102492D2-8D31-45EB-A55A-ED1736F694DB}E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe FirewallRules: [TCP Query User{A9B5C2FA-C814-46A1-A8BF-B3C0018EF23F}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe FirewallRules: [UDP Query User{3455AAFA-642B-42E5-8BE3-E335BC497562}E:\destiny 2\destiny2.exe] => (Allow) E:\destiny 2\destiny2.exe FirewallRules: [TCP Query User{CC4673AA-A59F-477E-9614-AF601C70039B}E:\steamlibrary\steamapps\common\argo\argo_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\argo\argo_x64.exe FirewallRules: [UDP Query User{01FD5137-ED7E-4EA4-8545-BAB6C6DE66EE}E:\steamlibrary\steamapps\common\argo\argo_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\argo\argo_x64.exe FirewallRules: [{F470BA09-5F21-407E-BAC1-34399F41F3BA}] => (Allow) E:\SteamLibrary\steamapps\common\Darwin Project\Darwin.exe FirewallRules: [{5CBD5D59-A018-44E6-9019-3CBCD1A7206C}] => (Allow) E:\SteamLibrary\steamapps\common\Darwin Project\Darwin.exe FirewallRules: [{8034F6CF-971A-4771-BB6F-47CA00B47302}] => (Allow) E:\SteamLibrary\steamapps\common\Darwin Project\Darwin\Binaries\Win64\Darwin-Win64-Shipping.exe FirewallRules: [{B6CBD626-A234-490F-BD95-BA4468570D27}] => (Allow) E:\SteamLibrary\steamapps\common\Darwin Project\Darwin\Binaries\Win64\Darwin-Win64-Shipping.exe FirewallRules: [TCP Query User{514802D0-AEF4-409E-96B6-08F9CB10A0EE}E:\games\max payne 3\maxpayne3.exe] => (Allow) E:\games\max payne 3\maxpayne3.exe FirewallRules: [UDP Query User{CDC25DD2-1CC8-4CD2-8A87-328C18A708E3}E:\games\max payne 3\maxpayne3.exe] => (Allow) E:\games\max payne 3\maxpayne3.exe FirewallRules: [TCP Query User{3B9EBAD6-868E-43A7-96B7-6AE94BC837A4}E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe FirewallRules: [UDP Query User{EB594B4B-F713-4591-8C80-2DCA471DEA07}E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) E:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe FirewallRules: [{4B867C96-F1A0-43AD-8FBE-4028A3BC7D58}] => (Allow) E:\SteamLibrary\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [{20AEB804-CA60-4E58-BD74-68731FB1B7CD}] => (Allow) E:\SteamLibrary\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [TCP Query User{255A125A-1494-40D1-A65D-676F8D0F3D44}E:\steamlibrary\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe FirewallRules: [UDP Query User{03EF0C1D-080E-4B7B-BC2A-2CA88028B09C}E:\steamlibrary\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\dirty bomb\binaries\win64\shootergame-win32-shipping.exe FirewallRules: [{372D524D-9F73-4DC9-A7EA-92BFB3B27A14}] => (Allow) E:\SteamLibrary\steamapps\common\Battle Carnival\Bin\Release\bc.exe FirewallRules: [{99F0C42E-1561-45A2-AC64-01D8AAD23394}] => (Allow) E:\SteamLibrary\steamapps\common\Battle Carnival\Bin\Release\bc.exe FirewallRules: [TCP Query User{07BF5812-91F8-4C83-8528-F2EF0BC313FA}E:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) E:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe FirewallRules: [UDP Query User{19816287-16A2-4069-8825-A34E2CBB8EA5}E:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) E:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe FirewallRules: [{2EE59715-9FEC-4ACB-8256-24D3FAF77EEF}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{6C3DEC94-2EF2-4527-B457-A4611A498532}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{7EDEDAF6-29A4-44B5-AFAA-7885578256C5}] => (Allow) E:\Origin games\Titanfall2\Titanfall2.exe FirewallRules: [{E5C566D9-B9F4-4D3D-9BFB-1F8B889FF8B2}] => (Allow) E:\Origin games\Titanfall2\Titanfall2.exe FirewallRules: [{1CA95B99-ADC9-4278-A761-B06D1E9ADC22}] => (Allow) E:\Origin games\Titanfall2\Titanfall2_trial.exe FirewallRules: [{05CA3912-6E21-4768-B119-1BCE2F7FE287}] => (Allow) E:\Origin games\Titanfall2\Titanfall2_trial.exe FirewallRules: [TCP Query User{15D61131-8B29-4DF2-8F89-7A7CB24249A9}E:\steamlibrary\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe FirewallRules: [UDP Query User{2199E87D-2631-41F3-93E6-868CF82BBFAC}E:\steamlibrary\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe FirewallRules: [{7B0FEEC0-3B6A-4E60-864F-6E2EA991F278}] => (Allow) E:\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe FirewallRules: [{567B5859-E4F4-4F74-9B91-D2F54649691D}] => (Allow) E:\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe FirewallRules: [{60A082CF-9529-441D-91A8-62E99BD510A6}] => (Allow) E:\SteamLibrary\steamapps\common\POSTAL2Complete\System\Postal2.exe FirewallRules: [{7011914B-0140-4F65-8200-F23B2A0CD060}] => (Allow) E:\SteamLibrary\steamapps\common\POSTAL2Complete\System\Postal2.exe FirewallRules: [{ED231663-392F-468C-950C-FB418EFD884C}] => (Allow) E:\SteamLibrary\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe FirewallRules: [{14FBD6B9-2F4E-4C26-97C0-3306A0418350}] => (Allow) E:\SteamLibrary\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe FirewallRules: [{EE78DE7E-5595-488E-ADA7-A6E354467FB0}] => (Allow) E:\SteamLibrary\steamapps\common\POSTAL2Complete\Paradise Lost\System\ParadiseLost.exe FirewallRules: [{90AAF642-9C0F-4390-8D8E-6AC24325E918}] => (Allow) E:\SteamLibrary\steamapps\common\POSTAL2Complete\Paradise Lost\System\ParadiseLost.exe FirewallRules: [{423490C1-D9D4-4C8D-B8F0-3110D372F64C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surgeon Simulator\ss2013.exe FirewallRules: [{611215E7-CDAF-4E85-82C7-17F43D6808B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surgeon Simulator\ss2013.exe FirewallRules: [TCP Query User{48898F2C-7748-4019-A378-19BE255E0F33}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe FirewallRules: [UDP Query User{90FC946F-B6C4-470E-A969-8CD9FAE5339F}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe FirewallRules: [{3D444713-79F2-47C0-AD45-95FE9C6B0312}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{D9514264-8155-4A07-853C-ED512721D56A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{42FDDF36-5746-4903-AEBB-CC08E6727ADB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{A940122E-1BD3-4D1B-A8E6-8E9843DCDE5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{34D16E2A-456D-474D-924D-DFE3A2C85103}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{7ADE32F4-C92C-44C6-AF49-CB8FA195D332}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{286C1C0F-53AD-4FF5-ACC3-0AA011AC6DF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{E618694A-6EA0-47BE-83BA-684036EBDA33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{368D383C-F0B8-4F16-8F4F-0C57E5CB9BB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{86A97696-8FCE-42E3-8267-87EE08B39A98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{91B1899A-4702-4843-83EB-D9427887F52C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{39EB5382-B70F-4B03-9D40-37D1A010D46E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{56E990CC-EFF7-4A15-996F-DA295238F33A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Always Sometimes Monsters\Game.exe FirewallRules: [{8D33ACCC-340B-44FA-B7C3-1981955AC948}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Always Sometimes Monsters\Game.exe FirewallRules: [{1C9AF700-4725-4ED2-B691-143ED24AFD17}] => (Allow) E:\SteamLibrary\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017.exe FirewallRules: [{9A337E75-98E0-405C-A6EF-4916B6178290}] => (Allow) E:\SteamLibrary\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017.exe FirewallRules: [{8C5835DF-34C1-45A8-BCAD-471FD4CF7CD1}] => (Allow) E:\SteamLibrary\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017_Unrestricted.exe FirewallRules: [{44EF4E22-5D5C-48A2-9018-C62B9D2A97BF}] => (Allow) E:\SteamLibrary\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017_Unrestricted.exe FirewallRules: [{C9994394-D810-4600-819B-55BDA8197A7A}] => (Allow) E:\SteamLibrary\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe FirewallRules: [{F82EC1F1-EAC9-462C-B538-3DF9DFB91768}] => (Allow) E:\SteamLibrary\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe FirewallRules: [TCP Query User{EB267EA5-A369-48FD-89F3-E74D1356B637}C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe FirewallRules: [UDP Query User{047F0838-FB0F-46F1-8EAB-665D80AA2163}C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\forhonor\forhonor.exe FirewallRules: [{3552F125-D896-423C-9B21-A1E3CD6F21E3}] => (Allow) E:\SteamLibrary\steamapps\common\Heroes & Generals\hngsteamlauncher.exe FirewallRules: [{644F7829-1195-442B-9FFA-17801DF81C67}] => (Allow) E:\SteamLibrary\steamapps\common\Heroes & Generals\hngsteamlauncher.exe FirewallRules: [{89864ABB-200A-49A1-8B44-469CAA11E9ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe FirewallRules: [{7702AB9A-41B1-4D81-900E-FB0221426FA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe FirewallRules: [{33D70B70-F054-46C3-B4CA-4E864011BB6D}] => (Allow) E:\SteamLibrary\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe FirewallRules: [{E22ABDF2-DF92-4369-8061-9E832E90A1DB}] => (Allow) E:\SteamLibrary\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe FirewallRules: [TCP Query User{7A95D202-AAC8-4DBC-AD18-47374682B5A4}E:\steamlibrary\steamapps\common\sos\sos\binaries\win64\sos-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\sos\sos\binaries\win64\sos-win64-shipping.exe FirewallRules: [UDP Query User{20D0BC44-E674-4B69-8F22-C563A90E4E29}E:\steamlibrary\steamapps\common\sos\sos\binaries\win64\sos-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\sos\sos\binaries\win64\sos-win64-shipping.exe FirewallRules: [{86419475-ACA9-4C40-9C4C-536C83304E1B}] => (Allow) E:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{91DAC1DE-ADB4-4F93-A4CC-F877C2725A0D}] => (Allow) E:\SteamLibrary\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [TCP Query User{5B3DB441-4064-4885-A876-8C75D36BDA71}E:\origin games\star wars battlefront\starwarsbattlefronttrial.exe] => (Allow) E:\origin games\star wars battlefront\starwarsbattlefronttrial.exe FirewallRules: [UDP Query User{88186E21-5C59-4AC8-971B-511A40608CB4}E:\origin games\star wars battlefront\starwarsbattlefronttrial.exe] => (Allow) E:\origin games\star wars battlefront\starwarsbattlefronttrial.exe FirewallRules: [TCP Query User{656F4732-7C2B-4672-A686-F4354213ABA3}E:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) E:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe FirewallRules: [UDP Query User{DBCD89AA-2F87-4765-856D-7371E5AF111D}E:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) E:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe FirewallRules: [{95F1E856-4390-4960-9CDF-65AF072BD591}] => (Allow) E:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe FirewallRules: [{49C58AA0-B4FF-469D-A78B-CB8C46FDC6E3}] => (Allow) E:\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe FirewallRules: [{BBB1BB4B-7AF6-45C2-AE3C-8B0077AE77F0}] => (Allow) E:\SteamLibrary\steamapps\common\Source SDK Base 2013 Singleplayer\hl2.exe FirewallRules: [{7A7FD4C6-DF94-418E-952C-D13FA6C96659}] => (Allow) E:\SteamLibrary\steamapps\common\Source SDK Base 2013 Singleplayer\hl2.exe FirewallRules: [{928C8D7A-B946-4426-876A-876EFA3A239A}] => (Allow) E:\SteamLibrary\steamapps\common\Half-Life\hl.exe FirewallRules: [{A972B1A6-7D7E-4836-B65F-C2C8FB37B8A2}] => (Allow) E:\SteamLibrary\steamapps\common\Half-Life\hl.exe FirewallRules: [{645F0ADC-890A-45D8-8CC2-1DD0AB3C430D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe FirewallRules: [{315415C4-A0C2-47AB-B9DC-2C8A5279DB52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe FirewallRules: [{F34B35D6-E23A-4F08-9367-5F1B262AD76A}] => (Allow) C:\WINDOWS\SysWOW64\PnkBstrA.exe FirewallRules: [{2F8063CD-96C9-4352-AFF5-D6325ECD8C3A}] => (Allow) C:\WINDOWS\SysWOW64\PnkBstrA.exe FirewallRules: [{40C4571A-A4A2-4133-98E2-A0C397D1DFCC}] => (Allow) C:\WINDOWS\SysWOW64\PnkBstrB.exe FirewallRules: [{A6A19F78-44E5-4071-9FB9-F4CB0431E0B2}] => (Allow) C:\WINDOWS\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{86856029-0B46-439B-A028-68DB9875725C}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe FirewallRules: [UDP Query User{0D864E8C-09CE-4330-B224-31F0C1AE3DEA}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe FirewallRules: [{A95FF1B3-3FEB-48A6-B057-23D60C845CFE}] => (Allow) E:\SteamLibrary\steamapps\common\mark_of_the_ninja\bin\game.exe FirewallRules: [{320E06DA-78A6-44F0-B076-9E37389B34F5}] => (Allow) E:\SteamLibrary\steamapps\common\mark_of_the_ninja\bin\game.exe FirewallRules: [TCP Query User{8AEAB56A-6F5D-47A4-A7B6-AB930E8CD940}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe FirewallRules: [UDP Query User{BD494A7D-2DD5-47E2-B2E9-20087E0A41F7}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe FirewallRules: [{62F530E4-560C-4EFA-AFE2-70536C778DCF}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{515D110D-2534-47E0-93B7-9178498E9D74}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{D2D96164-3D1F-40BD-9B68-24A8CC76EEE2}] => (Allow) E:\SteamLibrary\steamapps\common\PapersPlease\PapersPlease.exe FirewallRules: [{BA284B9B-0533-4181-A57F-015FBD615970}] => (Allow) E:\SteamLibrary\steamapps\common\PapersPlease\PapersPlease.exe FirewallRules: [TCP Query User{61449324-1A34-4C75-877E-4D205D052FBF}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe FirewallRules: [UDP Query User{B51459D3-0BAE-41DA-89C2-860246BF2E21}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe FirewallRules: [{5AD3DE39-46B4-4485-8C91-AF4109703B26}] => (Allow) E:\Mr DJ\Fallout New Vegas Ultimate Edition\FalloutNVLauncher.exe FirewallRules: [{377BF5F6-59C5-472B-8FA2-36E211AC2040}] => (Allow) E:\Mr DJ\Fallout New Vegas Ultimate Edition\FalloutNVLauncher.exe FirewallRules: [TCP Query User{6B5ECD84-B41C-4D7F-B31F-991A28D04B36}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe FirewallRules: [UDP Query User{94C433C3-D805-4907-87D3-6201BF6C9E3A}E:\overwatch\overwatch.exe] => (Allow) E:\overwatch\overwatch.exe FirewallRules: [{39AF3BA2-8D4E-4900-9183-61798181B4F4}] => (Allow) E:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe FirewallRules: [{73C21FAC-654F-4295-AA30-08580064B089}] => (Allow) E:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe FirewallRules: [{E8BE6296-0F2A-49EC-8633-3903A81AB230}] => (Allow) C:\Users\Vlada\AppData\Local\Programs\Opera\54.0.2952.71\opera.exe FirewallRules: [{C6DBFC27-9B63-4D5C-9231-E7E2A9CEEA28}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{AEE41D8A-8D6B-4950-B372-586910715DBE}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe FirewallRules: [{4370AF34-9FC3-49AC-B659-5FB92EE071E9}] => (Allow) C:\Users\Vlada\AppData\Roaming\FoREpQ.exe FirewallRules: [{4DC286CC-B896-413F-9FEC-9D90D223F7DD}] => (Allow) C:\Users\Vlada\AppData\Local\nRCjlAoGbwLik.exe FirewallRules: [{4D6D3AAD-76F2-49CD-BF65-7F69E3AC2544}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [TCP Query User{5FF245F5-754E-4EF4-9DDA-EA6F07B46EC5}E:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) E:\games\the sims 4\game\bin\ts4_x64.exe FirewallRules: [UDP Query User{FA7A9B6B-0BF5-479E-B650-C7F97D4E83C8}E:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) E:\games\the sims 4\game\bin\ts4_x64.exe ==================== Restore Points ========================= 04-08-2018 02:19:31 Scheduled Checkpoint 08-08-2018 02:31:29 Windows Update 08-08-2018 19:29:14 Installed SD Card Formatter. ==================== Faulty Device Manager Devices ============= Name: Standard Enhanced PCI to USB Host Controller Description: Standard Enhanced PCI to USB Host Controller Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbehci Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (08/11/2018 09:42:01 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (10384,D,0) Unistore: Database C:\Users\Vlada\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000002 of table FolderMetadata is corrupted (0). Error: (08/11/2018 07:50:47 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.547_none_15cdd76c936033f5.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.547_none_5d7b0e43a7dc5cfb.manifest. Error: (08/11/2018 06:30:02 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (10384,D,0) Unistore: Database C:\Users\Vlada\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000002 of table FolderMetadata is corrupted (0). Error: (08/11/2018 04:54:02 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (10384,D,0) Unistore: Database C:\Users\Vlada\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000002 of table FolderMetadata is corrupted (0). Error: (08/11/2018 04:06:02 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (10384,D,0) Unistore: Database C:\Users\Vlada\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000002 of table FolderMetadata is corrupted (0). Error: (08/11/2018 03:42:02 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (10384,D,0) Unistore: Database C:\Users\Vlada\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000002 of table FolderMetadata is corrupted (0). Error: (08/11/2018 03:30:02 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (10384,D,0) Unistore: Database C:\Users\Vlada\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000002 of table FolderMetadata is corrupted (0). Error: (08/11/2018 03:24:02 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (10384,D,0) Unistore: Database C:\Users\Vlada\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000002 of table FolderMetadata is corrupted (0). System errors: ============= Error: (08/11/2018 04:28:09 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-46C4RDO) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-46C4RDO\Vlada SID (S-1-5-21-3769795628-1337388277-3111980596-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (08/11/2018 04:23:13 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-46C4RDO) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-46C4RDO\Vlada SID (S-1-5-21-3769795628-1337388277-3111980596-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (08/11/2018 03:14:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (08/11/2018 03:14:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (08/11/2018 03:14:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (08/11/2018 03:14:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (08/11/2018 01:45:39 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-46C4RDO) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-46C4RDO\Vlada SID (S-1-5-21-3769795628-1337388277-3111980596-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (08/11/2018 01:42:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2018-06-13 19:23:26.508 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {B0C98069-F694-45A0-AA54-C2C92888DF1D} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-06-13 19:13:17.850 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {E32FD677-2B33-4DDF-9582-44B903B81489} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-06-12 18:06:20.137 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {B6A15A1D-5FA4-40C8-8BAB-4C56E2FEB326} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-05-08 14:04:38.256 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {F5DBBDA0-E736-4C53-AA5F-4910957B01BB} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-05-07 16:28:53.023 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {6F76CFAA-828C-452D-BA22-C0034A2945CA} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-08-10 03:09:09.172 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: Update Source: User Signature Type: Update Type: Current Engine Version: Previous Engine Version: Error code: 0x80070652 Error description: Another installation is already in progress. Complete that installation before proceeding with this install. Date: 2018-07-06 08:41:33.572 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.271.184.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15000.2 Error code: 0x80070645 Error description: This action is only valid for products that are currently installed. Date: 2018-07-06 08:41:33.572 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.271.184.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15000.2 Error code: 0x80070645 Error description: This action is only valid for products that are currently installed. Date: 2018-07-06 08:41:33.572 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.271.184.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15000.2 Error code: 0x80070645 Error description: This action is only valid for products that are currently installed. Date: 2018-06-19 03:59:42.134 Description: Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 0.0.0.0;0.0.0.0 Engine version: 0.0.0.0 CodeIntegrity: =================================== Date: 2018-08-11 01:43:06.131 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-08-10 03:05:52.806 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-08-09 22:26:51.027 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-08-09 20:19:56.031 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-08-09 03:46:11.379 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-08-09 03:06:51.278 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-08-08 13:51:02.535 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-08-08 11:06:56.802 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD FX(tm)-6100 Six-Core Processor Percentage of memory in use: 48% Total physical RAM: 8175.24 MB Available physical RAM: 4235.01 MB Total Virtual: 12455.49 MB Available Virtual: 5992.35 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:442.74 GB) (Free:73.12 GB) NTFS Drive e: (PODACI) (Fixed) (Total:488.28 GB) (Free:7.08 GB) NTFS \\?\Volume{9825a3c2-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9825A3C2) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=442.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================ Thanks! :) Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted August 18, 2018 Root Admin ID:1264137 Share Posted August 18, 2018 Hello @VlaxiXD and Sorry for the delay. Please run the following and let me know if that helps correct the issue. Thanks Ron Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 1, 2018 Root Admin ID:1266842 Share Posted September 1, 2018 Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Thanks Link to post Share on other sites More sharing options...
Recommended Posts