Премини към съдържанието

porata

Потребител
  • Публикации

    315
  • Регистрация

  • Последно онлайн

Всичко публикувано от porata

  1. Тъкмо си помислих че този път ще стане и... пак нищо а само да питам командата не трябва ли да е chkdsk C: /f /r Смисал нали все пак сканираме ц или аз нещо се бъркам ;д https://prnt.sc/saxeum
  2. За съжеление пак не стана... https://prnt.sc/savwot
  3. ПРи мене нещата са ето така на първата снимка започва с Х: не знам дали трябва да е така и не знам как да го сменя :Д а на 2рата снимка е дял Е: не знам как да сменя директорията не разбрах почти нищо за което се извинявам как трябва да е цялата команда за всичко https://prnt.sc/savgx8 https://prnt.sc/savhqt
  4. Така успях да направя проверката поне така мисля! :Д но проверката като цяло свърши за 10 секудни а не за 1 час и като цяло качвам снимка защото почти всичко се побира в 1 снимка :Д https://prnt.sc/sau1uf А какво точно се случва с пц-то ми защото леко ме стресна :Д с по горните изречения ?
  5. Пак не стана след като се рестартира пц-то ми изписа следното нещо Cannot opem volume for direct access cannot run due to an error cause ... Направих снимка но честно казано не е много добра ако не става ще опитам пак да направя нова снимка https://prnt.sc/sardst
  6. Това нещо не ми се получи смисал аз съм го правил и друг път тази проверка за грешки чрез цмд-то но сега нещо не стана пише ми acces denied as you do not have sufficient privileges you have to invoke this utility running in elevated mode Честно казано в контрол панела не знам само и единствено защо имам по 15 пъти някакви неща ето снимки не знам кое да трия :Д https://prnt.sc/sap6bs тук съм качил рар-а от ауторъна https://dox.abv.bg/download?id=1d0e9e0879
  7. # Run at 4.5.2020 'г.' 02:31:46 'ч.' # KpRm (Kernel-panik) version 2.8 # Website https://kernel-panik.me/tool/kprm/ # Run by GAMEPC from C:\Users\GAMEPC\Downloads # Computer Name: GAMEPC-PC # OS: Windows 7 X64 (7601) Service Pack 1 # Number of passes: 1 - Checked options - ~ Registry Backup ~ Delete Tools ~ Restore System Settings ~ UAC Restore ~ Delete Restore Points ~ Create Restore Point - Create Registry Backup - ~ [OK] Hive C:\Windows\System32\config\SOFTWARE backed up ~ [OK] Hive C:\Users\GAMEPC\NTUSER.dat backed up [OK] Registry Backup: C:\KPRM\backup\2020-05-04-02-31-46 - Delete Tools - No tools found - Restore System Settings - [OK] Reset WinSock [OK] FLUSHDNS [OK] Hide Hidden file. [OK] Show Extensions for known file types [OK] Hide protected operating system files - Restore UAC - [OK] Set EnableLUA with default (1) value [OK] Set ConsentPromptBehaviorAdmin with default (5) value [OK] Set ConsentPromptBehaviorUser with default (3) value [OK] Set EnableInstallerDetection with default (0) value [OK] Set EnableSecureUIAPaths with default (1) value [OK] Set EnableUIADesktopToggle with default (0) value [OK] Set EnableVirtualization with default (1) value [OK] Set FilterAdministratorToken with default (0) value [OK] Set PromptOnSecureDesktop with default (1) value [OK] Set ValidateAdminCodeSignatures with default (0) value - Clear Restore Points - ~ [OK] RP named Installed DirectX created at 04/21/2020 18:18:17 deleted ~ [OK] RP named Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 created at 04/21/2020 18:19:44 deleted ~ [OK] RP named Restore Point Created by FRST created at 04/23/2020 11:17:25 deleted ~ [OK] RP named Installed DirectX created at 04/29/2020 12:01:51 deleted ~ [OK] RP named Microsoft Visual C++ 2005 Redistributable е инсталиран created at 04/29/2020 12:03:03 deleted [OK] All system restore points have been successfully deleted - Create Restore Point - [OK] System Restore Point created - Display System Restore Point - ~ RP named KpRm created at 05/03/2020 23:32:06 -- KPRM finished in 42.13s -- Междо другото преди малко някак си пц-то започна да работи по бавно смисал пускам нещо като дискорд... или някаква друга програма която преди примерно натоварваше пц-то проценти 3-5% сега е двойно ако някоя друга програма която отворя натоварва 5% сега натоварва 10% не знам защо стана така нищо не съм свалял.. май този линдолс вече е за смяна дано да е от него..
  8. Ако няма какво повече да се каже по темата да се закл.. ??
  9. Fix result of Farbar Recovery Scan Tool (x64) Version: 22-04-2020 Ran by GAMEPC (23-04-2020 14:17:23) Run:2 Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\ChromeHTML: -> <==== ATTENTION AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [474] FirewallRules: [{1EE7FB5D-9E25-4DA9-ACB5-D608ECDBB452}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe No File FirewallRules: [{84ACAD4A-CAC3-405E-BED8-CCE7B6F558B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe No File FirewallRules: [{5C9FEA0E-0037-4228-8A5E-308AD75AC1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File FirewallRules: [{FD05E114-41E1-4EC3-B5A2-BBA593EE39E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File FirewallRules: [TCP Query User{0E86F5BD-F2B3-4EF9-8B0C-48823DA809CB}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [UDP Query User{0C5E839A-52EC-40D4-969E-24F12ED8D2D0}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [TCP Query User{8796E73D-79C0-4D0B-AF34-FB3AF9BCC9BA}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [UDP Query User{EFB29360-AB3A-4A44-9CB4-EF91CEBDB39C}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [TCP Query User{270B0322-3799-457B-960A-455318931953}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [UDP Query User{A13AA196-1978-4C67-902B-2460B54A5BBF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [TCP Query User{DA0687C4-1D0D-4E01-B34C-68E8FF09FF9F}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File FirewallRules: [UDP Query User{0C271F5D-81B6-4DA7-A0B8-50362178C932}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File FirewallRules: [TCP Query User{5EFBA878-9A61-49AC-9416-CAFD7167CF8E}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe No File FirewallRules: [UDP Query User{C837A044-1793-46A0-A9B2-FFC280606631}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe No File FirewallRules: [TCP Query User{6C87ADBA-41D8-49FB-A494-F0A177B7F2E5}D:\12323\icarus\appdata\bin64\launcher.exe] => (Allow) D:\12323\icarus\appdata\bin64\launcher.exe No File FirewallRules: [UDP Query User{D3766998-33A3-4AAC-836F-4BC92BA34D50}D:\12323\icarus\appdata\bin64\launcher.exe] => (Allow) D:\12323\icarus\appdata\bin64\launcher.exe No File FirewallRules: [TCP Query User{5540B6FC-35DB-4545-AF53-B4FE05B85DD6}D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe No File FirewallRules: [UDP Query User{ED42665E-2CA2-4092-A15B-69F686B8F831}D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe No File FirewallRules: [{279065A7-F5E9-4060-BA27-39476EE213D2}] => (Allow) C:\Users\GAMEPC\Downloads\bin\BlackDesert32.exe No File FirewallRules: [{B218AD4A-5B74-40DE-AB02-A3681FCE9C1C}] => (Allow) C:\Users\GAMEPC\Downloads\bin64\BlackDesert64.exe No File FirewallRules: [{10F99049-3DA4-4E89-A086-C023E8CD82B2}] => (Allow) C:\Users\GAMEPC\Downloads\BlackDesert_Launcher.exe No File FirewallRules: [{3FD78764-41FE-4680-9342-001EA21ECF27}] => (Allow) C:\Users\GAMEPC\Downloads\BlackDesert_Downloader.exe No File FirewallRules: [{CD2DAD40-C60E-41F0-ABBF-63FED12CD684}] => (Allow) D:\SteamLibrary\steamapps\common\Albion Online\launcher\AlbionLauncher.exe No File FirewallRules: [{9BAD4B07-A517-4574-ABA6-922FE4DA36F4}] => (Allow) D:\SteamLibrary\steamapps\common\Albion Online\launcher\AlbionLauncher.exe No File FirewallRules: [TCP Query User{757DFE1C-9664-41C4-B600-E39F75F3E007}D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File FirewallRules: [UDP Query User{00AC97A7-683C-4F74-9AF6-EBFD84CB000D}D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File FirewallRules: [TCP Query User{391AE70C-4E68-4DE8-A05A-D56058FAEBFA}D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [UDP Query User{61C858A3-948F-407A-A7BF-2712693C1649}D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [TCP Query User{CBB94106-0926-4293-AA94-864143E7ACDC}D:\city\city car driving\bin\win32\starter.exe] => (Allow) D:\city\city car driving\bin\win32\starter.exe No File FirewallRules: [UDP Query User{1602653C-F8D6-481F-B4DE-483B83E4A081}D:\city\city car driving\bin\win32\starter.exe] => (Allow) D:\city\city car driving\bin\win32\starter.exe No File FirewallRules: [TCP Query User{4194E6A1-B90A-4C01-AAC1-A150648BD511}D:\1.6\hl.exe] => (Allow) D:\1.6\hl.exe No File FirewallRules: [UDP Query User{39B944DB-8264-4416-BBBA-052EEC50F7FC}D:\1.6\hl.exe] => (Allow) D:\1.6\hl.exe No File FirewallRules: [TCP Query User{857D0C4A-0661-4E7D-B23A-735FF8ADABA1}D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe No File FirewallRules: [UDP Query User{29AE9F40-6F4A-4698-8241-A75FE2382548}D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe No File FirewallRules: [TCP Query User{92B59CE8-E0C7-43A9-9D55-2AEDA2AA9FA5}D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe No File FirewallRules: [UDP Query User{8AEEF23D-67B8-4B6C-9DA0-D61F44EFC129}D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe No File FirewallRules: [{2C2C2027-2BB8-4A51-9A9C-ED9A4BBCB358}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe No File FirewallRules: [{9B1767CE-81DE-4826-8906-9DEFCC351FAB}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe No File FirewallRules: [{E2FEE995-77A6-4556-A200-30CB17D4ABA6}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe No File FirewallRules: [{DFB2A3C2-EA05-4944-B38A-7A85B48E8A1F}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe No File FirewallRules: [TCP Query User{5A72CD9B-BF9D-4B23-A72B-26D40F24F859}D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File FirewallRules: [UDP Query User{8312C3A6-76BE-4C56-A5A6-DE950D9F08F1}D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File FirewallRules: [TCP Query User{0E05C3B9-C433-4C3A-8C01-FF69520BF241}C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe] => (Allow) C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe No File FirewallRules: [UDP Query User{76E5872D-7EB0-40F2-9AD9-61CD16A593A8}C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe] => (Allow) C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe No File FirewallRules: [TCP Query User{20420812-2158-4116-BD8E-FE273007CA43}C:\users\gamepc\downloads\fivem.exe] => (Allow) C:\users\gamepc\downloads\fivem.exe No File FirewallRules: [UDP Query User{1C53FDAE-2CE7-44AD-8F95-828A28E4D6B1}C:\users\gamepc\downloads\fivem.exe] => (Allow) C:\users\gamepc\downloads\fivem.exe No File FirewallRules: [TCP Query User{0DE874C5-C399-4C71-A2FB-7D012892D73B}C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe No File FirewallRules: [UDP Query User{201BA7D9-6E59-4592-89FE-45240B104987}C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe No File FirewallRules: [TCP Query User{42114D4D-52E5-4B29-A4B1-5EA3A87CE648}D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe No File FirewallRules: [UDP Query User{ADC3D6A5-74A9-43BE-9C8E-0EA092058F7B}D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe No File FirewallRules: [TCP Query User{6E11EE90-C1C9-4639-8EEF-B7E2948337D3}D:\litee\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\litee\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File FirewallRules: [UDP Query User{069999EA-D06B-4125-8C5E-A8ECA7E8AFAC}D:\litee\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\litee\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe Startup: C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Heroes of Might & Magic 5 - Tribes of the East.LNK [2019-05-20] CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION Task: {3DAD135E-7AD5-4D57-B3E2-9E7F6AD9E01C} - System32\Tasks\{76A40252-E785-4407-9A98-34E12F6F05C9} => C:\Windows\system32\pcalua.exe -a "c:\program files (x86)\hi-rez studios\HiRezGamesDiagAndSupport.exe" -c uninstall=0 Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe S3 mracsvc; C:\Windows\System32\mracsvc.exe [18534552 2019-08-24] (Mail.Ru LLC -> LLC Mail.Ru) C:\Windows\System32\mracsvc.exe S3 FACEITService; C:/Program Files/FACEIT AC/FACEITService.exe [X] S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate(CPC)\Transfer\DriverInstall.exe" [X] S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [17770920 2019-08-24] (Mail.Ru LLC -> LLC Mail.Ru) C:\Windows\System32\drivers\mracdrv.sys S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] S4 nvvhci; system32\DRIVERS\nvvhci.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] 2020-03-20 21:19 - 2017-09-18 19:14 - 000000000 ____D C:\ProgramData\McAfee cmd: del %temp%\*.* /f /s /q cmd: rd /s /q %temp% Hosts: cmd: bitsadmin /reset /allusers cmd: netsh winsock reset catalog cmd: ipconfig /flushdns RemoveProxy: EmptyTemp: End ***************** Restore point was successfully created. Processes closed successfully. HKU\S-1-5-21-2297230751-1021565052-1431566534-1000_Classes\ChromeHTML => removed successfully C:\Users\GAMEPC\AppData\Roaming => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully C:\Users\GAMEPC\AppData\Roaming => ":6699d3ee8dd9cf775caae782c8f44f03" ADS removed successfully C:\Users\GAMEPC\AppData\Roaming => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS removed successfully C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1EE7FB5D-9E25-4DA9-ACB5-D608ECDBB452}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{84ACAD4A-CAC3-405E-BED8-CCE7B6F558B9}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C9FEA0E-0037-4228-8A5E-308AD75AC1DF}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD05E114-41E1-4EC3-B5A2-BBA593EE39E2}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0E86F5BD-F2B3-4EF9-8B0C-48823DA809CB}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0C5E839A-52EC-40D4-969E-24F12ED8D2D0}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8796E73D-79C0-4D0B-AF34-FB3AF9BCC9BA}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EFB29360-AB3A-4A44-9CB4-EF91CEBDB39C}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{270B0322-3799-457B-960A-455318931953}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A13AA196-1978-4C67-902B-2460B54A5BBF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DA0687C4-1D0D-4E01-B34C-68E8FF09FF9F}C:\program files (x86)\origin games\apex\r5apex.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0C271F5D-81B6-4DA7-A0B8-50362178C932}C:\program files (x86)\origin games\apex\r5apex.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5EFBA878-9A61-49AC-9416-CAFD7167CF8E}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C837A044-1793-46A0-A9B2-FFC280606631}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6C87ADBA-41D8-49FB-A494-F0A177B7F2E5}D:\12323\icarus\appdata\bin64\launcher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D3766998-33A3-4AAC-836F-4BC92BA34D50}D:\12323\icarus\appdata\bin64\launcher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5540B6FC-35DB-4545-AF53-B4FE05B85DD6}D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{ED42665E-2CA2-4092-A15B-69F686B8F831}D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{279065A7-F5E9-4060-BA27-39476EE213D2}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B218AD4A-5B74-40DE-AB02-A3681FCE9C1C}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{10F99049-3DA4-4E89-A086-C023E8CD82B2}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3FD78764-41FE-4680-9342-001EA21ECF27}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD2DAD40-C60E-41F0-ABBF-63FED12CD684}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BAD4B07-A517-4574-ABA6-922FE4DA36F4}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{757DFE1C-9664-41C4-B600-E39F75F3E007}D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{00AC97A7-683C-4F74-9AF6-EBFD84CB000D}D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{391AE70C-4E68-4DE8-A05A-D56058FAEBFA}D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{61C858A3-948F-407A-A7BF-2712693C1649}D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CBB94106-0926-4293-AA94-864143E7ACDC}D:\city\city car driving\bin\win32\starter.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1602653C-F8D6-481F-B4DE-483B83E4A081}D:\city\city car driving\bin\win32\starter.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4194E6A1-B90A-4C01-AAC1-A150648BD511}D:\1.6\hl.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{39B944DB-8264-4416-BBBA-052EEC50F7FC}D:\1.6\hl.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{857D0C4A-0661-4E7D-B23A-735FF8ADABA1}D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{29AE9F40-6F4A-4698-8241-A75FE2382548}D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{92B59CE8-E0C7-43A9-9D55-2AEDA2AA9FA5}D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8AEEF23D-67B8-4B6C-9DA0-D61F44EFC129}D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C2C2027-2BB8-4A51-9A9C-ED9A4BBCB358}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B1767CE-81DE-4826-8906-9DEFCC351FAB}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2FEE995-77A6-4556-A200-30CB17D4ABA6}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DFB2A3C2-EA05-4944-B38A-7A85B48E8A1F}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5A72CD9B-BF9D-4B23-A72B-26D40F24F859}D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8312C3A6-76BE-4C56-A5A6-DE950D9F08F1}D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0E05C3B9-C433-4C3A-8C01-FF69520BF241}C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{76E5872D-7EB0-40F2-9AD9-61CD16A593A8}C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{20420812-2158-4116-BD8E-FE273007CA43}C:\users\gamepc\downloads\fivem.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1C53FDAE-2CE7-44AD-8F95-828A28E4D6B1}C:\users\gamepc\downloads\fivem.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0DE874C5-C399-4C71-A2FB-7D012892D73B}C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{201BA7D9-6E59-4592-89FE-45240B104987}C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{42114D4D-52E5-4B29-A4B1-5EA3A87CE648}D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{ADC3D6A5-74A9-43BE-9C8E-0EA092058F7B}D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6E11EE90-C1C9-4639-8EEF-B7E2948337D3}D:\litee\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{069999EA-D06B-4125-8C5E-A8ECA7E8AFAC}D:\litee\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => removed successfully "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => removed successfully C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Heroes of Might & Magic 5 - Tribes of the East.LNK => moved successfully HKLM\SOFTWARE\Policies\Google => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DAD135E-7AD5-4D57-B3E2-9E7F6AD9E01C}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DAD135E-7AD5-4D57-B3E2-9E7F6AD9E01C}" => removed successfully C:\Windows\System32\Tasks\{76A40252-E785-4407-9A98-34E12F6F05C9} => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{76A40252-E785-4407-9A98-34E12F6F05C9}" => removed successfully HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1D60D55-A6B8-401B-BC05-2938E02DF2F2} => removed successfully HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1D60D55-A6B8-401B-BC05-2938E02DF2F2} => removed successfully C:\Windows\System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => moved successfully HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Defender\MP Scheduled Scan => removed successfully HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} => removed successfully HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} => removed successfully C:\Windows\System32\Tasks\Microsoft\Windows Defender\MpIdleTask => moved successfully HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Defender\MpIdleTask => removed successfully HKLM\System\CurrentControlSet\Services\mracsvc => removed successfully mracsvc => service removed successfully C:\Windows\System32\mracsvc.exe => moved successfully HKLM\System\CurrentControlSet\Services\FACEITService => removed successfully FACEITService => service removed successfully HKLM\System\CurrentControlSet\Services\WsDrvInst => removed successfully WsDrvInst => service removed successfully HKLM\System\CurrentControlSet\Services\mracdrv => removed successfully mracdrv => service removed successfully C:\Windows\System32\drivers\mracdrv.sys => moved successfully HKLM\System\CurrentControlSet\Services\CLMirrorDriver => removed successfully CLMirrorDriver => service removed successfully HKLM\System\CurrentControlSet\Services\IntcAzAudAddService => removed successfully IntcAzAudAddService => service removed successfully HKLM\System\CurrentControlSet\Services\nvvhci => removed successfully nvvhci => service removed successfully HKLM\System\CurrentControlSet\Services\xhunter1 => removed successfully xhunter1 => service removed successfully C:\ProgramData\McAfee => moved successfully ========= del %temp%\*.* /f /s /q ========= Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\dd_vcredist_amd64_20200421211943.log Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\dd_vcredist_amd64_20200421212003.log Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\dd_vcredist_x86_20200421212002.log C:\Users\GAMEPC\AppData\Local\Temp\FXSAPIDebugLogFile.txt Џа®жҐбкв ­Ґ ¬®¦Ґ ¤ ­ Їа ўЁ ®Ўак饭ЁҐ Єк¬ д ©« , § й®в® в®© ᥠЁ§Ї®«§ў ®в ¤агЈ Їа®жҐб. Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20200421_211937328-MSI_vc_red.msi.txt Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20200421_211937328.html Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\qtsingleapp-qBitto-4c1d-1-lockfile Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\qtsingleapp-Viber-0-1-lockfile Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\t006c645.tmp Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\Discord Crashes\CrashpadMetrics-active.pma Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\Discord Crashes\CrashpadMetrics.pma Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\Discord Crashes\metadata Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\Discord Crashes\operation_log.txt Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\Discord Crashes\settings.dat Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\fontconfig\cache\51a41635833e477260f0b65b328c0292-le64.cache-4 Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\fontconfig\cache\73685ccbef7b7603cc557fb04e5dda50-le64.cache-4 Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\fontconfig\cache\CACHEDIR.TAG Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\fontconfig\cache\d031bbba323fd9e5b47e0ee5a0353f11-le64.cache-4 Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\SlashKeyStickers\svg\00001704.svg Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\SlashKeyStickers\svg\00001709.svg Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\SlashKeyStickers\svg\00001722.svg Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\SlashKeyStickers\svg\00003405.svg Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\SlashKeyStickers\zip\00001704.zip Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\SlashKeyStickers\zip\00001709.zip Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\SlashKeyStickers\zip\00001722.zip Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\SlashKeyStickers\zip\00003405.zip Deleted file - C:\Users\GAMEPC\AppData\Local\Temp\Viber Crashes\.id ========= End of CMD: ========= ========= rd /s /q %temp% ========= C:\Users\GAMEPC\AppData\Local\Temp\FXSAPIDebugLogFile.txt - Џа®жҐбкв ­Ґ ¬®¦Ґ ¤ ­ Їа ўЁ ®Ўак饭ЁҐ Єк¬ д ©« , § й®в® в®© ᥠЁ§Ї®«§ў ®в ¤агЈ Їа®жҐб. ========= End of CMD: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ========= End of CMD: ========= ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ========= RemoveProxy: ========= HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully "HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully ========= End of RemoveProxy: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4327562 B Java, Flash, Steam htmlcache => 16585722 B Windows/system/drivers => 2339774 B Edge => 0 B Chrome => 388242123 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 0 B systemprofile32 => 1211 B LocalService => 1211 B NetworkService => 1211 B GAMEPC => 2718038 B RecycleBin => 0 B EmptyTemp: => 403 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 14:18:33 ==== Сега е по добре поздрави още веднъж за работата Бобо!!! Както винаги на ниво А иначе до системата ми аз не съм го преинсталирал от година и половина сигурно и най вероятно лин-а е толкова занемарен че от там да идват лагове и забивания така че след тая глупост с карантината ще отида да му направя една преинсталация мисля че има нужда
  10. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2020 Ran by GAMEPC (19-04-2020 20:53:55) Running from C:\Users\GAMEPC\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2017-09-08 09:32:01) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2297230751-1021565052-1431566534-500 - Administrator - Disabled) GAMEPC (S-1-5-21-2297230751-1021565052-1431566534-1000 - Administrator - Enabled) => C:\Users\GAMEPC Guest (S-1-5-21-2297230751-1021565052-1431566534-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.363 - Adobe) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) AIDA64 Extreme v6.10 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.10 - FinalWire Ltd.) Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.3.3 - Electronic Arts, Inc.) ATI Catalyst Install Manager (HKLM\...\{DC9C8BC1-72CE-B5FE-EA4F-6D9127E51746}) (Version: 3.0.736.0 - ATI Technologies, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CpuCoreParking (HKLM-x32\...\{0984C56D-2985-4786-AB62-39AB985E269C}) (Version: 2.1.2.0 - CpuCoreParking) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) Discord (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Discord) (Version: 0.0.306 - Discord Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Euro Truck Simulator 2 Road to the Black Sea (HKLM-x32\...\Euro Truck Simulator 2 Road to the Black Sea_is1) (Version: - ) FiveM (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\CitizenFX_FiveM) (Version: - The CitizenFX Collective) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.14.5270 - Gretech Corporation) Google Chrome (HKLM\...\{DA081EB6-F64C-358C-9BB0-AF1EA8001F34}) (Version: 80.0.3987.163 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Heroes of Might and Magic III HD Edition (HKLM-x32\...\SGVyb2Vzb2ZNaWdodGFuZE1hZ2ljSUlJSERFZGl0aW9u_is1) (Version: 1 - ) Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - ) Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Office Language Pack 2010 - Bulgarian/български (HKLM-x32\...\Office14.OMUI.bg-bg) (Version: 14.0.4763.1021 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation) Mozilla Firefox 67.0 (x64 bg) (HKLM\...\Mozilla Firefox 67.0 (x64 bg)) (Version: 67.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) NVIDIA Graphics Driver 442.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.74 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.67.39484 - Electronic Arts, Inc.) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200317 - Kakao Corp.) PotPlayer-64 bit (HKLM-x32\...\PotPlayer64) (Version: 1.7.8556 - Kakao Corp.) qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.18.217 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.8 - Rockstar Games) Shutdown8 (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Shutdown8) (Version: 1.08 - Bandisoft.com) Spotify (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Spotify) (Version: 1.1.30.658.gf13cde74 - Spotify AB) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) StreamLabels 0.3.1 (only current user) (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\8000d50a-fcb7-5b38-8a3b-a02a0ec79daa) (Version: 0.3.1 - Streamlabs) StreamLabels 0.3.8 (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\{8000d50a-fcb7-5b38-8a3b-a02a0ec79daa}) (Version: 0.3.8 - Streamlabs) Streamlabs OBS 0.16.3 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.16.3 - General Workings, Inc.) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft) VALORANT (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Riot Game valorant.live) (Version: - Riot Games, Inc) Viber (HKLM-x32\...\{0B3F5AEE-47B2-4A5F-8D02-289B7E0828E6}) (Version: 11.9.1.3 - Viber Media S.a.r.l) Hidden Viber (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\{8b6836ad-bf1d-4591-9f20-735338e295ea}) (Version: 11.9.1.3 - Viber Media S.a.r.l) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinRAR 5.50 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\ChromeHTML: -> <==== ATTENTION ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-03-14] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\system32\prodad-codec.dll [607256 2019-10-15] (proDAD GmbH -> proDAD GmbH) HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed] HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed] HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed] HKLM\...\Drivers32: [msacm.lame] => C:\Windows\SysWOW64\lame.ax [245760 2005-08-01] () [File not signed] HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed] HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [139264 2004-07-03] () [File not signed] HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed] HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\GAMEPC\Desktop\OSC - Пряк път.lnk -> C:\Users\GAMEPC\Desktop\moi neshta\OSC 1.9\OSC.exe (Frawzy) <==== Cyrillic ShortcutWithArgument: C:\Users\GAMEPC\Desktop\moi neshta\Tinder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hejiihbkifllpgdfndalmghiodgkefan ShortcutWithArgument: C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения в Chrome\Tinder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hejiihbkifllpgdfndalmghiodgkefan ShortcutWithArgument: C:\Users\GAMEPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2017-09-08 12:27 - 2017-09-08 12:27 - 002651136 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wuaueng2.dll 2019-12-26 03:16 - 2020-04-12 03:11 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2019-12-26 03:16 - 2020-04-12 03:11 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2019-12-26 03:16 - 2020-04-12 03:11 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2019-12-26 03:16 - 2020-04-12 03:11 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2019-12-26 03:16 - 2020-04-12 03:11 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2019-12-26 03:16 - 2020-04-12 03:11 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2019-12-26 03:16 - 2020-04-12 03:11 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2019-12-26 03:16 - 2020-04-12 03:11 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2019-12-26 03:16 - 2020-04-12 03:11 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [474] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2009-06-11 00:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent MSCONFIG\startupreg: FACEIT => "C:\Users\GAMEPC\AppData\Local\FACEITApp\update.exe" --processStart "FACEIT.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => C:\Users\GAMEPC\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Viber => "C:\Users\GAMEPC\AppData\Local\Viber\Viber.exe" StartMinimized ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{11074DEE-7B8C-4DC2-AE4C-93DF0A309913}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D19357FE-92D5-4C15-865D-6BA1144E3141}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{21EB0059-8DA7-4F26-8EBC-947F0C4E2AAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{F8BB1871-4D02-4C5E-A222-4D557710B3E1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{1EE7FB5D-9E25-4DA9-ACB5-D608ECDBB452}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe No File FirewallRules: [{84ACAD4A-CAC3-405E-BED8-CCE7B6F558B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe No File FirewallRules: [{5C9FEA0E-0037-4228-8A5E-308AD75AC1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File FirewallRules: [{FD05E114-41E1-4EC3-B5A2-BBA593EE39E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File FirewallRules: [{831352BE-7396-43E6-9657-9ED9D8BAB30D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{AB5ACC3F-22CB-469F-9EB3-8D69417E7CD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{43ADA9C0-2E56-45D1-B73D-9C89040C463D}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{06129773-C563-4DFF-8D34-BEA82843A4F0}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [TCP Query User{0D1FADB8-FCE1-4E0E-B19A-D5490965A994}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [UDP Query User{F6FECCC1-1C2E-45A5-B7AC-EAF4B88229DF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [TCP Query User{DEFA441A-0140-4630-9B49-0F0DB88705EC}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.) FirewallRules: [UDP Query User{2F3AD7BE-C36D-4E24-BFFA-EED5BE5D11F4}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.) FirewallRules: [{B5E37EE1-9BE1-4B57-9AD5-EEF981D7F031}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed] FirewallRules: [{DC6EA5CC-0B14-4DA5-BA55-E772E5860678}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed] FirewallRules: [{FF76D716-DBA6-437A-A34F-847AF6AB88AD}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{13A0D233-1007-4376-A4B4-1DA27C101ECB}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [TCP Query User{86D55748-40A6-4288-AEF7-2C0B25BDF778}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe FirewallRules: [UDP Query User{D8AE6DDF-C0F2-475C-AB9C-B84C11DDC8AB}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe FirewallRules: [TCP Query User{695C8135-FF2C-4E94-9566-E526643684CA}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe FirewallRules: [UDP Query User{3091889E-265D-4648-88DF-CEE54431325D}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe FirewallRules: [{DB2F74E8-C7EB-44B3-81D7-12B84175E2EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{E44676E1-030C-4238-B65F-434792B61DE5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{0E86F5BD-F2B3-4EF9-8B0C-48823DA809CB}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [UDP Query User{0C5E839A-52EC-40D4-969E-24F12ED8D2D0}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [TCP Query User{8796E73D-79C0-4D0B-AF34-FB3AF9BCC9BA}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [UDP Query User{EFB29360-AB3A-4A44-9CB4-EF91CEBDB39C}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [TCP Query User{91266298-136D-4BB3-8C13-A850A76C9BF1}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{E3EAEE44-6095-4A5E-BE2F-F3E3F8349E0A}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{2D541380-97BF-4291-BDBE-2F2228CAEA60}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{127D37C8-619F-462E-BE1A-E32131065FF4}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{3DE0592A-8D12-447D-939D-BCA439AFF137}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{33216198-C2C2-482B-9DC9-2D0D13DBB4FA}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{270B0322-3799-457B-960A-455318931953}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [UDP Query User{A13AA196-1978-4C67-902B-2460B54A5BBF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [{59D96386-6E3E-4356-8348-CF3CFA65A81B}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{FFA55DD9-7016-4EC4-A808-1A467A45E95C}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{DC649560-4400-4885-84A1-B96EE04BD03C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{962C91EA-9380-4D1D-8A2F-E951089E3F37}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{DA0687C4-1D0D-4E01-B34C-68E8FF09FF9F}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File FirewallRules: [UDP Query User{0C271F5D-81B6-4DA7-A0B8-50362178C932}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File FirewallRules: [TCP Query User{5EFBA878-9A61-49AC-9416-CAFD7167CF8E}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe No File FirewallRules: [UDP Query User{C837A044-1793-46A0-A9B2-FFC280606631}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe No File FirewallRules: [TCP Query User{6C87ADBA-41D8-49FB-A494-F0A177B7F2E5}D:\12323\icarus\appdata\bin64\launcher.exe] => (Allow) D:\12323\icarus\appdata\bin64\launcher.exe No File FirewallRules: [UDP Query User{D3766998-33A3-4AAC-836F-4BC92BA34D50}D:\12323\icarus\appdata\bin64\launcher.exe] => (Allow) D:\12323\icarus\appdata\bin64\launcher.exe No File FirewallRules: [TCP Query User{5540B6FC-35DB-4545-AF53-B4FE05B85DD6}D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe No File FirewallRules: [UDP Query User{ED42665E-2CA2-4092-A15B-69F686B8F831}D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe No File FirewallRules: [{A6CE7A48-587B-440C-A6B7-9B3AB8F758E0}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{CD3B56C1-242C-4706-81ED-FF29362608F3}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{9A6D9654-27A6-4122-9C9C-4D7727258BAA}C:\users\gamepc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\gamepc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed] FirewallRules: [UDP Query User{E49D6701-B325-4215-8711-030A5EC46C9B}C:\users\gamepc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\gamepc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed] FirewallRules: [{279065A7-F5E9-4060-BA27-39476EE213D2}] => (Allow) C:\Users\GAMEPC\Downloads\bin\BlackDesert32.exe No File FirewallRules: [{B218AD4A-5B74-40DE-AB02-A3681FCE9C1C}] => (Allow) C:\Users\GAMEPC\Downloads\bin64\BlackDesert64.exe No File FirewallRules: [{10F99049-3DA4-4E89-A086-C023E8CD82B2}] => (Allow) C:\Users\GAMEPC\Downloads\BlackDesert_Launcher.exe No File FirewallRules: [{3FD78764-41FE-4680-9342-001EA21ECF27}] => (Allow) C:\Users\GAMEPC\Downloads\BlackDesert_Downloader.exe No File FirewallRules: [{CD2DAD40-C60E-41F0-ABBF-63FED12CD684}] => (Allow) D:\SteamLibrary\steamapps\common\Albion Online\launcher\AlbionLauncher.exe No File FirewallRules: [{9BAD4B07-A517-4574-ABA6-922FE4DA36F4}] => (Allow) D:\SteamLibrary\steamapps\common\Albion Online\launcher\AlbionLauncher.exe No File FirewallRules: [TCP Query User{757DFE1C-9664-41C4-B600-E39F75F3E007}D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File FirewallRules: [UDP Query User{00AC97A7-683C-4F74-9AF6-EBFD84CB000D}D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File FirewallRules: [TCP Query User{391AE70C-4E68-4DE8-A05A-D56058FAEBFA}D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [UDP Query User{61C858A3-948F-407A-A7BF-2712693C1649}D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [TCP Query User{CBB94106-0926-4293-AA94-864143E7ACDC}D:\city\city car driving\bin\win32\starter.exe] => (Allow) D:\city\city car driving\bin\win32\starter.exe No File FirewallRules: [UDP Query User{1602653C-F8D6-481F-B4DE-483B83E4A081}D:\city\city car driving\bin\win32\starter.exe] => (Allow) D:\city\city car driving\bin\win32\starter.exe No File FirewallRules: [{D70481FE-EDB4-4F66-A879-015B84C54F1C}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [{0255AAE2-A93D-49F6-84EA-91CF71112821}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [{3EEC0786-9E2E-4EAC-9CB1-97F68AE8DBDA}] => (Allow) D:\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed] FirewallRules: [{F07A3467-6DA2-4A61-BFA9-75DFE2760BAA}] => (Allow) D:\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed] FirewallRules: [{7BCD6AF7-E264-49EC-B3DF-0B903C656894}] => (Allow) D:\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed] FirewallRules: [{9796C8A1-0246-4D08-94F7-97B3A81204AF}] => (Allow) D:\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed] FirewallRules: [TCP Query User{4194E6A1-B90A-4C01-AAC1-A150648BD511}D:\1.6\hl.exe] => (Allow) D:\1.6\hl.exe No File FirewallRules: [UDP Query User{39B944DB-8264-4416-BBBA-052EEC50F7FC}D:\1.6\hl.exe] => (Allow) D:\1.6\hl.exe No File FirewallRules: [TCP Query User{857D0C4A-0661-4E7D-B23A-735FF8ADABA1}D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe No File FirewallRules: [UDP Query User{29AE9F40-6F4A-4698-8241-A75FE2382548}D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe No File FirewallRules: [TCP Query User{92B59CE8-E0C7-43A9-9D55-2AEDA2AA9FA5}D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe No File FirewallRules: [UDP Query User{8AEEF23D-67B8-4B6C-9DA0-D61F44EFC129}D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe No File FirewallRules: [{A383D054-F8C2-45B5-A517-E63819807BB6}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{FD87341A-3B7F-44E8-B09F-ADFBDF1B247D}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{2C2C2027-2BB8-4A51-9A9C-ED9A4BBCB358}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe No File FirewallRules: [{9B1767CE-81DE-4826-8906-9DEFCC351FAB}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe No File FirewallRules: [{E2FEE995-77A6-4556-A200-30CB17D4ABA6}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe No File FirewallRules: [{DFB2A3C2-EA05-4944-B38A-7A85B48E8A1F}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe No File FirewallRules: [TCP Query User{5A72CD9B-BF9D-4B23-A72B-26D40F24F859}D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File FirewallRules: [UDP Query User{8312C3A6-76BE-4C56-A5A6-DE950D9F08F1}D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File FirewallRules: [TCP Query User{F64B2B06-1EDF-4393-8640-332BC5898996}D:\apex\apex\r5apex.exe] => (Allow) D:\apex\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [UDP Query User{E2BBA317-E554-46F4-9705-DB7E4991BF19}D:\apex\apex\r5apex.exe] => (Allow) D:\apex\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [TCP Query User{06645CA2-731E-4100-8BFC-CF2887EC9BD4}C:\users\gamepc\appdata\local\fivem\fivem.exe] => (Allow) C:\users\gamepc\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed] FirewallRules: [UDP Query User{68EFF667-1BA0-46F4-B7E4-B8AC10475E9D}C:\users\gamepc\appdata\local\fivem\fivem.exe] => (Allow) C:\users\gamepc\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed] FirewallRules: [{B94666B2-3213-45DC-9A55-A01D147CA93D}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{35AD171F-75C6-469B-A634-4E9ABEFB99C0}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [TCP Query User{8333A1F9-D09D-4985-B9CD-10A78C408300}C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe (Innovative Digital Technologies -> ) FirewallRules: [UDP Query User{D9E8A289-BA55-45AE-A241-45085DACBF2D}C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe (Innovative Digital Technologies -> ) FirewallRules: [{F60269A0-9AA8-46D8-98B9-0A888500723C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{C584D871-7182-4224-96CC-26C664539C6B}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [TCP Query User{0E05C3B9-C433-4C3A-8C01-FF69520BF241}C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe] => (Allow) C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe No File FirewallRules: [UDP Query User{76E5872D-7EB0-40F2-9AD9-61CD16A593A8}C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe] => (Allow) C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe No File FirewallRules: [TCP Query User{20420812-2158-4116-BD8E-FE273007CA43}C:\users\gamepc\downloads\fivem.exe] => (Allow) C:\users\gamepc\downloads\fivem.exe No File FirewallRules: [UDP Query User{1C53FDAE-2CE7-44AD-8F95-828A28E4D6B1}C:\users\gamepc\downloads\fivem.exe] => (Allow) C:\users\gamepc\downloads\fivem.exe No File FirewallRules: [TCP Query User{0DE874C5-C399-4C71-A2FB-7D012892D73B}C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe No File FirewallRules: [UDP Query User{201BA7D9-6E59-4592-89FE-45240B104987}C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe No File FirewallRules: [TCP Query User{42114D4D-52E5-4B29-A4B1-5EA3A87CE648}D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe No File FirewallRules: [UDP Query User{ADC3D6A5-74A9-43BE-9C8E-0EA092058F7B}D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe No File FirewallRules: [{5C7D63B1-F70B-4ED6-A325-B196C2FEBB19}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{0ECBF459-D321-4FFE-A103-D92F19E70819}] => (Allow) D:\apex\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{41EE669E-05F2-472E-BD87-338219AB5C30}] => (Allow) D:\apex\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{6E11EE90-C1C9-4639-8EEF-B7E2948337D3}D:\litee\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\litee\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File FirewallRules: [UDP Query User{069999EA-D06B-4125-8C5E-A8ECA7E8AFAC}D:\litee\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\litee\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File ==================== Restore Points ========================= 08-04-2020 21:01:42 Installed DirectX 08-04-2020 21:03:15 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 12-04-2020 03:12:38 Installed DirectX 12-04-2020 03:14:16 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 16-04-2020 01:03:53 Installed DirectX 16-04-2020 21:14:28 Installed DirectX 19-04-2020 20:38:57 Restore Point Created by FRST ==================== Faulty Device Manager Devices ============ Name: Realtek RTL8139/810x Family Fast Ethernet NIC Description: Realtek RTL8139/810x Family Fast Ethernet NIC Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Semiconductor Corp. Service: RTL8023x64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors: ================== Error: (04/19/2020 08:46:30 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (04/19/2020 08:46:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Име на приложение с грешки: FreemakeUtilsService.exe, версия: 1.0.0.0, времево клеймо: 0x5e454538 Име на модул с грешки: KERNELBASE.dll, версия: 6.1.7601.24408, времево клеймо: 0x5c92f101 Код на изключение: 0xe0434352 Отместване на грешка: 0x0000c5af ИД на процес на грешка: 0x5bc Начален час на приложението с грешки: 0x01d61672638b3c36 Път на приложението с грешки: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe Път на модула с грешки: C:\Windows\syswow64\KERNELBASE.dll ИД на доклад: ae6be919-8265-11ea-aee8-94de809321cd Error: (04/19/2020 08:46:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: FreemakeUtilsService.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException at FreemakeUtilsService.Program.Main(System.String[]) Error: (04/19/2020 08:38:57 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Достъпът е отказан. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {ba0200be-00e9-4571-9dc9-e302652a2e9b} Error: (04/19/2020 01:11:05 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (04/19/2020 01:09:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Име на приложение с грешки: FreemakeUtilsService.exe, версия: 1.0.0.0, времево клеймо: 0x5e454538 Име на модул с грешки: KERNELBASE.dll, версия: 6.1.7601.24408, времево клеймо: 0x5c92f101 Код на изключение: 0xe0434352 Отместване на грешка: 0x0000c5af ИД на процес на грешка: 0x5b4 Начален час на приложението с грешки: 0x01d616329a39c138 Път на приложението с грешки: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe Път на модула с грешки: C:\Windows\syswow64\KERNELBASE.dll ИД на доклад: e5abb1a0-8225-11ea-8d80-94de809321cd Error: (04/19/2020 01:09:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: FreemakeUtilsService.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException at FreemakeUtilsService.Program.Main(System.String[]) Error: (04/17/2020 12:09:55 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) System errors: ============= Error: (04/19/2020 08:46:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: cdrom Error: (04/19/2020 08:46:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Услуга Freemake Improver не може да бъде стартирана поради следната грешка: Услугата не отговори навреме на искане за стартиране или управление. Error: (04/19/2020 08:46:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на услуга Freemake Improver да се свърже. Error: (04/19/2020 08:38:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Услуга Steam Client Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). Error: (04/19/2020 08:38:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга NVIDIA Display Container LS беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата. Error: (04/19/2020 01:11:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: cdrom Error: (04/19/2020 01:10:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Услуга Origin Web Helper Service не може да бъде стартирана поради следната грешка: Услугата не отговори навреме на искане за стартиране или управление. Error: (04/19/2020 01:10:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на услуга Origin Web Helper Service да се свърже. CodeIntegrity: =================================== Date: 2020-04-17 23:23:21.206 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FWPUCLNT.DLL because the set of per-page image hashes could not be found on the system. Date: 2020-04-17 23:23:19.301 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\mswsock.dll because the set of per-page image hashes could not be found on the system. Date: 2020-04-17 23:23:18.832 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2020-04-17 23:23:09.116 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FWPUCLNT.DLL because the set of per-page image hashes could not be found on the system. Date: 2020-04-17 23:22:50.080 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\XAudio2_7.dll because the set of per-page image hashes could not be found on the system. Date: 2020-04-17 23:22:50.001 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Riot Games\VALORANT\live\Engine\Binaries\ThirdParty\Vorbis\Win64\VS2015\libvorbisfile_64.dll because the set of per-page image hashes could not be found on the system. Date: 2020-04-17 23:22:49.884 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Riot Games\VALORANT\live\Engine\Binaries\ThirdParty\Vorbis\Win64\VS2015\libvorbis_64.dll because the set of per-page image hashes could not be found on the system. Date: 2020-04-17 23:22:49.843 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Riot Games\VALORANT\live\Engine\Binaries\ThirdParty\Ogg\Win64\VS2015\libogg_64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== BIOS: Award Software International, Inc. F4b 04/26/2013 Motherboard: Gigabyte Technology Co., Ltd. GA-78LMT-S2P Processor: AMD FX-8320E Eight-Core Processor Percentage of memory in use: 24% Total physical RAM: 16381.54 MB Available physical RAM: 12383.34 MB Total Virtual: 32761.22 MB Available Virtual: 28047.87 MB ==================== Drives ================================ Drive 😄 () (Fixed) (Total:150 GB) (Free:39.28 GB) NTFS Drive d: () (Fixed) (Total:781.41 GB) (Free:372.92 GB) NTFS \\?\Volume{2f050b3f-9477-11e7-8c98-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0C59AE75) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=781.4 GB) - (Type=05) ==================== End of Addition.txt ======================= Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-04-2020 Ran by GAMEPC (administrator) on GAMEPC-PC (Gigabyte Technology Co., Ltd. GA-78LMT-S2P) (19-04-2020 20:52:37) Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Discord Inc. -> Discord Inc.) C:\Users\GAMEPC\AppData\Local\Discord\app-0.0.306\Discord.exe <6> (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Spotify] => C:\Users\GAMEPC\AppData\Roaming\Spotify\Spotify.exe [22932200 2020-04-09] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [FACEIT] => "C:\Users\GAMEPC\AppData\Local\FACEITApp\update.exe" --processStart "FACEIT.exe" HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [gtarcade] => "C:\Users\GAMEPC\AppData\Local\Gtarcade\app\gtarcade.exe" /auto_start=1 HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Discord] => C:\Users\GAMEPC\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\MountPoints2: {2d2c5be0-94b8-11e7-8704-048d38748987} - E:\setup.exe HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\MountPoints2: {609d2171-c4d2-11e7-a1c0-048d38748987} - E:\Lenovo_Suite.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-08] (Google LLC -> Google LLC) Startup: C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Heroes of Might & Magic 5 - Tribes of the East.LNK [2019-05-20] ShortcutTarget: Registration Heroes of Might & Magic 5 - Tribes of the East.LNK -> D:\heroes 3\Heroes of Might and Magic V - Tribes of the East\registration\RegistrationReminder.exe (No File) CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {29CD2B59-F360-4EA0-8046-E993FB989355} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-15] (Adobe Inc. -> Adobe) Task: {31987656-F768-4D69-96DF-7AD4AB429034} - System32\Tasks\update-S-1-5-21-2297230751-1021565052-1431566534-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {3DAD135E-7AD5-4D57-B3E2-9E7F6AD9E01C} - System32\Tasks\{76A40252-E785-4407-9A98-34E12F6F05C9} => C:\Windows\system32\pcalua.exe -a "c:\program files (x86)\hi-rez studios\HiRezGamesDiagAndSupport.exe" -c uninstall=0 Task: {5A3FE129-72EA-42EB-BA09-CBF91559E528} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {64503CA0-D96B-485A-A2ED-32E1ADEC5130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-08] (Google Inc -> Google Inc.) Task: {A19D33FF-7FBC-4D6F-B122-FFBC2947D956} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe Task: {F67C982E-B27B-4B4D-B6F1-B5474BEA2341} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-15] (Adobe Inc. -> Adobe) Task: {FB761E82-2ABF-4B7D-A0A8-3F00F3533DD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-08] (Google Inc -> Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\update-S-1-5-21-2297230751-1021565052-1431566534-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{BFE47783-CFC6-4DEE-8858-A9889FC23A55}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{F8E6BFBF-08DD-4CEC-8468-25670AF9DFE4}: [DhcpNameServer] 94.72.140.1 Internet Explorer: ================== HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF DefaultProfile: mrpwyf7s.default FF ProfilePath: C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default [2020-04-19] FF user.js: detected! => C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\user.js [2019-01-02] FF Homepage: Mozilla\Firefox\Profiles\mrpwyf7s.default -> google.bg FF Notifications: Mozilla\Firefox\Profiles\mrpwyf7s.default -> hxxps://www.instagram.com FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\[email protected] [2020-01-04] FF Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\[email protected] [2019-01-31] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default [2020-04-19] CHR Notifications: Default -> hxxps://csgofast.com; hxxps://forum.dmg-inc.com; hxxps://ghost-recon.ubisoft.com; hxxps://tinder.com; hxxps://www.emag.bg CHR StartupUrls: Default -> "hxxp://google.bg/" CHR DefaultSearchURL: Default -> hxxps://tinder.com/static/android-chrome-192x192.png CHR Extension: (Презентации) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Документи) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Диск) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17] CHR Extension: (YouTube) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-08] CHR Extension: (Таблици) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Документи офлайн) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-10] CHR Extension: (Tinder) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejiihbkifllpgdfndalmghiodgkefan [2019-04-05] CHR Extension: (Hoxx VPN Proxy) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2020-03-17] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24] CHR Extension: (Chrome Media Router) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03] CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-19] Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2020-01-04] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-20] (BattlEye Innovations e.K. -> ) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2020-02-13] (Mixbyte Inc -> Freemake) S3 mracsvc; C:\Windows\System32\mracsvc.exe [18534552 2019-08-24] (Mail.Ru LLC -> LLC Mail.Ru) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [8019808 2018-03-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495792 2020-04-12] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3447608 2020-04-12] (Electronic Arts, Inc. -> Electronic Arts) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1688720 2020-03-05] (Rockstar Games, Inc. -> Rockstar Games) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2017-09-08] (Realtek Semiconductor.) [File not signed] S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-11-08] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9484920 2020-04-14] (Riot Games, Inc. -> Riot Games, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-06-20] (Microsoft Windows -> Microsoft Corporation) R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2651136 2017-09-08] (Microsoft Corporation) [File not signed] S3 FACEITService; C:/Program Files/FACEIT AC/FACEITService.exe [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate(CPC)\Transfer\DriverInstall.exe" [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-09-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R0 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [67128 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [28216 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2009-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-08] (Martin Malik - REALiX -> REALiX(tm)) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2017-09-08] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.) S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [17770920 2019-08-24] (Mail.Ru LLC -> LLC Mail.Ru) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69840 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation) S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2017-09-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [34872 2009-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [3123760 2020-04-14] (Riot Games, Inc. -> Riot Games, Inc.) S3 VOICEMOD_Driver; C:\Windows\System32\drivers\vmdrv.sys [27648 2019-07-02] (Windows (R) Win 7 DDK provider) [File not signed] S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] S4 nvvhci; system32\DRIVERS\nvvhci.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-19 20:52 - 2020-04-19 20:53 - 000018271 _____ C:\Users\GAMEPC\Downloads\FRST.txt 2020-04-19 20:38 - 2020-04-19 20:43 - 000002133 _____ C:\Users\GAMEPC\Downloads\Fixlog.txt 2020-04-19 20:36 - 2020-04-19 20:36 - 002281984 _____ (Farbar) C:\Users\GAMEPC\Downloads\FRST64.exe 2020-04-18 15:25 - 2020-04-18 15:25 - 000013728 _____ C:\Users\GAMEPC\Downloads\Richard.Hammond's.Big.Gulf.Oil.Platform.2020.1080i.HDTV.x264.torrent 2020-04-17 15:04 - 2020-04-17 15:04 - 000000000 ____D C:\ProgramData\obs-studio-hook 2020-04-16 21:13 - 2020-04-16 21:24 - 000001655 _____ C:\Users\Public\Desktop\VALORANT.lnk 2020-04-16 21:13 - 2020-04-16 21:24 - 000001655 _____ C:\ProgramData\Desktop\VALORANT.lnk 2020-04-16 21:12 - 2020-04-16 21:12 - 000000000 ____D C:\Riot Games 2020-04-16 21:11 - 2020-04-16 21:11 - 068288168 _____ (Riot Games, Inc.) C:\Users\GAMEPC\Downloads\Install VALORANT.exe 2020-04-16 01:20 - 2020-04-19 20:48 - 000000001 _____ C:\Windows\vgkbootstatus.dat 2020-04-16 01:18 - 2020-04-16 01:18 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\ShooterGame 2020-04-16 01:03 - 2020-04-16 01:03 - 000000000 ____D C:\Program Files\Riot Vanguard 2020-04-13 13:03 - 2020-04-19 20:53 - 000000000 ____D C:\FRST 2020-04-07 15:07 - 2020-04-07 15:07 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-04-07 15:07 - 2020-04-07 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-04-07 15:06 - 2020-04-16 01:18 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Riot Games 2020-04-07 15:06 - 2020-04-07 15:07 - 000000000 ____D C:\ProgramData\Riot Games 2020-03-30 23:36 - 2020-03-30 23:36 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\uplay 2020-03-30 20:03 - 2020-03-30 20:03 - 000000000 ____D C:\Users\GAMEPC\Documents\New Folder(2) 2020-03-30 20:03 - 2020-03-30 20:03 - 000000000 ____D C:\Users\GAMEPC\Documents\New Folder(1) 2020-03-30 20:02 - 2020-03-30 20:02 - 000000000 ____D C:\Users\GAMEPC\Documents\New Folder 2020-03-28 04:22 - 2019-07-02 17:50 - 000027648 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\vmdrv.sys 2020-03-25 22:47 - 2019-01-01 00:02 - 006045924 _____ C:\Users\GAMEPC\Desktop\meepoof_legacy_nonQcast.exe 2020-03-24 19:05 - 2020-03-24 19:05 - 000002374 _____ C:\Users\GAMEPC\Desktop\StreamLabels.lnk 2020-03-24 19:04 - 2020-03-24 19:05 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\streamlabels-updater 2020-03-22 14:43 - 2020-03-22 14:43 - 000001043 _____ C:\Users\GAMEPC\Desktop\Shutdown8.lnk 2020-03-22 14:43 - 2020-03-22 14:43 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Shutdown8 2020-03-22 14:32 - 2020-03-16 16:07 - 039835432 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2020-03-22 14:32 - 2020-03-16 16:07 - 022106560 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2020-03-22 14:32 - 2020-03-16 16:07 - 018416616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2020-03-22 14:32 - 2020-03-16 16:06 - 004257984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 001729440 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2020-03-22 14:32 - 2020-03-16 13:10 - 001729440 _____ C:\Windows\system32\vulkaninfo.exe 2020-03-22 14:32 - 2020-03-16 13:10 - 001329576 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-03-22 14:32 - 2020-03-16 13:10 - 001329576 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2020-03-22 14:32 - 2020-03-16 13:10 - 001079208 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 001079208 _____ C:\Windows\system32\vulkan-1.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 000937920 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 000937920 _____ C:\Windows\SysWOW64\vulkan-1.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 000440040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 000343784 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 127357328 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 040314976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 029930728 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 027555560 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 025239952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 011834784 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 010161040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 000420240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 029545584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 022880352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2020-03-22 14:32 - 2020-03-16 13:08 - 017464208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 015029992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 004988136 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 004447648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 002068368 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001720208 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444274.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001560808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001482984 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444274.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001476536 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001363176 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001139832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001057696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000625776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000539880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000517232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000422328 _____ C:\Windows\system32\nvofapi64.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000373360 _____ C:\Windows\SysWOW64\nvofapi.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000182368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000164464 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000158304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000143288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2020-03-22 14:32 - 2020-03-16 13:07 - 040502176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2020-03-22 14:32 - 2020-03-16 13:07 - 035371424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2020-03-22 14:32 - 2020-03-16 13:07 - 000518560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-19 20:49 - 2019-03-14 23:38 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Spotify 2020-04-19 20:49 - 2017-09-09 22:09 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\discord 2020-04-19 20:47 - 2019-03-14 23:37 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Spotify 2020-04-19 20:46 - 2017-09-08 14:03 - 000000000 ____D C:\ProgramData\NVIDIA 2020-04-19 20:45 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-04-19 19:38 - 2019-08-14 02:36 - 000000390 _____ C:\Windows\Tasks\update-sys.job 2020-04-19 18:45 - 2019-08-14 02:36 - 000000390 _____ C:\Windows\Tasks\update-S-1-5-21-2297230751-1021565052-1431566534-1000.job 2020-04-19 18:12 - 2017-09-23 18:42 - 000000000 ____D C:\Program Files (x86)\Steam 2020-04-19 15:10 - 2017-12-06 19:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\ViberPC 2020-04-19 14:06 - 2017-10-13 16:36 - 000000000 ____D C:\Users\GAMEPC\Documents\ViberDownloads 2020-04-19 13:19 - 2009-07-14 07:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-04-19 13:19 - 2009-07-14 07:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-04-19 04:01 - 2019-07-31 00:33 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\obs-studio 2020-04-18 15:32 - 2017-09-10 01:33 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\qBittorrent 2020-04-18 00:41 - 2017-09-19 23:12 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\TS3Client 2020-04-15 17:27 - 2017-09-18 19:14 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2020-04-15 17:27 - 2017-09-18 19:14 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2020-04-15 17:27 - 2017-09-18 19:14 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-04-15 17:27 - 2017-09-18 19:14 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2020-04-15 17:27 - 2017-09-18 19:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-04-15 17:27 - 2017-09-18 19:14 - 000000000 ____D C:\Windows\system32\Macromed 2020-04-15 16:27 - 2018-03-14 01:27 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-04-13 23:47 - 2017-09-08 15:54 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\CrashDumps 2020-04-13 20:15 - 2019-12-26 03:14 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Origin 2020-04-13 20:15 - 2019-02-11 22:09 - 000000000 ____D C:\ProgramData\Origin 2020-04-13 19:10 - 2019-12-26 03:14 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Origin 2020-04-12 03:11 - 2019-12-26 03:16 - 000000000 ____D C:\Program Files (x86)\Origin 2020-04-09 18:17 - 2020-03-14 18:50 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\FiveM 2020-04-08 00:03 - 2018-11-16 15:10 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-04-08 00:03 - 2018-11-16 15:10 - 000002181 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-04-08 00:03 - 2017-09-08 13:35 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-04-03 11:39 - 2018-01-11 17:53 - 000640612 _____ C:\Windows\system32\perfh002.dat 2020-04-03 11:39 - 2018-01-11 17:53 - 000114470 _____ C:\Windows\system32\perfc002.dat 2020-04-03 11:39 - 2009-07-14 08:13 - 001498588 _____ C:\Windows\system32\PerfStringBackup.INI 2020-04-03 11:39 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf 2020-03-31 00:08 - 2009-07-14 08:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2020-03-30 20:00 - 2019-08-08 04:08 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\NVIDIA 2020-03-24 19:05 - 2019-10-04 14:40 - 000002382 _____ C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamLabels.lnk 2020-03-24 19:02 - 2019-07-31 03:15 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\slobs-client 2020-03-24 19:01 - 2019-07-31 03:14 - 000000000 ____D C:\Program Files\Streamlabs OBS 2020-03-21 16:32 - 2018-11-03 19:10 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\DigitalEntitlements 2020-03-21 02:54 - 2017-09-08 13:35 - 000003434 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-21 02:54 - 2017-09-08 13:35 - 000003306 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-03-20 21:19 - 2017-09-18 19:14 - 000000000 ____D C:\ProgramData\McAfee ==================== Files in the root of some directories ======== 2020-02-19 00:22 - 2020-02-19 00:22 - 000000733 _____ () C:\Users\GAMEPC\AppData\Local\recently-used.xbel 2018-12-17 21:42 - 2018-12-23 19:48 - 000007597 _____ () C:\Users\GAMEPC\AppData\Local\Resmon.ResmonCfg 2019-08-14 02:36 - 2019-08-14 02:36 - 000000003 _____ () C:\Users\GAMEPC\AppData\Local\updater.log 2019-08-14 02:36 - 2019-08-14 02:36 - 000000424 _____ () C:\Users\GAMEPC\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2020-04-17 02:27 ==================== End of FRST.txt ======================== Fix result of Farbar Recovery Scan Tool (x64) Version: 19-04-2020 Ran by GAMEPC (19-04-2020 20:38:54) Run:1 Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Boot Mode: Normal ============================================== fixlist content: ***************** start CloseProcesses: CreateRestorePoint: HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [GAMEPC] => explorer.exe hxxp://dinoraptzor.org <==== ATTENTION Task: {C84BADD3-E09D-4A90-9F80-FC6F9C4BF9D6} - System32\Tasks\GAMEPC => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v GAMEPC /t REG_SZ /d "explorer.exe hxxp://dinoraptzor.org" <==== ATTENTION EmptyTemp: end ***************** Processes closed successfully. Restore point was successfully created. "HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GAMEPC" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{C84BADD3-E09D-4A90-9F80-FC6F9C4BF9D6}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C84BADD3-E09D-4A90-9F80-FC6F9C4BF9D6}" => removed successfully C:\Windows\System32\Tasks\GAMEPC => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GAMEPC" => removed successfully =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4431452 B Java, Flash, Steam htmlcache => 405996524 B Windows/system/drivers => 66551455 B Edge => 0 B Chrome => 988507434 B Firefox => 668522356 B Opera => 181884847 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 128 B systemprofile32 => 71044 B LocalService => 71044 B NetworkService => 71044 B GAMEPC => 110204374 B RecycleBin => 421 B EmptyTemp: => 2.3 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 20:43:49 ====
  11. Добър ден след като стартирам пц-то може би 10-на минути след това ми излзиа един прозорец като "цмд" Който се казва Таскенг.ехе интересно ми е дали това не е вирус тъй като ми казаха че може да е троянец Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2020 Ran by GAMEPC (13-04-2020 13:05:30) Running from C:\Users\GAMEPC\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2017-09-08 09:32:01) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2297230751-1021565052-1431566534-500 - Administrator - Disabled) GAMEPC (S-1-5-21-2297230751-1021565052-1431566534-1000 - Administrator - Enabled) => C:\Users\GAMEPC Guest (S-1-5-21-2297230751-1021565052-1431566534-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) AIDA64 Extreme v6.10 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.10 - FinalWire Ltd.) Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.3.3 - Electronic Arts, Inc.) ATI Catalyst Install Manager (HKLM\...\{DC9C8BC1-72CE-B5FE-EA4F-6D9127E51746}) (Version: 3.0.736.0 - ATI Technologies, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CpuCoreParking (HKLM-x32\...\{0984C56D-2985-4786-AB62-39AB985E269C}) (Version: 2.1.2.0 - CpuCoreParking) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) Discord (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Discord) (Version: 0.0.306 - Discord Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Euro Truck Simulator 2 Road to the Black Sea (HKLM-x32\...\Euro Truck Simulator 2 Road to the Black Sea_is1) (Version: - ) FiveM (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\CitizenFX_FiveM) (Version: - The CitizenFX Collective) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.14.5270 - Gretech Corporation) Google Chrome (HKLM\...\{DA081EB6-F64C-358C-9BB0-AF1EA8001F34}) (Version: 80.0.3987.163 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Heroes of Might and Magic III HD Edition (HKLM-x32\...\SGVyb2Vzb2ZNaWdodGFuZE1hZ2ljSUlJSERFZGl0aW9u_is1) (Version: 1 - ) Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - ) House Flipper Garden (HKLM-x32\...\House Flipper Garden_is1) (Version: - ) Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Office Language Pack 2010 - Bulgarian/български (HKLM-x32\...\Office14.OMUI.bg-bg) (Version: 14.0.4763.1021 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation) Mozilla Firefox 67.0 (x64 bg) (HKLM\...\Mozilla Firefox 67.0 (x64 bg)) (Version: 67.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) NVIDIA Graphics Driver 442.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.74 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.67.39484 - Electronic Arts, Inc.) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200317 - Kakao Corp.) PotPlayer-64 bit (HKLM-x32\...\PotPlayer64) (Version: 1.7.8556 - Kakao Corp.) qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.18.217 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.8 - Rockstar Games) Shutdown8 (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Shutdown8) (Version: 1.08 - Bandisoft.com) Spotify (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Spotify) (Version: 1.1.30.658.gf13cde74 - Spotify AB) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) StreamLabels 0.3.1 (only current user) (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\8000d50a-fcb7-5b38-8a3b-a02a0ec79daa) (Version: 0.3.1 - Streamlabs) StreamLabels 0.3.8 (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\{8000d50a-fcb7-5b38-8a3b-a02a0ec79daa}) (Version: 0.3.8 - Streamlabs) Streamlabs OBS 0.16.3 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.16.3 - General Workings, Inc.) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft) VALORANT (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Riot Game valorant.live) (Version: - Riot Games, Inc) Viber (HKLM-x32\...\{0B3F5AEE-47B2-4A5F-8D02-289B7E0828E6}) (Version: 11.9.1.3 - Viber Media S.a.r.l) Hidden Viber (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\{8b6836ad-bf1d-4591-9f20-735338e295ea}) (Version: 11.9.1.3 - Viber Media S.a.r.l) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinRAR 5.50 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\ChromeHTML: -> <==== ATTENTION ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-03-14] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\system32\prodad-codec.dll [607256 2019-10-15] (proDAD GmbH -> proDAD GmbH) HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed] HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed] HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed] HKLM\...\Drivers32: [msacm.lame] => C:\Windows\SysWOW64\lame.ax [245760 2005-08-01] () [File not signed] HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed] HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [139264 2004-07-03] () [File not signed] HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed] HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed] HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\GAMEPC\Desktop\OSC - Пряк път.lnk -> C:\Users\GAMEPC\Desktop\moi neshta\OSC 1.9\OSC.exe (Frawzy) <==== Cyrillic ShortcutWithArgument: C:\Users\GAMEPC\Desktop\moi neshta\Tinder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hejiihbkifllpgdfndalmghiodgkefan ShortcutWithArgument: C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения в Chrome\Tinder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hejiihbkifllpgdfndalmghiodgkefan ShortcutWithArgument: C:\Users\GAMEPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2017-09-08 12:27 - 2017-09-08 12:27 - 002651136 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wuaueng2.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394] AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [474] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2009-06-11 00:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent MSCONFIG\startupreg: FACEIT => "C:\Users\GAMEPC\AppData\Local\FACEITApp\update.exe" --processStart "FACEIT.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => C:\Users\GAMEPC\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Viber => "C:\Users\GAMEPC\AppData\Local\Viber\Viber.exe" StartMinimized ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{11074DEE-7B8C-4DC2-AE4C-93DF0A309913}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D19357FE-92D5-4C15-865D-6BA1144E3141}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{21EB0059-8DA7-4F26-8EBC-947F0C4E2AAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{F8BB1871-4D02-4C5E-A222-4D557710B3E1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{1EE7FB5D-9E25-4DA9-ACB5-D608ECDBB452}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe No File FirewallRules: [{84ACAD4A-CAC3-405E-BED8-CCE7B6F558B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe No File FirewallRules: [{5C9FEA0E-0037-4228-8A5E-308AD75AC1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File FirewallRules: [{FD05E114-41E1-4EC3-B5A2-BBA593EE39E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File FirewallRules: [{831352BE-7396-43E6-9657-9ED9D8BAB30D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{AB5ACC3F-22CB-469F-9EB3-8D69417E7CD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{43ADA9C0-2E56-45D1-B73D-9C89040C463D}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{06129773-C563-4DFF-8D34-BEA82843A4F0}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [TCP Query User{0D1FADB8-FCE1-4E0E-B19A-D5490965A994}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [UDP Query User{F6FECCC1-1C2E-45A5-B7AC-EAF4B88229DF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [TCP Query User{DEFA441A-0140-4630-9B49-0F0DB88705EC}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.) FirewallRules: [UDP Query User{2F3AD7BE-C36D-4E24-BFFA-EED5BE5D11F4}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.) FirewallRules: [{B5E37EE1-9BE1-4B57-9AD5-EEF981D7F031}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed] FirewallRules: [{DC6EA5CC-0B14-4DA5-BA55-E772E5860678}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed] FirewallRules: [{FF76D716-DBA6-437A-A34F-847AF6AB88AD}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{13A0D233-1007-4376-A4B4-1DA27C101ECB}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [TCP Query User{86D55748-40A6-4288-AEF7-2C0B25BDF778}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe FirewallRules: [UDP Query User{D8AE6DDF-C0F2-475C-AB9C-B84C11DDC8AB}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe FirewallRules: [TCP Query User{695C8135-FF2C-4E94-9566-E526643684CA}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe FirewallRules: [UDP Query User{3091889E-265D-4648-88DF-CEE54431325D}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe FirewallRules: [{DB2F74E8-C7EB-44B3-81D7-12B84175E2EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{E44676E1-030C-4238-B65F-434792B61DE5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{0E86F5BD-F2B3-4EF9-8B0C-48823DA809CB}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [UDP Query User{0C5E839A-52EC-40D4-969E-24F12ED8D2D0}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [TCP Query User{8796E73D-79C0-4D0B-AF34-FB3AF9BCC9BA}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [UDP Query User{EFB29360-AB3A-4A44-9CB4-EF91CEBDB39C}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [TCP Query User{91266298-136D-4BB3-8C13-A850A76C9BF1}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{E3EAEE44-6095-4A5E-BE2F-F3E3F8349E0A}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{2D541380-97BF-4291-BDBE-2F2228CAEA60}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{127D37C8-619F-462E-BE1A-E32131065FF4}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{3DE0592A-8D12-447D-939D-BCA439AFF137}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{33216198-C2C2-482B-9DC9-2D0D13DBB4FA}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{270B0322-3799-457B-960A-455318931953}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [UDP Query User{A13AA196-1978-4C67-902B-2460B54A5BBF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [{59D96386-6E3E-4356-8348-CF3CFA65A81B}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{FFA55DD9-7016-4EC4-A808-1A467A45E95C}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{DC649560-4400-4885-84A1-B96EE04BD03C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{962C91EA-9380-4D1D-8A2F-E951089E3F37}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{DA0687C4-1D0D-4E01-B34C-68E8FF09FF9F}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File FirewallRules: [UDP Query User{0C271F5D-81B6-4DA7-A0B8-50362178C932}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File FirewallRules: [TCP Query User{5EFBA878-9A61-49AC-9416-CAFD7167CF8E}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe No File FirewallRules: [UDP Query User{C837A044-1793-46A0-A9B2-FFC280606631}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe No File FirewallRules: [TCP Query User{6C87ADBA-41D8-49FB-A494-F0A177B7F2E5}D:\12323\icarus\appdata\bin64\launcher.exe] => (Allow) D:\12323\icarus\appdata\bin64\launcher.exe No File FirewallRules: [UDP Query User{D3766998-33A3-4AAC-836F-4BC92BA34D50}D:\12323\icarus\appdata\bin64\launcher.exe] => (Allow) D:\12323\icarus\appdata\bin64\launcher.exe No File FirewallRules: [TCP Query User{5540B6FC-35DB-4545-AF53-B4FE05B85DD6}D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe No File FirewallRules: [UDP Query User{ED42665E-2CA2-4092-A15B-69F686B8F831}D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe] => (Allow) D:\steamlibrary\steamapps\common\bless online\binaries\win64\bless.exe No File FirewallRules: [{A6CE7A48-587B-440C-A6B7-9B3AB8F758E0}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{CD3B56C1-242C-4706-81ED-FF29362608F3}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{9A6D9654-27A6-4122-9C9C-4D7727258BAA}C:\users\gamepc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\gamepc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed] FirewallRules: [UDP Query User{E49D6701-B325-4215-8711-030A5EC46C9B}C:\users\gamepc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\gamepc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed] FirewallRules: [{279065A7-F5E9-4060-BA27-39476EE213D2}] => (Allow) C:\Users\GAMEPC\Downloads\bin\BlackDesert32.exe No File FirewallRules: [{B218AD4A-5B74-40DE-AB02-A3681FCE9C1C}] => (Allow) C:\Users\GAMEPC\Downloads\bin64\BlackDesert64.exe No File FirewallRules: [{10F99049-3DA4-4E89-A086-C023E8CD82B2}] => (Allow) C:\Users\GAMEPC\Downloads\BlackDesert_Launcher.exe No File FirewallRules: [{3FD78764-41FE-4680-9342-001EA21ECF27}] => (Allow) C:\Users\GAMEPC\Downloads\BlackDesert_Downloader.exe No File FirewallRules: [{CD2DAD40-C60E-41F0-ABBF-63FED12CD684}] => (Allow) D:\SteamLibrary\steamapps\common\Albion Online\launcher\AlbionLauncher.exe No File FirewallRules: [{9BAD4B07-A517-4574-ABA6-922FE4DA36F4}] => (Allow) D:\SteamLibrary\steamapps\common\Albion Online\launcher\AlbionLauncher.exe No File FirewallRules: [TCP Query User{757DFE1C-9664-41C4-B600-E39F75F3E007}D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File FirewallRules: [UDP Query User{00AC97A7-683C-4F74-9AF6-EBFD84CB000D}D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe No File FirewallRules: [TCP Query User{391AE70C-4E68-4DE8-A05A-D56058FAEBFA}D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [UDP Query User{61C858A3-948F-407A-A7BF-2712693C1649}D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnait\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe No File FirewallRules: [TCP Query User{CBB94106-0926-4293-AA94-864143E7ACDC}D:\city\city car driving\bin\win32\starter.exe] => (Allow) D:\city\city car driving\bin\win32\starter.exe No File FirewallRules: [UDP Query User{1602653C-F8D6-481F-B4DE-483B83E4A081}D:\city\city car driving\bin\win32\starter.exe] => (Allow) D:\city\city car driving\bin\win32\starter.exe No File FirewallRules: [{D70481FE-EDB4-4F66-A879-015B84C54F1C}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [{0255AAE2-A93D-49F6-84EA-91CF71112821}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [{3EEC0786-9E2E-4EAC-9CB1-97F68AE8DBDA}] => (Allow) D:\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed] FirewallRules: [{F07A3467-6DA2-4A61-BFA9-75DFE2760BAA}] => (Allow) D:\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed] FirewallRules: [{7BCD6AF7-E264-49EC-B3DF-0B903C656894}] => (Allow) D:\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed] FirewallRules: [{9796C8A1-0246-4D08-94F7-97B3A81204AF}] => (Allow) D:\SteamLibrary\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed] FirewallRules: [TCP Query User{4194E6A1-B90A-4C01-AAC1-A150648BD511}D:\1.6\hl.exe] => (Allow) D:\1.6\hl.exe No File FirewallRules: [UDP Query User{39B944DB-8264-4416-BBBA-052EEC50F7FC}D:\1.6\hl.exe] => (Allow) D:\1.6\hl.exe No File FirewallRules: [TCP Query User{857D0C4A-0661-4E7D-B23A-735FF8ADABA1}D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe No File FirewallRules: [UDP Query User{29AE9F40-6F4A-4698-8241-A75FE2382548}D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin64release\game.exe No File FirewallRules: [TCP Query User{92B59CE8-E0C7-43A9-9D55-2AEDA2AA9FA5}D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe No File FirewallRules: [UDP Query User{8AEEF23D-67B8-4B6C-9DA0-D61F44EFC129}D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe No File FirewallRules: [{A383D054-F8C2-45B5-A517-E63819807BB6}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{FD87341A-3B7F-44E8-B09F-ADFBDF1B247D}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{2C2C2027-2BB8-4A51-9A9C-ED9A4BBCB358}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe No File FirewallRules: [{9B1767CE-81DE-4826-8906-9DEFCC351FAB}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe No File FirewallRules: [{E2FEE995-77A6-4556-A200-30CB17D4ABA6}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe No File FirewallRules: [{DFB2A3C2-EA05-4944-B38A-7A85B48E8A1F}] => (Allow) D:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe No File FirewallRules: [TCP Query User{5A72CD9B-BF9D-4B23-A72B-26D40F24F859}D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File FirewallRules: [UDP Query User{8312C3A6-76BE-4C56-A5A6-DE950D9F08F1}D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\pubg\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe No File FirewallRules: [TCP Query User{F64B2B06-1EDF-4393-8640-332BC5898996}D:\apex\apex\r5apex.exe] => (Allow) D:\apex\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [UDP Query User{E2BBA317-E554-46F4-9705-DB7E4991BF19}D:\apex\apex\r5apex.exe] => (Allow) D:\apex\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [TCP Query User{06645CA2-731E-4100-8BFC-CF2887EC9BD4}C:\users\gamepc\appdata\local\fivem\fivem.exe] => (Allow) C:\users\gamepc\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed] FirewallRules: [UDP Query User{68EFF667-1BA0-46F4-B7E4-B8AC10475E9D}C:\users\gamepc\appdata\local\fivem\fivem.exe] => (Allow) C:\users\gamepc\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed] FirewallRules: [{B94666B2-3213-45DC-9A55-A01D147CA93D}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{35AD171F-75C6-469B-A634-4E9ABEFB99C0}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [TCP Query User{8333A1F9-D09D-4985-B9CD-10A78C408300}C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe (Innovative Digital Technologies -> ) FirewallRules: [UDP Query User{D9E8A289-BA55-45AE-A241-45085DACBF2D}C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe (Innovative Digital Technologies -> ) FirewallRules: [{F60269A0-9AA8-46D8-98B9-0A888500723C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{C584D871-7182-4224-96CC-26C664539C6B}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [TCP Query User{0E05C3B9-C433-4C3A-8C01-FF69520BF241}C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe] => (Allow) C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe No File FirewallRules: [UDP Query User{76E5872D-7EB0-40F2-9AD9-61CD16A593A8}C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe] => (Allow) C:\users\gamepc\appdata\local\layerth-ethereal-dota2\app-2.5.9\ethereal - dota 2.exe No File FirewallRules: [TCP Query User{20420812-2158-4116-BD8E-FE273007CA43}C:\users\gamepc\downloads\fivem.exe] => (Allow) C:\users\gamepc\downloads\fivem.exe (cfx-collective) [File not signed] FirewallRules: [UDP Query User{1C53FDAE-2CE7-44AD-8F95-828A28E4D6B1}C:\users\gamepc\downloads\fivem.exe] => (Allow) C:\users\gamepc\downloads\fivem.exe (cfx-collective) [File not signed] FirewallRules: [TCP Query User{0DE874C5-C399-4C71-A2FB-7D012892D73B}C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe No File FirewallRules: [UDP Query User{201BA7D9-6E59-4592-89FE-45240B104987}C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\gamepc\downloads\cache\subprocess\fivem_gtaprocess.exe No File FirewallRules: [TCP Query User{42114D4D-52E5-4B29-A4B1-5EA3A87CE648}D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe No File FirewallRules: [UDP Query User{ADC3D6A5-74A9-43BE-9C8E-0EA092058F7B}D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\warzone\wasda\call of duty modern warfare\modernwarfare.exe No File FirewallRules: [{5C7D63B1-F70B-4ED6-A325-B196C2FEBB19}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{0ECBF459-D321-4FFE-A103-D92F19E70819}] => (Allow) D:\apex\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{41EE669E-05F2-472E-BD87-338219AB5C30}] => (Allow) D:\apex\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) ==================== Restore Points ========================= 07-04-2020 04:20:29 Планирана контролна точка 08-04-2020 21:01:42 Installed DirectX 08-04-2020 21:03:15 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 12-04-2020 03:12:38 Installed DirectX 12-04-2020 03:14:16 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 ==================== Faulty Device Manager Devices ============ Name: Realtek RTL8139/810x Family Fast Ethernet NIC Description: Realtek RTL8139/810x Family Fast Ethernet NIC Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Semiconductor Corp. Service: RTL8023x64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors: ================== Error: (04/13/2020 12:43:23 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (04/13/2020 12:42:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Име на приложение с грешки: FreemakeUtilsService.exe, версия: 1.0.0.0, времево клеймо: 0x5e454538 Име на модул с грешки: KERNELBASE.dll, версия: 6.1.7601.24408, времево клеймо: 0x5c92f101 Код на изключение: 0xe0434352 Отместване на грешка: 0x0000c5af ИД на процес на грешка: 0x5a4 Начален час на приложението с грешки: 0x01d61177bc69c281 Път на приложението с грешки: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe Път на модула с грешки: C:\Windows\syswow64\KERNELBASE.dll ИД на доклад: 078618cf-7d6b-11ea-a16d-94de809321cd Error: (04/13/2020 12:41:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: FreemakeUtilsService.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException at FreemakeUtilsService.Program.Main(System.String[]) Error: (04/12/2020 01:52:27 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (04/12/2020 01:51:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Име на приложение с грешки: FreemakeUtilsService.exe, версия: 1.0.0.0, времево клеймо: 0x5e454538 Име на модул с грешки: KERNELBASE.dll, версия: 6.1.7601.24408, времево клеймо: 0x5c92f101 Код на изключение: 0xe0434352 Отместване на грешка: 0x0000c5af ИД на процес на грешка: 0x5a0 Начален час на приложението с грешки: 0x01d610b83a55eadf Път на приложението с грешки: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe Път на модула с грешки: C:\Windows\syswow64\KERNELBASE.dll ИД на доклад: 8671c75e-7cab-11ea-97de-94de809321cd Error: (04/12/2020 01:50:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: FreemakeUtilsService.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException at FreemakeUtilsService.Program.Main(System.String[]) Error: (04/09/2020 09:03:40 AM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (04/09/2020 09:02:22 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Име на приложение с грешки: FreemakeUtilsService.exe, версия: 1.0.0.0, времево клеймо: 0x5e454538 Име на модул с грешки: KERNELBASE.dll, версия: 6.1.7601.24408, времево клеймо: 0x5c92f101 Код на изключение: 0xe0434352 Отместване на грешка: 0x0000c5af ИД на процес на грешка: 0x5ac Начален час на приложението с грешки: 0x01d60e346165c638 Път на приложението с грешки: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe Път на модула с грешки: C:\Windows\syswow64\KERNELBASE.dll ИД на доклад: ad3e8ed0-7a27-11ea-99ea-94de809321cd System errors: ============= Error: (04/13/2020 12:43:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: cdrom Error: (04/13/2020 12:42:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Услуга Origin Web Helper Service не може да бъде стартирана поради следната грешка: Услугата не отговори навреме на искане за стартиране или управление. Error: (04/13/2020 12:42:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на услуга Origin Web Helper Service да се свърже. Error: (04/13/2020 12:42:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Услуга Freemake Improver не може да бъде стартирана поради следната грешка: Услугата не отговори навреме на искане за стартиране или управление. Error: (04/13/2020 12:42:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на услуга Freemake Improver да се свърже. Error: (04/12/2020 01:52:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: cdrom Error: (04/12/2020 01:51:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Услуга Origin Web Helper Service не може да бъде стартирана поради следната грешка: Услугата не отговори навреме на искане за стартиране или управление. Error: (04/12/2020 01:51:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на услуга Origin Web Helper Service да се свърже. CodeIntegrity: =================================== Date: 2019-06-09 17:12:15.330 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\GAMEPC\AppData\Local\Temp\ASC-53D9481D\setup32\vfdriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-09 17:12:15.275 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\GAMEPC\AppData\Local\Temp\ASC-53D9481D\setup32\vfdriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-09 16:10:34.363 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\GAMEPC\AppData\Local\Temp\ASC-53D9481D\setup32\vfdriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-09 16:10:34.318 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\GAMEPC\AppData\Local\Temp\ASC-53D9481D\setup32\vfdriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-09 05:58:19.154 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\GAMEPC\AppData\Local\Temp\ASC-6F3B2470\setup32\vfdriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-09 05:58:19.101 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\GAMEPC\AppData\Local\Temp\ASC-6F3B2470\setup32\vfdriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-09 05:31:45.759 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\GAMEPC\AppData\Local\Temp\ASC-6F3B2470\setup32\vfdriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-09 05:31:45.707 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\GAMEPC\AppData\Local\Temp\ASC-6F3B2470\setup32\vfdriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: Award Software International, Inc. F4b 04/26/2013 Motherboard: Gigabyte Technology Co., Ltd. GA-78LMT-S2P Processor: AMD FX-8320E Eight-Core Processor Percentage of memory in use: 30% Total physical RAM: 16381.54 MB Available physical RAM: 11368.57 MB Total Virtual: 32761.22 MB Available Virtual: 26564.91 MB ==================== Drives ================================ Drive 😄 () (Fixed) (Total:150 GB) (Free:33.1 GB) NTFS Drive d: () (Fixed) (Total:781.41 GB) (Free:352.36 GB) NTFS \\?\Volume{2f050b3f-9477-11e7-8c98-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0C59AE75) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=781.4 GB) - (Type=05) ==================== End of Addition.txt ======================= Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2020 Ran by GAMEPC (administrator) on GAMEPC-PC (Gigabyte Technology Co., Ltd. GA-78LMT-S2P) (13-04-2020 13:04:14) Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Discord Inc. -> Discord Inc.) C:\Users\GAMEPC\AppData\Local\Discord\app-0.0.306\Discord.exe <6> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <28> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Spotify] => C:\Users\GAMEPC\AppData\Roaming\Spotify\Spotify.exe [22932200 2020-04-09] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [GAMEPC] => explorer.exe hxxp://dinoraptzor.org <==== ATTENTION HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [FACEIT] => "C:\Users\GAMEPC\AppData\Local\FACEITApp\update.exe" --processStart "FACEIT.exe" HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [gtarcade] => "C:\Users\GAMEPC\AppData\Local\Gtarcade\app\gtarcade.exe" /auto_start=1 HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Discord] => C:\Users\GAMEPC\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\MountPoints2: {2d2c5be0-94b8-11e7-8704-048d38748987} - E:\setup.exe HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\MountPoints2: {609d2171-c4d2-11e7-a1c0-048d38748987} - E:\Lenovo_Suite.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-08] (Google LLC -> Google LLC) Startup: C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Heroes of Might & Magic 5 - Tribes of the East.LNK [2019-05-20] ShortcutTarget: Registration Heroes of Might & Magic 5 - Tribes of the East.LNK -> D:\heroes 3\Heroes of Might and Magic V - Tribes of the East\registration\RegistrationReminder.exe (No File) CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {29CD2B59-F360-4EA0-8046-E993FB989355} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe) Task: {31987656-F768-4D69-96DF-7AD4AB429034} - System32\Tasks\update-S-1-5-21-2297230751-1021565052-1431566534-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {3DAD135E-7AD5-4D57-B3E2-9E7F6AD9E01C} - System32\Tasks\{76A40252-E785-4407-9A98-34E12F6F05C9} => C:\Windows\system32\pcalua.exe -a "c:\program files (x86)\hi-rez studios\HiRezGamesDiagAndSupport.exe" -c uninstall=0 Task: {5A3FE129-72EA-42EB-BA09-CBF91559E528} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>) Task: {64503CA0-D96B-485A-A2ED-32E1ADEC5130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-08] (Google Inc -> Google Inc.) Task: {A19D33FF-7FBC-4D6F-B122-FFBC2947D956} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe Task: {C84BADD3-E09D-4A90-9F80-FC6F9C4BF9D6} - System32\Tasks\GAMEPC => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v GAMEPC /t REG_SZ /d "explorer.exe hxxp://dinoraptzor.org" <==== ATTENTION Task: {F67C982E-B27B-4B4D-B6F1-B5474BEA2341} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-11] (Adobe Inc. -> Adobe) Task: {FB761E82-2ABF-4B7D-A0A8-3F00F3533DD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-08] (Google Inc -> Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\update-S-1-5-21-2297230751-1021565052-1431566534-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{BFE47783-CFC6-4DEE-8858-A9889FC23A55}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{F8E6BFBF-08DD-4CEC-8468-25670AF9DFE4}: [DhcpNameServer] 94.72.140.1 Internet Explorer: ================== HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF DefaultProfile: mrpwyf7s.default FF ProfilePath: C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default [2020-03-02] FF user.js: detected! => C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\user.js [2019-01-02] FF Homepage: Mozilla\Firefox\Profiles\mrpwyf7s.default -> google.bg FF Notifications: Mozilla\Firefox\Profiles\mrpwyf7s.default -> hxxps://www.instagram.com FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\[email protected] [2020-01-04] FF Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\[email protected] [2019-01-31] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default [2020-04-13] CHR Notifications: Default -> hxxps://csgofast.com; hxxps://forum.dmg-inc.com; hxxps://ghost-recon.ubisoft.com; hxxps://tinder.com; hxxps://www.emag.bg CHR StartupUrls: Default -> "hxxp://google.bg/" CHR DefaultSearchURL: Default -> hxxps://tinder.com/static/android-chrome-192x192.png CHR Extension: (Презентации) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Документи) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Диск) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17] CHR Extension: (YouTube) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-08] CHR Extension: (Таблици) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Документи офлайн) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-10] CHR Extension: (Tinder) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejiihbkifllpgdfndalmghiodgkefan [2019-04-05] CHR Extension: (Hoxx VPN Proxy) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2020-03-17] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24] CHR Extension: (Chrome Media Router) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03] CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\System Profile [2020-02-17] Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2020-01-04] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-20] (BattlEye Innovations e.K. -> ) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-11-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2020-02-13] (Mixbyte Inc -> Freemake) S3 mracsvc; C:\Windows\System32\mracsvc.exe [18534552 2019-08-24] (Mail.Ru LLC -> LLC Mail.Ru) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [8019808 2018-03-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495792 2020-04-12] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3447608 2020-04-12] (Electronic Arts, Inc. -> Electronic Arts) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1688720 2020-03-05] (Rockstar Games, Inc. -> Rockstar Games) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2017-09-08] (Realtek Semiconductor.) [File not signed] S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-11-08] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-06-20] (Microsoft Windows -> Microsoft Corporation) R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2651136 2017-09-08] (Microsoft Corporation) [File not signed] S3 FACEITService; C:/Program Files/FACEIT AC/FACEITService.exe [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate(CPC)\Transfer\DriverInstall.exe" [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-09-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R0 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [67128 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [28216 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2009-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-08] (Martin Malik - REALiX -> REALiX(tm)) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2017-09-08] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.) S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [17770920 2019-08-24] (Mail.Ru LLC -> LLC Mail.Ru) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69840 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation) S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2017-09-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [34872 2009-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) S3 VOICEMOD_Driver; C:\Windows\System32\drivers\vmdrv.sys [27648 2019-07-02] (Windows (R) Win 7 DDK provider) [File not signed] S3 CLMirrorDriver; system32\DRIVERS\CLMirrorDriver.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] S4 nvvhci; system32\DRIVERS\nvvhci.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-13 13:04 - 2020-04-13 13:05 - 000018493 _____ C:\Users\GAMEPC\Downloads\FRST.txt 2020-04-13 13:03 - 2020-04-13 13:04 - 000000000 ____D C:\FRST 2020-04-13 13:02 - 2020-04-13 13:03 - 002281984 _____ (Farbar) C:\Users\GAMEPC\Downloads\FRST64.exe 2020-04-13 13:02 - 2020-04-13 13:02 - 002281984 _____ (Farbar) C:\Users\GAMEPC\Downloads\Непотвърдено 720436.crdownload 2020-04-12 15:52 - 2020-04-12 15:54 - 021108919 _____ C:\Users\GAMEPC\Downloads\IMG_0571.mov 2020-04-11 14:13 - 2020-04-11 14:13 - 000013913 _____ C:\Users\GAMEPC\Downloads\Richard.Hammond's.Big.Longest.Railway.Tunnel.2020.1080i.HDTV.x264.torrent 2020-04-11 14:13 - 2020-04-11 14:13 - 000013724 _____ C:\Users\GAMEPC\Downloads\Richard.Hammond's.Big.Super.Stadium.2020.1080i.HDTV.x264.torrent 2020-04-11 14:07 - 2020-04-11 14:07 - 000020396 _____ C:\Users\GAMEPC\Downloads\Richard.Hammond's.Big.Tallest.Building.On.Earth.2020.720p.HDTV.x264.torrent 2020-04-11 14:07 - 2020-04-11 14:07 - 000013420 _____ C:\Users\GAMEPC\Downloads\Richard.Hammond's.Big.Mega.Ship.2020.1080i.HDTV.x264.torrent 2020-04-10 13:56 - 2020-04-10 13:56 - 000011541 _____ C:\Users\GAMEPC\Downloads\Busty.Coeds.vs.Lusty.Cheerleaders.2011.HDRip.720p.x264.mp4.torrent 2020-04-09 13:58 - 2020-04-09 14:13 - 169566096 _____ C:\Users\GAMEPC\Downloads\twerk.AVI 2020-04-09 13:58 - 2020-04-09 14:06 - 058040907 _____ C:\Users\GAMEPC\Downloads\MOV01556.mpeg 2020-04-07 15:07 - 2020-04-07 15:07 - 000001655 _____ C:\Users\Public\Desktop\VALORANT.lnk 2020-04-07 15:07 - 2020-04-07 15:07 - 000001655 _____ C:\ProgramData\Desktop\VALORANT.lnk 2020-04-07 15:07 - 2020-04-07 15:07 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-04-07 15:07 - 2020-04-07 15:07 - 000000000 ____D C:\Riot Games 2020-04-07 15:07 - 2020-04-07 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2020-04-07 15:06 - 2020-04-07 15:07 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Riot Games 2020-04-07 15:06 - 2020-04-07 15:07 - 000000000 ____D C:\ProgramData\Riot Games 2020-04-07 15:05 - 2020-04-07 15:06 - 068288168 _____ (Riot Games, Inc.) C:\Users\GAMEPC\Downloads\Install VALORANT.exe 2020-04-06 20:12 - 2020-04-06 20:12 - 000016557 _____ C:\Users\GAMEPC\Downloads\Now.You.See.Me.2013.EXTENDED.480p.BDRip.x265.AC3.BGaudio-REFLUX.torrent 2020-04-06 20:08 - 2020-04-06 20:08 - 000011672 _____ C:\Users\GAMEPC\Downloads\The.Lone.Ranger.2013.BDRip.x264.BGAUDiO-SLSS.torrent 2020-04-06 20:05 - 2020-04-06 20:05 - 000014150 _____ C:\Users\GAMEPC\Downloads\Jack.the.Giant.Slayer.2013.576p.BDRip.x265.DUAL-REFLUX.torrent 2020-04-05 02:03 - 2020-04-05 02:03 - 000151200 _____ C:\Users\GAMEPC\Downloads\The.Penguins.of.Madagascar.2008.DVDRip.XviD.BGAUDIO-nikio96.torrent 2020-04-04 15:32 - 2020-04-04 15:32 - 000173894 _____ C:\Users\GAMEPC\Downloads\Hawaii.Five-0.S01.720p.WEB-DL.BG.ENG.H.264-smsliverpool.torrent 2020-04-04 14:41 - 2020-04-04 14:41 - 000053564 _____ C:\Users\GAMEPC\Downloads\Arrival__2016.(subs.sab.bz).rar 2020-04-04 14:41 - 2020-04-04 14:41 - 000011894 _____ C:\Users\GAMEPC\Downloads\Arrival.2016.576p.BDRIP.x264.AAC-GOD.torrent 2020-04-02 01:56 - 2020-04-02 01:56 - 000014519 _____ C:\Users\GAMEPC\Downloads\National.Treasure.2004.BRRip.XviD.BGAUDiO-ZmN.torrent 2020-04-01 02:07 - 2020-04-01 02:07 - 000055713 _____ C:\Users\GAMEPC\Downloads\Meet The Fockers [DVDRip][2004][BGAudio][BugzBunny].avi.torrent 2020-03-31 23:21 - 2020-03-31 23:21 - 000089245 _____ C:\Users\GAMEPC\Downloads\Addams.Family.Values.1993.1080p.BluRay.x264-SlzD.torrent 2020-03-31 23:21 - 2020-03-31 23:21 - 000026602 _____ C:\Users\GAMEPC\Downloads\addams.family.values.1993.bluray.bg(subsunacs.net).rar 2020-03-31 23:19 - 2020-03-31 23:19 - 000026083 _____ C:\Users\GAMEPC\Downloads\the_addams_family(subsunacs.net).zip 2020-03-31 23:19 - 2020-03-31 23:19 - 000015432 _____ C:\Users\GAMEPC\Downloads\The.Addams.Family.1991.HDTVRip.XviD.AC3-KiNGS.torrent 2020-03-30 23:36 - 2020-03-31 00:08 - 000000000 ____D C:\Users\GAMEPC\Documents\Assassin's Creed Syndicate 2020-03-30 23:36 - 2020-03-30 23:36 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\uplay 2020-03-30 21:17 - 2020-03-30 21:17 - 000058328 _____ C:\Users\GAMEPC\Downloads\Assassin's Creed Syndicate - Gold Edition + v1.5 + All DLCs [FitGirl Repack].torrent 2020-03-30 20:08 - 2020-03-30 20:08 - 001024240 _____ C:\Users\GAMEPC\Downloads\filmora-idco_setup_full1901.exe 2020-03-30 20:07 - 2020-03-30 20:07 - 001153264 _____ C:\Users\GAMEPC\Downloads\filmorapro_setup_full4895.exe 2020-03-30 20:03 - 2020-03-30 20:03 - 000000000 ____D C:\Users\GAMEPC\Documents\New Folder(2) 2020-03-30 20:03 - 2020-03-30 20:03 - 000000000 ____D C:\Users\GAMEPC\Documents\New Folder(1) 2020-03-30 20:02 - 2020-03-30 20:02 - 000000000 ____D C:\Users\GAMEPC\Documents\New Folder 2020-03-30 19:35 - 2020-03-30 19:37 - 135856128 _____ C:\Users\GAMEPC\Downloads\blender-2.82a-windows64.msi 2020-03-28 04:34 - 2020-03-28 04:35 - 018548431 _____ C:\Users\GAMEPC\Downloads\voicemod crack .rar 2020-03-28 04:22 - 2020-03-28 04:22 - 023272680 _____ (Voicemod S.L. ) C:\Users\GAMEPC\Downloads\VoicemodSetup.exe 2020-03-28 04:22 - 2019-07-02 17:50 - 000027648 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\vmdrv.sys 2020-03-26 16:39 - 2020-03-26 16:39 - 000021708 _____ C:\Users\GAMEPC\Downloads\the_hunt(subsunacs.net).7z 2020-03-26 16:38 - 2020-03-26 16:38 - 000038078 _____ C:\Users\GAMEPC\Downloads\The.Hunt.2020.1080p.AMZN.WEBRip.DDP5.1.x264-NTG.torrent 2020-03-25 22:47 - 2019-01-01 00:02 - 006045924 _____ C:\Users\GAMEPC\Desktop\meepoof_legacy_nonQcast.exe 2020-03-25 22:45 - 2020-03-25 22:45 - 005896438 _____ C:\Users\GAMEPC\Downloads\meepoofv1_legacy_nonQcast.zip 2020-03-25 02:45 - 2020-03-25 02:45 - 000002971 _____ C:\Users\GAMEPC\Downloads\Unacknowledged.2017.1080p.WEB.x265.AAC-Dr3adLoX.torrent 2020-03-25 02:42 - 2020-03-25 02:42 - 000013592 _____ C:\Users\GAMEPC\Downloads\Most.Evil.Egocentric.Killers.1080i.HDTV.x264.torrent 2020-03-24 19:05 - 2020-03-24 19:05 - 000002374 _____ C:\Users\GAMEPC\Desktop\StreamLabels.lnk 2020-03-24 19:04 - 2020-03-24 19:05 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\streamlabels-updater 2020-03-23 15:18 - 2020-03-23 15:18 - 000045449 _____ C:\Users\GAMEPC\Downloads\The_Invisible_Man.(subs.sab.bz).zip 2020-03-23 15:18 - 2020-03-23 15:18 - 000039071 _____ C:\Users\GAMEPC\Downloads\The.Invisible.Man.2020.1080p.WEB-DL.H264.AC3-EVO.torrent 2020-03-23 15:14 - 2020-03-23 15:14 - 000012215 _____ C:\Users\GAMEPC\Downloads\Toy.Story.4.2019.BRRip.x265.AC3.BGAUDiO-SiSO.torrent 2020-03-22 14:43 - 2020-03-22 14:43 - 000315856 _____ C:\Users\GAMEPC\Downloads\SHUTDOWN8-SETUP.EXE 2020-03-22 14:43 - 2020-03-22 14:43 - 000001043 _____ C:\Users\GAMEPC\Desktop\Shutdown8.lnk 2020-03-22 14:43 - 2020-03-22 14:43 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Shutdown8 2020-03-22 14:42 - 2020-03-22 14:42 - 000566784 _____ C:\Users\GAMEPC\Downloads\ShutDown.exe 2020-03-22 14:32 - 2020-03-16 16:07 - 039835432 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2020-03-22 14:32 - 2020-03-16 16:07 - 022106560 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2020-03-22 14:32 - 2020-03-16 16:07 - 018416616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2020-03-22 14:32 - 2020-03-16 16:06 - 004257984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 001729440 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2020-03-22 14:32 - 2020-03-16 13:10 - 001729440 _____ C:\Windows\system32\vulkaninfo.exe 2020-03-22 14:32 - 2020-03-16 13:10 - 001329576 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-03-22 14:32 - 2020-03-16 13:10 - 001329576 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2020-03-22 14:32 - 2020-03-16 13:10 - 001079208 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 001079208 _____ C:\Windows\system32\vulkan-1.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 000937920 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 000937920 _____ C:\Windows\SysWOW64\vulkan-1.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 000440040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2020-03-22 14:32 - 2020-03-16 13:10 - 000343784 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 127357328 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 040314976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 029930728 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 027555560 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 025239952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 011834784 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 010161040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2020-03-22 14:32 - 2020-03-16 13:09 - 000420240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 029545584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 022880352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2020-03-22 14:32 - 2020-03-16 13:08 - 017464208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 015029992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 004988136 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 004447648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 002068368 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001720208 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6444274.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001560808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001482984 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6444274.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001476536 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001363176 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001139832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 001057696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000625776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000539880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000517232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000422328 _____ C:\Windows\system32\nvofapi64.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000373360 _____ C:\Windows\SysWOW64\nvofapi.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000182368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000164464 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000158304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2020-03-22 14:32 - 2020-03-16 13:08 - 000143288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2020-03-22 14:32 - 2020-03-16 13:07 - 040502176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2020-03-22 14:32 - 2020-03-16 13:07 - 035371424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2020-03-22 14:32 - 2020-03-16 13:07 - 000518560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll 2020-03-22 14:28 - 2020-03-22 14:29 - 554302392 _____ (NVIDIA Corporation) C:\Users\GAMEPC\Downloads\442.74-desktop-win8-win7-64bit-international-whql.exe 2020-03-21 05:08 - 2020-03-21 05:08 - 000021014 _____ C:\Users\GAMEPC\Downloads\Scooby Doo Mystery Incorporated Season 2 DVDRip BG Audio - SPYRO.torrent 2020-03-20 16:09 - 2020-03-20 16:09 - 000077329 _____ C:\Users\GAMEPC\Downloads\_Yavka.net_The.Outsider.S01E01.WEBRip.x264-ION10.zip 2020-03-20 16:09 - 2020-03-20 16:09 - 000041769 _____ C:\Users\GAMEPC\Downloads\The.Outsider.2020.S01E01.WEB.H264-XLF.torrent 2020-03-20 15:11 - 2020-03-20 15:11 - 000056630 _____ C:\Users\GAMEPC\Downloads\Secret.Window.2004.DVDrip.XviD.Brutus-WORKZ.torrent 2020-03-20 15:08 - 2020-03-20 15:08 - 000025691 _____ C:\Users\GAMEPC\Downloads\1408.2007.Director_s.Cut.720p.HDDVD.x264_CtrlHD.(subs.sab.bz).rar 2020-03-20 15:07 - 2020-03-20 15:07 - 000014658 _____ C:\Users\GAMEPC\Downloads\1408.2007.BRRip.XViD.AC3 -playXD.torrent 2020-03-20 15:03 - 2020-03-20 15:03 - 000014435 _____ C:\Users\GAMEPC\Downloads\Daybreakers.2009.BDRip.x264.AAC.BGAUDiO-SiSO.torrent 2020-03-20 14:59 - 2020-03-20 14:59 - 000056731 _____ C:\Users\GAMEPC\Downloads\Dreamcatcher.DVDrip.AC3.torrent 2020-03-19 14:12 - 2020-03-19 14:22 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\ShootersPool 2020-03-19 14:12 - 2020-03-19 14:12 - 000000000 ____D C:\Users\GAMEPC\Documents\ShootersPool 2020-03-19 14:12 - 2020-03-19 14:12 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\ShootersPool 2020-03-19 13:39 - 2020-03-19 13:57 - 1545182216 _____ C:\Users\GAMEPC\Downloads\ShootersPool-1.8.2c_Setup.exe 2020-03-17 16:31 - 2020-03-17 16:31 - 000033204 _____ C:\Users\GAMEPC\Downloads\swtros_2019_web_unacs_team(subsunacs.net).rar 2020-03-17 16:30 - 2020-03-17 16:30 - 000027541 _____ C:\Users\GAMEPC\Downloads\Star.Wars.Episode.IX.The.Rise.of.Skywalker.2020.HDRip.AC3.x264-CMRG.torrent 2020-03-15 14:48 - 2020-03-15 14:48 - 000013669 _____ C:\Users\GAMEPC\Downloads\Richard.Hammond's.Big.Austria's.Mega.Dam.2020.1080i.HDTV.x264.torrent 2020-03-15 00:26 - 2020-03-15 00:30 - 068914501 _____ C:\Users\GAMEPC\Downloads\FullSizeRender.mov 2020-03-14 19:01 - 2020-03-14 19:08 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\CitizenFX 2020-03-14 18:50 - 2020-04-09 18:17 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\FiveM 2020-03-14 18:50 - 2020-03-14 18:50 - 008885192 _____ (cfx-collective) C:\Users\GAMEPC\Downloads\FiveM.exe 2020-03-14 18:50 - 2020-03-14 18:50 - 000002024 _____ C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM Singleplayer.lnk 2020-03-14 18:50 - 2020-03-14 18:50 - 000002016 _____ C:\Users\GAMEPC\Desktop\FiveM Singleplayer.lnk 2020-03-14 18:50 - 2020-03-14 18:50 - 000002016 _____ C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk 2020-03-14 18:50 - 2020-03-14 18:50 - 000002008 _____ C:\Users\GAMEPC\Desktop\FiveM.lnk ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-13 12:56 - 2017-09-23 18:42 - 000000000 ____D C:\Program Files (x86)\Steam 2020-04-13 12:51 - 2009-07-14 07:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-04-13 12:51 - 2009-07-14 07:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-04-13 12:49 - 2019-03-14 23:38 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Spotify 2020-04-13 12:44 - 2017-09-09 22:09 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\discord 2020-04-13 12:42 - 2019-03-14 23:37 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Spotify 2020-04-13 12:42 - 2017-09-08 14:03 - 000000000 ____D C:\ProgramData\NVIDIA 2020-04-13 12:41 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-04-13 03:59 - 2019-07-31 00:33 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\obs-studio 2020-04-13 03:38 - 2019-08-14 02:36 - 000000390 _____ C:\Windows\Tasks\update-sys.job 2020-04-13 02:45 - 2019-08-14 02:36 - 000000390 _____ C:\Windows\Tasks\update-S-1-5-21-2297230751-1021565052-1431566534-1000.job 2020-04-12 03:45 - 2019-12-26 03:14 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Origin 2020-04-12 03:12 - 2019-02-11 22:09 - 000000000 ____D C:\ProgramData\Origin 2020-04-12 03:11 - 2019-12-26 03:16 - 000000000 ____D C:\Program Files (x86)\Origin 2020-04-12 03:11 - 2019-12-26 03:14 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Origin 2020-04-11 17:11 - 2017-09-10 01:33 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\qBittorrent 2020-04-08 00:03 - 2018-11-16 15:10 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-04-08 00:03 - 2018-11-16 15:10 - 000002181 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-04-08 00:03 - 2017-09-08 13:35 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-04-06 03:47 - 2017-09-19 23:12 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\TS3Client 2020-04-03 11:39 - 2018-01-11 17:53 - 000640612 _____ C:\Windows\system32\perfh002.dat 2020-04-03 11:39 - 2018-01-11 17:53 - 000114470 _____ C:\Windows\system32\perfc002.dat 2020-04-03 11:39 - 2009-07-14 08:13 - 001498588 _____ C:\Windows\system32\PerfStringBackup.INI 2020-04-03 11:39 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf 2020-03-31 00:08 - 2009-07-14 08:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2020-03-30 20:00 - 2019-08-08 04:08 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\NVIDIA 2020-03-28 04:27 - 2017-09-08 15:54 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\CrashDumps 2020-03-24 19:05 - 2019-10-04 14:40 - 000002382 _____ C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamLabels.lnk 2020-03-24 19:02 - 2019-07-31 03:15 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\slobs-client 2020-03-24 19:01 - 2019-07-31 03:14 - 000000000 ____D C:\Program Files\Streamlabs OBS 2020-03-21 16:32 - 2018-11-03 19:10 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\DigitalEntitlements 2020-03-21 02:54 - 2017-09-08 13:35 - 000003434 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-21 02:54 - 2017-09-08 13:35 - 000003306 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-03-20 21:19 - 2017-09-18 19:14 - 000000000 ____D C:\ProgramData\McAfee 2020-03-20 17:01 - 2017-12-06 19:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\ViberPC 2020-03-19 14:12 - 2018-07-27 18:56 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2020-03-19 14:12 - 2018-07-27 18:56 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2020-03-19 14:12 - 2018-07-27 18:56 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2020-03-19 14:12 - 2018-07-27 18:56 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2020-03-19 03:22 - 2018-10-18 17:36 - 000000979 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk 2020-03-19 03:22 - 2018-10-18 17:36 - 000000979 _____ C:\ProgramData\Desktop\PotPlayer 64 bit.lnk 2020-03-16 16:07 - 2020-03-11 03:56 - 034369720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2020-03-16 16:07 - 2017-09-08 14:02 - 004813752 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2020-03-16 13:09 - 2017-09-08 14:02 - 000502672 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2020-03-16 13:08 - 2020-03-11 03:56 - 000469904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2020-03-14 01:34 - 2017-09-08 13:21 - 000052925 _____ C:\Windows\system32\nvinfo.pb 2020-03-14 00:04 - 2017-09-08 14:03 - 005580272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2020-03-14 00:04 - 2017-09-08 14:03 - 002631480 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2020-03-14 00:04 - 2017-09-08 14:03 - 001759032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2020-03-14 00:04 - 2017-09-08 14:03 - 000660792 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2020-03-14 00:04 - 2017-09-08 14:03 - 000447464 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2020-03-14 00:04 - 2017-09-08 14:03 - 000121328 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2020-03-14 00:04 - 2017-09-08 14:03 - 000074552 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll ==================== Files in the root of some directories ======== 2020-02-19 00:22 - 2020-02-19 00:22 - 000000733 _____ () C:\Users\GAMEPC\AppData\Local\recently-used.xbel 2018-12-17 21:42 - 2018-12-23 19:48 - 000007597 _____ () C:\Users\GAMEPC\AppData\Local\Resmon.ResmonCfg 2019-08-14 02:36 - 2019-08-14 02:36 - 000000003 _____ () C:\Users\GAMEPC\AppData\Local\updater.log 2019-08-14 02:36 - 2019-08-14 02:36 - 000000424 _____ () C:\Users\GAMEPC\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2020-04-07 04:13 ==================== End of FRST.txt ========================
  12. Добър вечер момчета искам да попитам за това дъно Motherboard Name Gigabyte GA-78LMT-S2P v5 Кой е възможно най добрия процесор който мога да си взема като се има в предвид че в момента съм с амд-фх 8320е И още 1 въпрос за да не правя отделна тема наскоро си купих рам памет адата ддр3 1600мхз но във аида екстрийм пише следното Bus Type Dual DDR3 SDRAM Bus Width 128-bit DRAM:FSB Ratio 24:6 Real Clock 800 MHz (DDR) Effective Clock 1600 MHz Bandwidth [ TRIAL VERSION ] MB/s Това реално ли е и сега как да проверя реалната скорост на рам памет-а си Благодаря предварително
  13. Мисля че някой от драйверите които съм свалил са омазани яко И всичко по декстопа както и докато съм отворил някой саит и прокарам друга програма върху самата страница то започва да размазва самата картина...
  14. Не не ползвам ссд Ще опитам и тези неща и ако стане по добре ще се радвам :Д Благодаря ти днес цял ден се занимаваш с моите глупости.Много съм ти благодарен още 1 път като цяло целият ви канал,група,под-форум да са живи и здрави и да продължавате все така Може би малко пресилено но вие сте едно от малкото неща които работи правилна в нашата Държавица
  15. Само дефрагм... не съм пробвал освен и нея да направя а ще навреди ли по някакъв начин на пц-то фаиловете в дял /ц ?
  16. Мисля че нормално се държи Но по скоро ме кара да си мисля че самият лин.. Е за преинсталация или има някой програми които съм инсталирал някога в миналото и те по някакъв начин спомагат за бавната работа на пц-то Но не съм сигурен кои са. Тъй като когато преглеждам процесите в таск-мениджъра няма нищо нередно или програма която да товари самият комп повече от нормалното но въпреки това видимо работи по бавно Когато му задам някаква задача от сорта да отвори програма сайт,игра каквото и да е било го прави така все 1 не са 8гб рам + останалите неща а ми е пц от преди 10 години и повече .. Не знам вече какво да си мисля
  17. # DelFix v1.013 - Logfile created 10/02/2019 at 16:54:45 # Updated 17/04/2016 by Xplode # Username : GAMEPC - GAMEPC-PC # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\AdwCleaner Deleted : C:\Users\GAMEPC\Downloads\adwcleaner_7.1.1.exe ~ Cleaning system restore ... Deleted : RP #146 [Планирана контролна точка | 02/01/2019 14:11:32] Deleted : RP #147 [Планирана контролна точка | 02/09/2019 13:07:59] Deleted : RP #149 [Restore Point Created by FRST | 02/10/2019 14:15:23] New restore point created ! ########## - EOF - ##########
  18. Да попитам само преди да съм започнал всички отметки ли да сложа или вие просто сте ми ги дали като обеснение кое какво означава?
  19. Fix result of Farbar Recovery Scan Tool (x64) Version: 8.02.2019 Ran by GAMEPC (10-02-2019 16:15:22) Run:1 Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: EmptyTemp: CloseProcesses: S3 mracsvc; C:\Windows\System32\mracsvc.exe [11132176 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru) S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [10348560 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru) AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482] FirewallRules: [TCP Query User{A7A3205E-5145-4588-981D-700ACBF67C2F}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File FirewallRules: [UDP Query User{FCB7CF1E-D214-47B7-8337-D288C7BAF41D}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File FirewallRules: [TCP Query User{B1B4DF97-831E-413C-A928-4176B7B76801}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe No File FirewallRules: [UDP Query User{8691C936-9089-4A6A-9831-A0087C639A9C}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe No File reboot: end ***************** Restore point was successfully created. Processes closed successfully. HKLM\System\CurrentControlSet\Services\mracsvc => removed successfully mracsvc => service removed successfully HKLM\System\CurrentControlSet\Services\mracdrv => removed successfully mracdrv => service removed successfully C:\Users\GAMEPC\AppData\Roaming => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A7A3205E-5145-4588-981D-700ACBF67C2F}D:\arc\s\fifa 17\fifa17.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FCB7CF1E-D214-47B7-8337-D288C7BAF41D}D:\arc\s\fifa 17\fifa17.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B1B4DF97-831E-413C-A928-4176B7B76801}D:\fifa\fifa18\fifa18.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8691C936-9089-4A6A-9831-A0087C639A9C}D:\fifa\fifa18\fifa18.exe" => removed successfully =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24481427 B Java, Flash, Steam htmlcache => 407309511 B Windows/system/drivers => 164402 B Edge => 0 B Chrome => 786870069 B Firefox => 187737686 B Opera => 29981241 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 128 B systemprofile32 => 128 B LocalService => 0 B NetworkService => 0 B GAMEPC => 291741583 B RecycleBin => 0 B EmptyTemp: => 1.6 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 16:16:25 ==== Значи не е от вирус просто лин-а е заминал ? така ли да разбирам ? Тези програми нали мога да ги деинсталирам сега ?
  20. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 8.02.2019 Ran by GAMEPC (administrator) on GAMEPC-PC (10-02-2019 15:35:32) Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\qBittorrent\qbittorrent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Viber] => C:\Users\GAMEPC\AppData\Local\Viber\Viber.exe [37073480 2019-01-30] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Spotify] => C:\Users\GAMEPC\AppData\Roaming\Spotify\Spotify.exe [26154216 2019-02-03] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35195280 2019-02-01] (Epic Games Inc. -> Epic Games, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc -> Google Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 94.72.140.1 Tcpip\..\Interfaces\{F8E6BFBF-08DD-4CEC-8468-25670AF9DFE4}: [DhcpNameServer] 94.72.140.1 Internet Explorer: ================== HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF DefaultProfile: mrpwyf7s.default FF ProfilePath: C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default [2019-01-31] FF user.js: detected! => C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\user.js [2019-01-02] FF Homepage: Mozilla\Firefox\Profiles\mrpwyf7s.default -> google.bg FF Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\[email protected] [2019-01-31] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] () FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-01-30] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-01-30] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.bg/" CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default [2019-02-10] CHR Extension: (Презентации) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Документи) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Диск) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (YouTube) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-08] CHR Extension: (Таблици) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Документи офлайн) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (Hoxx VPN Proxy) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2019-01-23] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-08] CHR Extension: (Chrome Media Router) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-07] Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-12-20] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-01-31] (BattlEye Innovations e.K. -> ) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-07-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) S3 mracsvc; C:\Windows\System32\mracsvc.exe [11132176 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [8019808 2018-03-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2017-09-08] (Realtek Semiconductor.) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-06-20] (Microsoft Windows -> Microsoft Corporation) R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2651136 2017-09-08] (Microsoft Corporation) [File not signed] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-09-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R0 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [67128 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [28216 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2009-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes) R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [13287800 2019-02-01] (FACE IT LIMITED -> ) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-08] (Martin Malik - REALiX -> REALiX(tm)) S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2017-09-08] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-02-10] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-02-10] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72864 2019-02-10] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-02-10] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [104784 2019-02-10] (Malwarebytes Corporation -> Malwarebytes) S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [10348560 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation) R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2017-09-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [34872 2009-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-02-10 15:31 - 2019-02-10 15:31 - 000062911 _____ C:\Users\GAMEPC\Downloads\The Brotherhood 6 Initiation.torrent 2019-02-10 15:31 - 2019-02-10 15:31 - 000020646 _____ C:\Users\GAMEPC\Downloads\Women.of.the.Night.2001.DVDRip.x265.5rFF.torrent 2019-02-10 15:16 - 2019-02-10 15:16 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2019-02-10 15:16 - 2019-02-10 15:16 - 000072864 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2019-02-10 15:15 - 2019-02-10 15:15 - 000104784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2019-02-10 15:14 - 2019-02-10 15:14 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-02-10 15:06 - 2019-02-10 15:08 - 000000000 ____D C:\AdwCleaner 2019-02-10 15:06 - 2019-02-10 15:06 - 007277776 _____ (Malwarebytes) C:\Users\GAMEPC\Downloads\adwcleaner_7.1.1.exe 2019-02-10 14:49 - 2019-02-10 14:49 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-02-10 14:49 - 2019-02-10 14:49 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\mbamtray 2019-02-10 14:49 - 2019-02-10 14:49 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\mbam 2019-02-10 14:48 - 2019-02-10 14:48 - 000001875 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-02-10 14:48 - 2019-02-10 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-02-10 14:48 - 2019-02-10 14:48 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-02-10 14:48 - 2019-02-10 14:48 - 000000000 ____D C:\Program Files\Malwarebytes 2019-02-10 14:48 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-02-10 14:47 - 2019-02-10 14:48 - 064513784 _____ (Malwarebytes ) C:\Users\GAMEPC\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9186.exe 2019-02-10 12:38 - 2019-02-10 12:39 - 000043955 _____ C:\Users\GAMEPC\Downloads\Addition.txt 2019-02-10 12:37 - 2019-02-10 15:36 - 000016063 _____ C:\Users\GAMEPC\Downloads\FRST.txt 2019-02-10 12:37 - 2019-02-10 15:35 - 000000000 ____D C:\FRST 2019-02-10 12:37 - 2019-02-10 12:37 - 002434048 _____ (Farbar) C:\Users\GAMEPC\Downloads\FRST64.exe 2019-02-09 10:46 - 2019-02-09 10:46 - 008736903 _____ C:\Users\GAMEPC\Downloads\5. Курве.mp4 2019-02-08 23:47 - 2019-02-08 23:47 - 000004811 _____ C:\Users\GAMEPC\Downloads\niko.zip 2019-02-08 03:03 - 2019-02-08 03:03 - 067321320 _____ (Electronic Arts) C:\Users\GAMEPC\Downloads\ApexLegendsInstaller.exe 2019-02-06 23:56 - 2019-02-06 23:56 - 000014497 _____ C:\Users\GAMEPC\Downloads\Flight.of.the.Phoenix.2004.BRRip.XviD.BGAUDiO-KiNGS.torrent 2019-02-06 23:56 - 2019-02-06 23:56 - 000014497 _____ C:\Users\GAMEPC\Downloads\Flight.of.the.Phoenix.2004.BRRip.XviD.BGAUDiO-KiNGS (1).torrent 2019-02-06 13:10 - 2019-02-06 13:10 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Viber 2019-02-05 14:41 - 2019-02-05 14:41 - 014648464 _____ (Microsoft Corporation) C:\Users\GAMEPC\Downloads\vc_redist.x86.exe 2019-02-04 20:49 - 2019-01-30 22:07 - 000133512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2019-02-04 20:45 - 2019-02-01 23:36 - 000228768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2019-02-04 20:45 - 2019-02-01 23:36 - 000047592 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 001005984 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 001005984 _____ C:\Windows\system32\vulkan-1.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000869584 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000869584 _____ C:\Windows\SysWOW64\vulkan-1.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000551920 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000457304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000269520 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000269520 _____ C:\Windows\system32\vulkaninfo.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000243920 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000243920 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2019-02-04 20:45 - 2019-02-01 03:41 - 071470016 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 040344024 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 030021616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 020887352 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 020409840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2019-02-04 20:45 - 2019-02-01 03:41 - 001463952 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 001129368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000631440 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000521872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000419832 _____ C:\Windows\system32\nvofapi64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000368808 _____ C:\Windows\SysWOW64\nvofapi.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 040235096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 035140696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 004868080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 004339616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 002030736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001734560 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441881.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001533936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001467864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441881.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 000497056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 035477392 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 031989600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 029985200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 021206192 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 020096416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 017616432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 010894304 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 009254488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 001168936 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000914912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000524248 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000450648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000419776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000182040 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000163184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000159480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000141568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2019-02-04 20:45 - 2019-02-01 03:38 - 017424680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2019-02-04 20:45 - 2019-02-01 03:38 - 004311968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2019-02-04 20:45 - 2019-01-31 08:26 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2019-02-04 20:45 - 2019-01-31 08:26 - 000000669 _____ C:\Windows\system32\nv-vk64.json 2019-02-04 00:33 - 2019-02-04 00:33 - 000016205 _____ C:\Users\GAMEPC\Downloads\Beautiful.Creature.2013.BRRip.XviD.AC3.BGAUDiO-SiSO&QT.torrent 2019-02-02 19:10 - 2019-02-02 19:10 - 000032425 _____ C:\Users\GAMEPC\Downloads\Speed.2.1997.DVDRip.XviD.BGAUDiO-ZmN.torrent 2019-02-02 19:09 - 2019-02-02 19:09 - 000056272 _____ C:\Users\GAMEPC\Downloads\Speed 2 (1997)[DVDRip].torrent 2019-01-31 21:58 - 2019-01-31 21:58 - 000061719 _____ C:\Users\GAMEPC\Downloads\ggirl_din.(subs.sab.bz).rar 2019-01-31 21:58 - 2019-01-31 21:58 - 000012712 _____ C:\Users\GAMEPC\Downloads\Gone.Girl.2014.576p.BRRip.x265-DiN.torrent 2019-01-30 22:43 - 2019-01-30 22:43 - 000023223 _____ C:\Users\GAMEPC\Downloads\The.Call.2013.720p.BluRay.x264_SPARKS.(subs.sab.bz).zip 2019-01-30 22:43 - 2019-01-30 22:43 - 000014490 _____ C:\Users\GAMEPC\Downloads\The.Call.BDRip.XviD.AC3-WAR (1).torrent 2019-01-30 22:41 - 2019-01-30 22:41 - 000014490 _____ C:\Users\GAMEPC\Downloads\The.Call.BDRip.XviD.AC3-WAR.torrent 2019-01-30 22:22 - 2019-01-30 22:22 - 000028835 _____ C:\Users\GAMEPC\Downloads\Taking.Lives.DC.2004.720p.HDDVD.x264_ESiR.(subs.sab.bz).zip 2019-01-30 22:22 - 2019-01-30 22:22 - 000019710 _____ C:\Users\GAMEPC\Downloads\Taking.Lives.2004.DC.BRRip.x264.AAC-WAR.torrent 2019-01-29 20:26 - 2019-01-29 20:26 - 000029511 _____ C:\Users\GAMEPC\Downloads\The_Cloverfield_Paradox.2018.HDRip.XViD_ETRG.(subs.sab.bz).zip 2019-01-29 20:26 - 2019-01-29 20:26 - 000008066 _____ C:\Users\GAMEPC\Downloads\The.Cloverfield.Paradox.2018.HDRip.XviD.AC3-EVO.torrent 2019-01-29 20:22 - 2019-01-29 20:22 - 000029721 _____ C:\Users\GAMEPC\Downloads\tucker.and.dale.vs.evil.2010.bluray.720p.dts.x264-chd(subsunacs.net).rar 2019-01-29 20:21 - 2019-01-29 20:21 - 000014671 _____ C:\Users\GAMEPC\Downloads\Tucker.And.Dale.vs.Evil.2010.BRRip.XviD-DiN.torrent 2019-01-29 20:11 - 2019-01-29 20:11 - 000014405 _____ C:\Users\GAMEPC\Downloads\Predators.2010.DVDRip.XviD.BG.AUDIO-BDB.torrent 2019-01-29 20:03 - 2019-01-29 20:03 - 000011568 _____ C:\Users\GAMEPC\Downloads\Pandorum.2008.1080p.BluRay.H264.AAC.Dual Audio-ASA.torrent 2019-01-29 19:56 - 2019-01-29 19:56 - 000015401 _____ C:\Users\GAMEPC\Downloads\Abraham.Lincoln.Vampire.Hunter.2012.480p.BDRip.x264.DUAL-SLSS.torrent 2019-01-29 19:55 - 2019-01-29 19:55 - 000027007 _____ C:\Users\GAMEPC\Downloads\cocaine.godmother.2017.720p.webrip.x264-yts.am(subsunacs.net).rar 2019-01-29 19:55 - 2019-01-29 19:55 - 000013125 _____ C:\Users\GAMEPC\Downloads\Cocaine.Godmother.2017.WEBRip.x265-DiN.torrent 2019-01-29 17:26 - 2019-01-29 17:26 - 000014876 _____ C:\Users\GAMEPC\Downloads\api-ms-win-crt-runtime-l1-1-0.dll_85.rar 2019-01-28 17:46 - 2019-01-28 17:46 - 000017617 _____ C:\Users\GAMEPC\Downloads\Ghost.Ship.2002.720p.BluRay.x264_DON.(subs.sab.bz).rar 2019-01-28 17:46 - 2019-01-28 17:46 - 000014588 _____ C:\Users\GAMEPC\Downloads\Ghost.Ship.2002.BDRp.XviD.AC3-WAR.torrent 2019-01-28 00:46 - 2019-01-28 00:46 - 000014403 _____ C:\Users\GAMEPC\Downloads\top_gear.17x07.india_special.hdtv_xvid-fov.avi (1).torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000033323 _____ C:\Users\GAMEPC\Downloads\top.gear.at.the.movies.2011.bdrip.xvid-taste(subsunacs.net).rar 2019-01-28 00:02 - 2019-01-28 00:02 - 000014764 _____ C:\Users\GAMEPC\Downloads\Top.Gear.At.The.Movies.2011.BDRip.XviD-TASTE.torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000014423 _____ C:\Users\GAMEPC\Downloads\Top.Gear.S14E06.DVBRip.XviD.BGAudio.torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000011585 _____ C:\Users\GAMEPC\Downloads\Top.Gear.The.Great.African.Adventure.2013.720p.BluRay.x264.torrent 2019-01-28 00:00 - 2019-01-28 00:00 - 000036810 _____ C:\Users\GAMEPC\Downloads\Top_Gear_India_Special.(subs.sab.bz).rar 2019-01-27 23:59 - 2019-01-27 23:59 - 000014401 _____ C:\Users\GAMEPC\Downloads\top_gear.17x07.india_special.hdtv_xvid-fov.avi.torrent 2019-01-26 04:50 - 2019-01-26 04:50 - 000011416 _____ C:\Users\GAMEPC\Downloads\Top Gear - Burma Special.torrent 2019-01-26 04:47 - 2019-01-26 04:47 - 000020539 _____ C:\Users\GAMEPC\Downloads\Top.Gear.The.Worst.Car.In.The.History.Of.The.World.2012.720p.BluRay.x264.torrent 2019-01-25 04:45 - 2019-01-25 04:45 - 000016631 _____ C:\Users\GAMEPC\Downloads\Top Gear - Season 16.torrent 2019-01-23 23:26 - 2019-01-23 23:26 - 000000219 _____ C:\Users\GAMEPC\Desktop\Counter-Strike Global Offensive.url 2019-01-20 15:34 - 2019-01-20 15:34 - 000094134 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x08.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000092379 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x07.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000086708 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x06.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000067819 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x10.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000063437 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x09.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000055727 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x05.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000051267 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x11.(subs.sab.bz).zip 2019-01-19 22:51 - 2019-01-19 22:51 - 000000222 _____ C:\Users\GAMEPC\Desktop\DiRT 3 Complete Edition.url 2019-01-19 17:40 - 2019-01-19 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-01-18 18:47 - 2019-01-18 18:47 - 000091478 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x04.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:47 - 000104011 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02E02.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:47 - 000086312 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x03.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:46 - 000101264 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02E01.(subs.sab.bz).zip 2019-01-18 18:45 - 2019-01-18 18:45 - 000038914 _____ C:\Users\GAMEPC\Downloads\The.Grand.Tour.S02.WEBRip.X264-Mixed.torrent 2019-01-18 18:43 - 2019-01-18 18:43 - 000028976 _____ C:\Users\GAMEPC\Downloads\_Yavka.net_Goosebumps.2.Haunted.Halloween.2018.720p.BluRay.H264.AAC-RARBG.rar 2019-01-18 18:42 - 2019-01-18 18:42 - 000014612 _____ C:\Users\GAMEPC\Downloads\Goosebumps.2.Haunted.Halloween.2018.BRRip.XViD-ETRG.torrent 2019-01-18 17:30 - 2019-01-18 17:36 - 032841688 _____ C:\Users\GAMEPC\Downloads\masturbira pred kamera.flv 2019-01-18 17:30 - 2019-01-18 17:32 - 011506791 _____ C:\Users\GAMEPC\Downloads\Bulgarian teen girl selfshot her orgasm - xHamster.com.flv 2019-01-18 17:29 - 2019-01-18 17:50 - 196627499 _____ C:\Users\GAMEPC\Downloads\Тийнейджърка.mkv 2019-01-18 17:27 - 2019-01-18 17:28 - 021624320 _____ C:\Users\GAMEPC\Downloads\Maria Bratoeva - Ruse.avi 2019-01-18 17:27 - 2019-01-18 17:27 - 003177723 _____ C:\Users\GAMEPC\Downloads\Cumming on my girlfriend's tits and face - xHamster.com.flv 2019-01-18 17:27 - 2019-01-18 17:27 - 001862496 _____ C:\Users\GAMEPC\Downloads\SEX Denica Stoqnova .3gp 2019-01-18 17:27 - 2019-01-18 17:27 - 000215130 _____ C:\Users\GAMEPC\Downloads\Seks v kenefa.3gp 2019-01-18 17:13 - 2019-01-18 17:23 - 096802616 _____ C:\Users\GAMEPC\Downloads\PUTIBG_9-2. от Асеновград пред камератаvideo (1).flv 2019-01-18 14:31 - 2019-01-18 14:31 - 000003476 _____ C:\Users\GAMEPC\Downloads\d2c4a999-a7cb-4247-957e-b682f76cd2ea-profile_image-70x70.jpeg 2019-01-18 00:46 - 2019-01-18 00:46 - 000000218 _____ C:\Users\GAMEPC\Desktop\Counter-Strike.url 2019-01-17 17:01 - 2019-01-17 17:01 - 002982580 _____ C:\Users\GAMEPC\Downloads\19godina.avi 2019-01-17 17:01 - 2019-01-17 17:01 - 002982580 _____ C:\Users\GAMEPC\Downloads\19godina (1).avi 2019-01-17 16:57 - 2019-01-17 16:57 - 007733248 _____ C:\Users\GAMEPC\Downloads\Mimi Kavarna.3gp 2019-01-16 15:51 - 2019-01-16 15:51 - 002824729 _____ C:\Users\GAMEPC\Downloads\IMG_2378.MOV 2019-01-15 17:01 - 2019-01-12 06:02 - 000383568 _____ C:\Windows\system32\nvofapi.dll 2019-01-15 17:00 - 2019-01-12 06:01 - 002018184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441771.dll 2019-01-15 17:00 - 2019-01-12 06:01 - 001467648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441771.dll 2019-01-13 21:23 - 2019-01-13 21:23 - 000016563 _____ C:\Users\GAMEPC\Downloads\The.Hangover.Part.II.2011.BDRip.XviD.AC3.DUAL-REFLUX.torrent 2019-01-13 21:17 - 2019-01-13 21:17 - 000014673 _____ C:\Users\GAMEPC\Downloads\Accepted[2006]DvDrip[Eng]-aXXo.torrent 2019-01-13 21:09 - 2019-01-13 21:09 - 000014129 _____ C:\Users\GAMEPC\Downloads\The.Social.Network.2010.BDRip.XviD.AC3.BGAUDiO-SiSO.torrent 2019-01-11 01:57 - 2019-01-11 21:58 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\PokerStars.BG 2019-01-11 01:57 - 2019-01-11 02:00 - 000000000 ____D C:\Program Files (x86)\PokerStars.BG 2019-01-11 01:57 - 2019-01-11 01:57 - 000002008 _____ C:\Users\GAMEPC\Desktop\PokerStars.bg.lnk 2019-01-11 01:57 - 2019-01-11 01:57 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.BG 2019-01-11 01:56 - 2019-01-11 01:56 - 002174984 _____ (Rational Intellectual Holdings Ltd.) C:\Users\GAMEPC\Downloads\PokerStarsInstallBG.exe ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-02-10 15:32 - 2017-09-10 00:33 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\qBittorrent 2019-02-10 15:22 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-02-10 15:22 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-02-10 15:16 - 2019-01-09 00:51 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Spotify 2019-02-10 15:16 - 2017-12-06 18:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\ViberPC 2019-02-10 15:15 - 2019-01-09 00:50 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Spotify 2019-02-10 15:15 - 2017-09-08 13:03 - 000000000 ____D C:\ProgramData\NVIDIA 2019-02-10 15:13 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-02-10 15:00 - 2017-09-08 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2019-02-10 14:58 - 2017-09-23 17:42 - 000000000 ____D C:\Program Files (x86)\Steam 2019-02-10 01:24 - 2017-09-19 22:12 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\TS3Client 2019-02-07 15:31 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Opera 2019-02-07 01:05 - 2018-04-14 10:49 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Ubisoft Game Launcher 2019-02-05 14:13 - 2017-09-08 13:05 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\NVIDIA 2019-02-04 20:50 - 2017-09-08 12:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2019-02-04 20:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-02-04 20:49 - 2017-09-08 12:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2019-02-03 18:42 - 2017-09-08 14:54 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\CrashDumps 2019-02-01 23:36 - 2017-09-08 12:19 - 001682392 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2019-02-01 21:19 - 2018-12-29 22:14 - 013287800 _____ C:\Windows\system32\Drivers\FACEIT.sys 2019-02-01 03:40 - 2017-09-08 12:22 - 037286456 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2019-02-01 03:39 - 2017-09-08 13:02 - 000506208 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2019-02-01 03:38 - 2017-09-08 13:02 - 004868928 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2019-01-31 22:19 - 2018-12-29 22:14 - 000000000 ____D C:\Program Files\FACEIT AC 2019-01-31 22:14 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-01-31 22:14 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-01-31 15:01 - 2017-09-08 12:51 - 000000000 ____D C:\Users\GAMEPC\AppData\LocalLow\Mozilla 2019-01-31 08:26 - 2017-09-08 12:21 - 000046936 _____ C:\Windows\system32\nvinfo.pb 2019-01-31 08:26 - 2017-09-08 12:20 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2019-01-30 22:09 - 2017-09-08 13:03 - 005364776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 002624824 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 001767920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000651248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000124968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2019-01-30 15:15 - 2017-09-08 13:03 - 008488852 _____ C:\Windows\system32\nvcoproc.bin 2019-01-29 17:21 - 2017-10-13 15:36 - 000000000 ____D C:\Users\GAMEPC\Documents\ViberDownloads 2019-01-26 16:03 - 2017-09-08 13:03 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2019-01-25 16:58 - 2018-08-04 01:57 - 000000000 ____D C:\ProgramData\TruckersMP 2019-01-21 14:28 - 2017-09-26 23:48 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\ElevatedDiagnostics 2019-01-19 23:47 - 2018-07-27 17:56 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2019-01-19 17:40 - 2017-09-08 13:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Skype 2019-01-19 17:40 - 2017-09-08 12:39 - 000001318 _____ C:\Users\Public\Desktop\Skype.lnk 2019-01-19 17:40 - 2017-09-08 12:39 - 000000000 ____D C:\ProgramData\Skype 2019-01-19 17:39 - 2017-09-08 12:39 - 000000000 ___RD C:\Program Files (x86)\Skype ==================== Files in the root of some directories ======= 2018-12-17 20:42 - 2018-12-23 18:48 - 000007597 _____ () C:\Users\GAMEPC\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== 2019-01-29 04:11 - 2019-01-29 04:11 - 000000196 _____ () C:\Users\GAMEPC\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll 2019-01-02 23:12 - 2019-01-06 00:10 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\25bac1013fc49581f9f82c556d27f9bb.dll 2019-01-29 04:11 - 2019-02-09 21:58 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\d92b9ce5f9f41a6d518fdcbc62bd3532.dll 2019-01-15 17:01 - 2019-01-11 11:31 - 000397520 _____ (NVIDIA Corporation) C:\Users\GAMEPC\AppData\Local\Temp\nvStInst.exe 2019-01-19 17:38 - 2019-01-19 17:39 - 062928040 _____ (Skype Technologies S.A.) C:\Users\GAMEPC\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\SysWOW64\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-02-02 06:31 ==================== End of FRST.txt ============================
  21. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 8.02.2019 Ran by GAMEPC (10-02-2019 15:36:40) Running from C:\Users\GAMEPC\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2017-09-08 09:32:01) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2297230751-1021565052-1431566534-500 - Administrator - Disabled) GAMEPC (S-1-5-21-2297230751-1021565052-1431566534-1000 - Administrator - Enabled) => C:\Users\GAMEPC Guest (S-1-5-21-2297230751-1021565052-1431566534-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) ATI Catalyst Install Manager (HKLM\...\{DC9C8BC1-72CE-B5FE-EA4F-6D9127E51746}) (Version: 3.0.736.0 - ATI Technologies, Inc.) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP) CpuCoreParking (HKLM-x32\...\{0984C56D-2985-4786-AB62-39AB985E269C}) (Version: 2.1.2.0 - CpuCoreParking) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.81 - NVIDIA Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.14.5270 - Gretech Corporation) Google Chrome (HKLM\...\{DA081EB6-F64C-358C-9BB0-AF1EA8001F34}) (Version: 71.0.3578.98 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office Language Pack 2010 - Bulgarian/български (HKLM-x32\...\Office14.OMUI.bg-bg) (Version: 14.0.4763.1021 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Mozilla Firefox 64.0.2 (x64 bg) (HKLM\...\Mozilla Firefox 64.0.2 (x64 bg)) (Version: 64.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision Driver 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 418.81 - NVIDIA Corporation) NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation) NVIDIA Graphics Driver 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 418.81 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation) NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software) PokerStars.bg (HKLM-x32\...\PokerStars.bg) (Version: - PokerStars.bg) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.16291 - Kakao Corp.) PotPlayer-64 bit (HKLM-x32\...\PotPlayer64) (Version: 1.7.8556 - Kakao Corp.) qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games) Skype, версия 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Spotify) (Version: 1.0.99.250.g936eab8d - Spotify AB) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft) Viber (HKLM-x32\...\{0235CB19-2284-4C34-9CF9-04078CF94C32}) (Version: 7.7.0.1126 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\{f37aa91a-8669-4ac1-bb40-8cc05c3beca1}) (Version: 7.7.0.1126 - Viber Media Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinRAR 5.50 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1EC5AF9E-5A52-4FE5-A2E8-539165748CC5} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {29CD2B59-F360-4EA0-8046-E993FB989355} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {3216E845-2829-4DBE-AA88-3252ACB814DC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3DAD135E-7AD5-4D57-B3E2-9E7F6AD9E01C} - System32\Tasks\{76A40252-E785-4407-9A98-34E12F6F05C9} => C:\Windows\system32\pcalua.exe -a "c:\program files (x86)\hi-rez studios\HiRezGamesDiagAndSupport.exe" -c uninstall=0 Task: {47FB829C-5030-4A81-8AE1-E19E047EF8CF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {593E836D-18E7-4C3A-A10E-E739556F42F1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {64503CA0-D96B-485A-A2ED-32E1ADEC5130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc -> Google Inc.) Task: {82C47114-5EDD-46D5-95B9-AA03FCB16F9C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {94F3AB4C-229D-4981-8100-F63CF93E0D45} - System32\Tasks\Opera scheduled Autoupdate 1504866897 => C:\Program Files (x86)\Opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software) Task: {96F1B500-22FF-4448-9D51-718DA940360E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9D60B4F8-D682-4540-9CBB-BBA043460DF1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A19D33FF-7FBC-4D6F-B122-FFBC2947D956} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {A95A63BB-59FF-4E60-A4BC-C4AF14655608} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B7BAE40D-B03C-4ABB-BBB5-9C26431B4B11} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe Task: {CB523FAF-057C-440F-B17F-8A36BBB5394E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F67C982E-B27B-4B4D-B6F1-B5474BEA2341} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {F77C5DF3-2A9F-4C58-909F-C3F4DFDE4752} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FB761E82-2ABF-4B7D-A0A8-3F00F3533DD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc -> Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic ==================== Loaded Modules (Whitelisted) ============== 2018-05-24 21:15 - 2018-12-06 12:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2010-01-09 19:17 - 2010-01-09 19:17 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2019-02-10 14:48 - 2019-01-25 16:36 - 002845712 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2019-02-10 14:48 - 2019-01-24 11:09 - 002714000 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-12-12 21:53 - 2018-12-12 07:12 - 002682336 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libglesv2.dll 2018-12-12 21:53 - 2018-12-12 07:12 - 000156640 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libegl.dll 2018-12-24 20:42 - 2018-12-24 20:42 - 025600512 _____ () C:\Program Files\qBittorrent\qbittorrent.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 94.72.140.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: FACEIT => "C:\Users\GAMEPC\AppData\Local\FACEITApp\update.exe" --processStart "FACEIT.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{11074DEE-7B8C-4DC2-AE4C-93DF0A309913}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D19357FE-92D5-4C15-865D-6BA1144E3141}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{21EB0059-8DA7-4F26-8EBC-947F0C4E2AAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{F8BB1871-4D02-4C5E-A222-4D557710B3E1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{1EE7FB5D-9E25-4DA9-ACB5-D608ECDBB452}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{84ACAD4A-CAC3-405E-BED8-CCE7B6F558B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5C9FEA0E-0037-4228-8A5E-308AD75AC1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FD05E114-41E1-4EC3-B5A2-BBA593EE39E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{831352BE-7396-43E6-9657-9ED9D8BAB30D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{AB5ACC3F-22CB-469F-9EB3-8D69417E7CD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{43ADA9C0-2E56-45D1-B73D-9C89040C463D}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{06129773-C563-4DFF-8D34-BEA82843A4F0}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [TCP Query User{A7A3205E-5145-4588-981D-700ACBF67C2F}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File FirewallRules: [UDP Query User{FCB7CF1E-D214-47B7-8337-D288C7BAF41D}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File FirewallRules: [TCP Query User{0D1FADB8-FCE1-4E0E-B19A-D5490965A994}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [UDP Query User{F6FECCC1-1C2E-45A5-B7AC-EAF4B88229DF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [TCP Query User{DEFA441A-0140-4630-9B49-0F0DB88705EC}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.) FirewallRules: [UDP Query User{2F3AD7BE-C36D-4E24-BFFA-EED5BE5D11F4}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.) FirewallRules: [{3B7D3801-5557-4905-A940-9FFB3D9419C2}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe () FirewallRules: [{B5A843B5-4869-438A-A418-D42BF3EC672D}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe () FirewallRules: [{B5E37EE1-9BE1-4B57-9AD5-EEF981D7F031}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () FirewallRules: [{DC6EA5CC-0B14-4DA5-BA55-E772E5860678}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () FirewallRules: [{C118432B-871D-4268-9C07-248641F7E265}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe (Codemasters Software Company Limited) FirewallRules: [{9A5D2120-07BE-4587-9767-DFFC0484207F}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe (Codemasters Software Company Limited) FirewallRules: [{CC5A4281-306D-4711-91C7-E00E2ABEBC40}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () FirewallRules: [{8A4DCBEC-E89C-462E-8216-8A9A38C394ED}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () FirewallRules: [{BA413E19-022B-4719-B578-4F0E6C99F5FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FDAF511F-0C5C-4E27-8950-6B78D13412DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{B1B4DF97-831E-413C-A928-4176B7B76801}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe No File FirewallRules: [UDP Query User{8691C936-9089-4A6A-9831-A0087C639A9C}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe No File FirewallRules: [{FF76D716-DBA6-437A-A34F-847AF6AB88AD}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{13A0D233-1007-4376-A4B4-1DA27C101ECB}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [TCP Query User{86D55748-40A6-4288-AEF7-2C0B25BDF778}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [UDP Query User{D8AE6DDF-C0F2-475C-AB9C-B84C11DDC8AB}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [TCP Query User{695C8135-FF2C-4E94-9566-E526643684CA}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [UDP Query User{3091889E-265D-4648-88DF-CEE54431325D}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [{19A95D83-1997-4E1D-B782-E9518C66DFBB}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{A1F359C7-4712-4555-B250-972DC5238157}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{9310E9DD-E024-4761-B062-698FB0E3AB13}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{F2B11A3B-CC53-4DFF-B8AC-3ADDA6F5D794}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{DB2F74E8-C7EB-44B3-81D7-12B84175E2EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{E44676E1-030C-4238-B65F-434792B61DE5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{0E47D0AA-C664-4226-B706-39D5D9E15552}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [{0FE9DEBC-25B9-4A7D-A2B1-D61EE33E7F27}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [TCP Query User{0E86F5BD-F2B3-4EF9-8B0C-48823DA809CB}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [UDP Query User{0C5E839A-52EC-40D4-969E-24F12ED8D2D0}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [TCP Query User{8796E73D-79C0-4D0B-AF34-FB3AF9BCC9BA}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [UDP Query User{EFB29360-AB3A-4A44-9CB4-EF91CEBDB39C}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [{CE4CC83D-33DB-4941-B63E-839395BEF26D}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{62B0C736-3662-4965-ABCF-C095480B3E5E}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{91266298-136D-4BB3-8C13-A850A76C9BF1}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{E3EAEE44-6095-4A5E-BE2F-F3E3F8349E0A}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{12A4A27A-BB67-48E9-9C50-3BFF7FAFB778}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{AEEB531B-9796-4704-ACF2-4D21152475BF}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{7F3749E0-59C1-4422-B6F5-FB6E3727295D}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{60F8D80B-FA92-4B64-93F5-05A4F7DADF00}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{2D541380-97BF-4291-BDBE-2F2228CAEA60}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{127D37C8-619F-462E-BE1A-E32131065FF4}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{3AE125A7-E2F2-4264-9007-75C3A531B173}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) FirewallRules: [{9CB2E9CF-4CF5-4270-90C8-708DF5C9EA41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5DDB721B-805F-4405-9439-CF48D05CD91D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FBCDCF18-DF9A-480D-8245-D45ACCBABE9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{38AC95F2-BD01-4E8B-9093-31663D8E317A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{458841A3-2771-481D-884C-B7930C379C97}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{235BAD27-D13D-420B-8B97-7A919F070DAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{13789DD3-E1EC-4822-B391-E7109AE3CC48}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [TCP Query User{3DE0592A-8D12-447D-939D-BCA439AFF137}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{33216198-C2C2-482B-9DC9-2D0D13DBB4FA}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BC1B52E7-C2B8-4017-8791-69B710F1CCBB}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{270B0322-3799-457B-960A-455318931953}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{A13AA196-1978-4C67-902B-2460B54A5BBF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{EF08AF4C-3154-4DAB-BCE6-F39115FD1EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{DFBF8C13-3341-468F-9043-C61EE1DF2608}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{64832D58-8D2F-49F2-9821-FC19B1E90DA6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{26B327D5-AC62-4B35-9E8A-241677C45E6B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{17F7F489-79F0-4B1E-8C40-2AE2479A4164}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) FirewallRules: [{12452DC3-0184-4D50-9874-AFEDEF2EFAA9}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) FirewallRules: [{59D96386-6E3E-4356-8348-CF3CFA65A81B}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{FFA55DD9-7016-4EC4-A808-1A467A45E95C}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{DC649560-4400-4885-84A1-B96EE04BD03C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{962C91EA-9380-4D1D-8A2F-E951089E3F37}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6E404A41-222B-4F61-937B-39B8D0A5BE40}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{394ABFE5-D758-4C24-B451-12FE329ECF53}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{CAB0B3BC-BD97-4B9F-AD34-4EA3FD6A653B}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{D1AE7604-9B6C-4322-8475-D1AC1B29A431}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) ==================== Restore Points ========================= 01-02-2019 16:11:32 Планирана контролна точка 09-02-2019 15:07:59 Планирана контролна точка ==================== Faulty Device Manager Devices ============= Name: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Description: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Service: L1C Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (02/10/2019 03:14:05 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (02/10/2019 02:59:56 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (02/10/2019 03:12:13 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/10/2019 03:12:13 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/09/2019 03:26:38 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/09/2019 03:26:38 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/08/2019 04:45:30 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/08/2019 04:45:29 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (02/10/2019 03:15:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Услуга NVIDIA Telemetry Container прекъсна със следната грешка: Изпълним файл за обща команда върна резултат, показващ грешка. Error: (02/10/2019 03:14:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: cdrom Error: (02/10/2019 03:13:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Услуга NVIDIA Telemetry Container прекъсна със следната грешка: Изпълним файл за обща команда върна резултат, показващ грешка. Error: (02/10/2019 03:08:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга Software Protection беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 120000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата. Error: (02/10/2019 03:08:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга NVIDIA LocalSystem Container беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата. Error: (02/10/2019 03:08:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга NVIDIA Display Container LS беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата. Error: (02/10/2019 03:01:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Услуга NVIDIA Telemetry Container прекъсна със следната грешка: Изпълним файл за обща команда върна резултат, показващ грешка. Error: (02/10/2019 03:00:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: cdrom ==================== Memory info =========================== Processor: AMD FX-8320E Eight-Core Processor Percentage of memory in use: 43% Total physical RAM: 8189.54 MB Available physical RAM: 4607.45 MB Total Virtual: 16377.26 MB Available Virtual: 11707.37 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:150 GB) (Free:71.07 GB) NTFS Drive d: () (Fixed) (Total:781.41 GB) (Free:386.89 GB) NTFS \\?\Volume{2f050b3f-9477-11e7-8c98-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0C59AE75) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=781.4 GB) - (Type=05) ==================== End of Addition.txt ============================
  22. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 2/10/19 Scan Time: 2:50 PM Log File: 7c778b9a-2d32-11e9-a9ec-048d38748987.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.538 Update Package Version: 1.0.9196 License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: GAMEPC-PC\GAMEPC -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 258630 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 6 min, 23 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled # ------------------------------- # Malwarebytes AdwCleaner 7.1.1.0 # ------------------------------- # Build: 04-24-2018 # Database: # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 02-10-2019 # Duration: 00:00:03 # OS: Windows 7 Home Premium # Cleaned: 22 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\ProgramData\IObit\Advanced SystemCare Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare Deleted C:\Users\GAMEPC\AppData\LocalLow\IObit\Advanced SystemCare Deleted C:\Users\GAMEPC\AppData\Roaming\IObit\Advanced SystemCare Deleted C:\Users\GAMEPC\AppData\Roaming\Tencent Deleted C:\Users\GAMEPC\AppData\LocalLow\.acestream Deleted C:\Users\GAMEPC\AppData\Roaming\.acestream Deleted C:\Users\GAMEPC\AppData\Roaming\acestream Deleted C:\Program Files\Hola Deleted C:\Users\GAMEPC\AppData\Roaming\Hola ***** [ Files ] ***** Deleted C:\Users\GAMEPC\Downloads\Hola-Setup.exe Deleted C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\invalidprefs.js ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Classes\acestream Deleted HKCU\Software\RegisteredApplications|AceStream Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare Deleted HKLM\Software\Wow6432Node\IOBIT\ASC Deleted HKCU\Software\Hola Deleted HKLM\Software\Wow6432Node\Hola Deleted HKLM\Software\Hola Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org Deleted HKCU\Software\Classes\.acestream ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Надявам се да съм качил правилните лог файлове ;д А и фифата е изтрита нормално PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 RiskWare.Tool.CK, C:\WINDOWS\KMSEMULATOR.EXE, Quarantined, [5761], [25649],1.0.9196 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  23. Добър ден, искам да попитам дали не съм се заразил с някоя гадинка тъй като от около седмица пц-то работи доста бавно,като дори когато в момента пиша това и натисна дясно копче върху самият сайт то отворения прозорец остава така замазан на екрана както и ако отворя някоя друга програма върху сайта или друг няма значение. Дали случайно не съм се напълнил с гадинки или просто лин-а е просто за преинсталация и е доста намазан ? Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 8.02.2019 Ran by GAMEPC (administrator) on GAMEPC-PC (10-02-2019 12:37:44) Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [StereoLinksInstall] => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [2362248 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Viber] => C:\Users\GAMEPC\AppData\Local\Viber\Viber.exe [37073480 2019-01-30] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Spotify] => C:\Users\GAMEPC\AppData\Roaming\Spotify\Spotify.exe [26154216 2019-02-03] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35195280 2019-02-01] (Epic Games Inc. -> Epic Games, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc -> Google Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 94.72.140.1 Tcpip\..\Interfaces\{F8E6BFBF-08DD-4CEC-8468-25670AF9DFE4}: [DhcpNameServer] 94.72.140.1 Internet Explorer: ================== HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF DefaultProfile: mrpwyf7s.default FF ProfilePath: C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default [2019-01-31] FF user.js: detected! => C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\user.js [2019-01-02] FF Homepage: Mozilla\Firefox\Profiles\mrpwyf7s.default -> google.bg FF Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\[email protected] [2019-01-31] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] () FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-01-30] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-01-30] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.bg/" CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default [2019-02-10] CHR Extension: (Презентации) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Документи) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Диск) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (YouTube) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-08] CHR Extension: (Таблици) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Документи офлайн) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (Hoxx VPN Proxy) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2019-01-23] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-08] CHR Extension: (Chrome Media Router) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-07] Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-12-20] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-01-31] (BattlEye Innovations e.K. -> ) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-07-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 mracsvc; C:\Windows\System32\mracsvc.exe [11132176 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [8019808 2018-03-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2017-09-08] (Realtek Semiconductor.) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-06-20] (Microsoft Windows -> Microsoft Corporation) R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2651136 2017-09-08] (Microsoft Corporation) [File not signed] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-09-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R0 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [67128 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [28216 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2009-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [13287800 2019-02-01] (FACE IT LIMITED -> ) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-08] (Martin Malik - REALiX -> REALiX(tm)) S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2017-09-08] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.) S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [10348560 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation) R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2017-09-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [34872 2009-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-02-10 12:37 - 2019-02-10 12:38 - 000016274 _____ C:\Users\GAMEPC\Downloads\FRST.txt 2019-02-10 12:37 - 2019-02-10 12:37 - 002434048 _____ (Farbar) C:\Users\GAMEPC\Downloads\FRST64.exe 2019-02-10 12:37 - 2019-02-10 12:37 - 000000000 ____D C:\FRST 2019-02-09 10:46 - 2019-02-09 10:46 - 008736903 _____ C:\Users\GAMEPC\Downloads\5. Курве.mp4 2019-02-08 23:47 - 2019-02-08 23:47 - 000004811 _____ C:\Users\GAMEPC\Downloads\niko.zip 2019-02-08 03:03 - 2019-02-08 03:03 - 067321320 _____ (Electronic Arts) C:\Users\GAMEPC\Downloads\ApexLegendsInstaller.exe 2019-02-06 23:56 - 2019-02-06 23:56 - 000014497 _____ C:\Users\GAMEPC\Downloads\Flight.of.the.Phoenix.2004.BRRip.XviD.BGAUDiO-KiNGS.torrent 2019-02-06 23:56 - 2019-02-06 23:56 - 000014497 _____ C:\Users\GAMEPC\Downloads\Flight.of.the.Phoenix.2004.BRRip.XviD.BGAUDiO-KiNGS (1).torrent 2019-02-06 13:10 - 2019-02-06 13:10 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Viber 2019-02-05 14:41 - 2019-02-05 14:41 - 014648464 _____ (Microsoft Corporation) C:\Users\GAMEPC\Downloads\vc_redist.x86.exe 2019-02-04 20:49 - 2019-01-30 22:07 - 000133512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2019-02-04 20:47 - 2019-02-04 20:49 - 000000000 ____D C:\Windows\LastGood 2019-02-04 20:45 - 2019-02-01 23:36 - 000228768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2019-02-04 20:45 - 2019-02-01 23:36 - 000047592 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 001005984 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 001005984 _____ C:\Windows\system32\vulkan-1.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000869584 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000869584 _____ C:\Windows\SysWOW64\vulkan-1.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000551920 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000457304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000269520 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000269520 _____ C:\Windows\system32\vulkaninfo.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000243920 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000243920 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2019-02-04 20:45 - 2019-02-01 03:41 - 071470016 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 040344024 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 030021616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 020887352 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 020409840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2019-02-04 20:45 - 2019-02-01 03:41 - 001463952 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 001129368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000631440 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000521872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000419832 _____ C:\Windows\system32\nvofapi64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000368808 _____ C:\Windows\SysWOW64\nvofapi.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 040235096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 035140696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 004868080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 004339616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 002030736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001734560 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441881.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001533936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001467864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441881.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 000497056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 035477392 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 031989600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 029985200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 021206192 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 020096416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 017616432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 010894304 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 009254488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 001168936 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000914912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000524248 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000450648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000419776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000182040 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000163184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000159480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000141568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2019-02-04 20:45 - 2019-02-01 03:38 - 017424680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2019-02-04 20:45 - 2019-02-01 03:38 - 004311968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2019-02-04 20:45 - 2019-01-31 08:26 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2019-02-04 20:45 - 2019-01-31 08:26 - 000000669 _____ C:\Windows\system32\nv-vk64.json 2019-02-04 00:33 - 2019-02-04 00:33 - 000016205 _____ C:\Users\GAMEPC\Downloads\Beautiful.Creature.2013.BRRip.XviD.AC3.BGAUDiO-SiSO&QT.torrent 2019-02-02 19:10 - 2019-02-02 19:10 - 000032425 _____ C:\Users\GAMEPC\Downloads\Speed.2.1997.DVDRip.XviD.BGAUDiO-ZmN.torrent 2019-02-02 19:09 - 2019-02-02 19:09 - 000056272 _____ C:\Users\GAMEPC\Downloads\Speed 2 (1997)[DVDRip].torrent 2019-01-31 21:58 - 2019-01-31 21:58 - 000061719 _____ C:\Users\GAMEPC\Downloads\ggirl_din.(subs.sab.bz).rar 2019-01-31 21:58 - 2019-01-31 21:58 - 000012712 _____ C:\Users\GAMEPC\Downloads\Gone.Girl.2014.576p.BRRip.x265-DiN.torrent 2019-01-30 22:43 - 2019-01-30 22:43 - 000023223 _____ C:\Users\GAMEPC\Downloads\The.Call.2013.720p.BluRay.x264_SPARKS.(subs.sab.bz).zip 2019-01-30 22:43 - 2019-01-30 22:43 - 000014490 _____ C:\Users\GAMEPC\Downloads\The.Call.BDRip.XviD.AC3-WAR (1).torrent 2019-01-30 22:41 - 2019-01-30 22:41 - 000014490 _____ C:\Users\GAMEPC\Downloads\The.Call.BDRip.XviD.AC3-WAR.torrent 2019-01-30 22:22 - 2019-01-30 22:22 - 000028835 _____ C:\Users\GAMEPC\Downloads\Taking.Lives.DC.2004.720p.HDDVD.x264_ESiR.(subs.sab.bz).zip 2019-01-30 22:22 - 2019-01-30 22:22 - 000019710 _____ C:\Users\GAMEPC\Downloads\Taking.Lives.2004.DC.BRRip.x264.AAC-WAR.torrent 2019-01-29 20:26 - 2019-01-29 20:26 - 000029511 _____ C:\Users\GAMEPC\Downloads\The_Cloverfield_Paradox.2018.HDRip.XViD_ETRG.(subs.sab.bz).zip 2019-01-29 20:26 - 2019-01-29 20:26 - 000008066 _____ C:\Users\GAMEPC\Downloads\The.Cloverfield.Paradox.2018.HDRip.XviD.AC3-EVO.torrent 2019-01-29 20:22 - 2019-01-29 20:22 - 000029721 _____ C:\Users\GAMEPC\Downloads\tucker.and.dale.vs.evil.2010.bluray.720p.dts.x264-chd(subsunacs.net).rar 2019-01-29 20:21 - 2019-01-29 20:21 - 000014671 _____ C:\Users\GAMEPC\Downloads\Tucker.And.Dale.vs.Evil.2010.BRRip.XviD-DiN.torrent 2019-01-29 20:11 - 2019-01-29 20:11 - 000014405 _____ C:\Users\GAMEPC\Downloads\Predators.2010.DVDRip.XviD.BG.AUDIO-BDB.torrent 2019-01-29 20:03 - 2019-01-29 20:03 - 000011568 _____ C:\Users\GAMEPC\Downloads\Pandorum.2008.1080p.BluRay.H264.AAC.Dual Audio-ASA.torrent 2019-01-29 19:56 - 2019-01-29 19:56 - 000015401 _____ C:\Users\GAMEPC\Downloads\Abraham.Lincoln.Vampire.Hunter.2012.480p.BDRip.x264.DUAL-SLSS.torrent 2019-01-29 19:55 - 2019-01-29 19:55 - 000027007 _____ C:\Users\GAMEPC\Downloads\cocaine.godmother.2017.720p.webrip.x264-yts.am(subsunacs.net).rar 2019-01-29 19:55 - 2019-01-29 19:55 - 000013125 _____ C:\Users\GAMEPC\Downloads\Cocaine.Godmother.2017.WEBRip.x265-DiN.torrent 2019-01-29 17:26 - 2019-01-29 17:26 - 000014876 _____ C:\Users\GAMEPC\Downloads\api-ms-win-crt-runtime-l1-1-0.dll_85.rar 2019-01-28 17:46 - 2019-01-28 17:46 - 000017617 _____ C:\Users\GAMEPC\Downloads\Ghost.Ship.2002.720p.BluRay.x264_DON.(subs.sab.bz).rar 2019-01-28 17:46 - 2019-01-28 17:46 - 000014588 _____ C:\Users\GAMEPC\Downloads\Ghost.Ship.2002.BDRp.XviD.AC3-WAR.torrent 2019-01-28 00:46 - 2019-01-28 00:46 - 000014403 _____ C:\Users\GAMEPC\Downloads\top_gear.17x07.india_special.hdtv_xvid-fov.avi (1).torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000033323 _____ C:\Users\GAMEPC\Downloads\top.gear.at.the.movies.2011.bdrip.xvid-taste(subsunacs.net).rar 2019-01-28 00:02 - 2019-01-28 00:02 - 000014764 _____ C:\Users\GAMEPC\Downloads\Top.Gear.At.The.Movies.2011.BDRip.XviD-TASTE.torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000014423 _____ C:\Users\GAMEPC\Downloads\Top.Gear.S14E06.DVBRip.XviD.BGAudio.torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000011585 _____ C:\Users\GAMEPC\Downloads\Top.Gear.The.Great.African.Adventure.2013.720p.BluRay.x264.torrent 2019-01-28 00:00 - 2019-01-28 00:00 - 000036810 _____ C:\Users\GAMEPC\Downloads\Top_Gear_India_Special.(subs.sab.bz).rar 2019-01-27 23:59 - 2019-01-27 23:59 - 000014401 _____ C:\Users\GAMEPC\Downloads\top_gear.17x07.india_special.hdtv_xvid-fov.avi.torrent 2019-01-26 04:50 - 2019-01-26 04:50 - 000011416 _____ C:\Users\GAMEPC\Downloads\Top Gear - Burma Special.torrent 2019-01-26 04:47 - 2019-01-26 04:47 - 000020539 _____ C:\Users\GAMEPC\Downloads\Top.Gear.The.Worst.Car.In.The.History.Of.The.World.2012.720p.BluRay.x264.torrent 2019-01-25 04:45 - 2019-01-25 04:45 - 000016631 _____ C:\Users\GAMEPC\Downloads\Top Gear - Season 16.torrent 2019-01-23 23:26 - 2019-01-23 23:26 - 000000219 _____ C:\Users\GAMEPC\Desktop\Counter-Strike Global Offensive.url 2019-01-20 15:34 - 2019-01-20 15:34 - 000094134 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x08.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000092379 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x07.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000086708 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x06.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000067819 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x10.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000063437 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x09.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000055727 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x05.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000051267 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x11.(subs.sab.bz).zip 2019-01-19 22:51 - 2019-01-19 22:51 - 000000222 _____ C:\Users\GAMEPC\Desktop\DiRT 3 Complete Edition.url 2019-01-19 17:40 - 2019-01-19 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-01-18 18:47 - 2019-01-18 18:47 - 000091478 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x04.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:47 - 000104011 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02E02.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:47 - 000086312 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x03.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:46 - 000101264 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02E01.(subs.sab.bz).zip 2019-01-18 18:45 - 2019-01-18 18:45 - 000038914 _____ C:\Users\GAMEPC\Downloads\The.Grand.Tour.S02.WEBRip.X264-Mixed.torrent 2019-01-18 18:43 - 2019-01-18 18:43 - 000028976 _____ C:\Users\GAMEPC\Downloads\_Yavka.net_Goosebumps.2.Haunted.Halloween.2018.720p.BluRay.H264.AAC-RARBG.rar 2019-01-18 18:42 - 2019-01-18 18:42 - 000014612 _____ C:\Users\GAMEPC\Downloads\Goosebumps.2.Haunted.Halloween.2018.BRRip.XViD-ETRG.torrent 2019-01-18 17:30 - 2019-01-18 17:36 - 032841688 _____ C:\Users\GAMEPC\Downloads\masturbira pred kamera.flv 2019-01-18 17:30 - 2019-01-18 17:32 - 011506791 _____ C:\Users\GAMEPC\Downloads\Bulgarian teen girl selfshot her orgasm - xHamster.com.flv 2019-01-18 17:29 - 2019-01-18 17:50 - 196627499 _____ C:\Users\GAMEPC\Downloads\Тийнейджърка.mkv 2019-01-18 17:27 - 2019-01-18 17:28 - 021624320 _____ C:\Users\GAMEPC\Downloads\Maria Bratoeva - Ruse.avi 2019-01-18 17:27 - 2019-01-18 17:27 - 003177723 _____ C:\Users\GAMEPC\Downloads\Cumming on my girlfriend's tits and face - xHamster.com.flv 2019-01-18 17:27 - 2019-01-18 17:27 - 001862496 _____ C:\Users\GAMEPC\Downloads\SEX Denica Stoqnova .3gp 2019-01-18 17:27 - 2019-01-18 17:27 - 000215130 _____ C:\Users\GAMEPC\Downloads\Seks v kenefa.3gp 2019-01-18 17:13 - 2019-01-18 17:23 - 096802616 _____ C:\Users\GAMEPC\Downloads\PUTIBG_9-2. от Асеновград пред камератаvideo (1).flv 2019-01-18 14:31 - 2019-01-18 14:31 - 000003476 _____ C:\Users\GAMEPC\Downloads\d2c4a999-a7cb-4247-957e-b682f76cd2ea-profile_image-70x70.jpeg 2019-01-18 00:46 - 2019-01-18 00:46 - 000000218 _____ C:\Users\GAMEPC\Desktop\Counter-Strike.url 2019-01-17 17:01 - 2019-01-17 17:01 - 002982580 _____ C:\Users\GAMEPC\Downloads\19godina.avi 2019-01-17 17:01 - 2019-01-17 17:01 - 002982580 _____ C:\Users\GAMEPC\Downloads\19godina (1).avi 2019-01-17 16:57 - 2019-01-17 16:57 - 007733248 _____ C:\Users\GAMEPC\Downloads\Mimi Kavarna.3gp 2019-01-16 15:51 - 2019-01-16 15:51 - 002824729 _____ C:\Users\GAMEPC\Downloads\IMG_2378.MOV 2019-01-15 17:01 - 2019-01-12 06:02 - 000383568 _____ C:\Windows\system32\nvofapi.dll 2019-01-15 17:00 - 2019-01-12 06:01 - 002018184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441771.dll 2019-01-15 17:00 - 2019-01-12 06:01 - 001467648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441771.dll 2019-01-13 21:23 - 2019-01-13 21:23 - 000016563 _____ C:\Users\GAMEPC\Downloads\The.Hangover.Part.II.2011.BDRip.XviD.AC3.DUAL-REFLUX.torrent 2019-01-13 21:17 - 2019-01-13 21:17 - 000014673 _____ C:\Users\GAMEPC\Downloads\Accepted[2006]DvDrip[Eng]-aXXo.torrent 2019-01-13 21:09 - 2019-01-13 21:09 - 000014129 _____ C:\Users\GAMEPC\Downloads\The.Social.Network.2010.BDRip.XviD.AC3.BGAUDiO-SiSO.torrent 2019-01-11 01:57 - 2019-01-11 21:58 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\PokerStars.BG 2019-01-11 01:57 - 2019-01-11 02:00 - 000000000 ____D C:\Program Files (x86)\PokerStars.BG 2019-01-11 01:57 - 2019-01-11 01:57 - 000002008 _____ C:\Users\GAMEPC\Desktop\PokerStars.bg.lnk 2019-01-11 01:57 - 2019-01-11 01:57 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.BG 2019-01-11 01:56 - 2019-01-11 01:56 - 002174984 _____ (Rational Intellectual Holdings Ltd.) C:\Users\GAMEPC\Downloads\PokerStarsInstallBG.exe ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-02-10 12:25 - 2017-09-23 17:42 - 000000000 ____D C:\Program Files (x86)\Steam 2019-02-10 12:25 - 2017-09-08 13:03 - 000000000 ____D C:\ProgramData\NVIDIA 2019-02-10 03:18 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-02-10 03:18 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-02-10 01:24 - 2017-09-19 22:12 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\TS3Client 2019-02-09 17:55 - 2019-01-09 00:51 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Spotify 2019-02-09 17:37 - 2019-01-09 00:50 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Spotify 2019-02-09 10:55 - 2017-12-06 18:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\ViberPC 2019-02-07 15:31 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Opera 2019-02-07 01:05 - 2018-04-14 10:49 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Ubisoft Game Launcher 2019-02-07 00:01 - 2017-09-10 00:33 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\qBittorrent 2019-02-05 14:13 - 2017-09-08 13:05 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\NVIDIA 2019-02-04 20:50 - 2017-09-08 12:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2019-02-04 20:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-02-04 20:49 - 2017-09-08 12:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2019-02-04 20:46 - 2017-09-08 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2019-02-03 18:42 - 2017-09-08 14:54 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\CrashDumps 2019-02-01 23:36 - 2017-09-08 12:19 - 001682392 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2019-02-01 21:20 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-02-01 21:19 - 2018-12-29 22:14 - 013287800 _____ C:\Windows\system32\Drivers\FACEIT.sys 2019-02-01 03:40 - 2017-09-08 12:22 - 037286456 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2019-02-01 03:39 - 2017-09-08 13:02 - 000506208 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2019-02-01 03:38 - 2017-09-08 13:02 - 004868928 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2019-01-31 22:19 - 2018-12-29 22:14 - 000000000 ____D C:\Program Files\FACEIT AC 2019-01-31 22:14 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-01-31 22:14 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-01-31 15:01 - 2017-09-08 12:51 - 000000000 ____D C:\Users\GAMEPC\AppData\LocalLow\Mozilla 2019-01-31 08:26 - 2017-09-08 12:21 - 000046936 _____ C:\Windows\system32\nvinfo.pb 2019-01-31 08:26 - 2017-09-08 12:20 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2019-01-30 22:09 - 2017-09-08 13:03 - 005364776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 002624824 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 001767920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000651248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000124968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2019-01-30 15:15 - 2017-09-08 13:03 - 008488852 _____ C:\Windows\system32\nvcoproc.bin 2019-01-29 17:21 - 2017-10-13 15:36 - 000000000 ____D C:\Users\GAMEPC\Documents\ViberDownloads 2019-01-26 16:03 - 2017-09-08 13:03 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2019-01-25 16:58 - 2018-08-04 01:57 - 000000000 ____D C:\ProgramData\TruckersMP 2019-01-21 14:28 - 2017-09-26 23:48 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\ElevatedDiagnostics 2019-01-19 23:47 - 2018-07-27 17:56 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2019-01-19 17:40 - 2017-09-08 13:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Skype 2019-01-19 17:40 - 2017-09-08 12:39 - 000001318 _____ C:\Users\Public\Desktop\Skype.lnk 2019-01-19 17:40 - 2017-09-08 12:39 - 000000000 ____D C:\ProgramData\Skype 2019-01-19 17:39 - 2017-09-08 12:39 - 000000000 ___RD C:\Program Files (x86)\Skype 2019-01-12 02:01 - 2017-09-08 13:02 - 000505696 _____ (NVIDIA Corporation) C:\Windows\system32\SET3358.tmp 2019-01-12 02:01 - 2017-09-08 12:22 - 036884408 _____ (NVIDIA Corporation) C:\Windows\system32\SET39DF.tmp 2019-01-12 01:59 - 2017-09-08 13:02 - 004850072 _____ (NVIDIA Corporation) C:\Windows\system32\SETE88.tmp ==================== Files in the root of some directories ======= 2018-12-17 20:42 - 2018-12-23 18:48 - 000007597 _____ () C:\Users\GAMEPC\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== 2019-01-29 04:11 - 2019-01-29 04:11 - 000000196 _____ () C:\Users\GAMEPC\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll 2019-01-02 23:12 - 2019-01-06 00:10 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\25bac1013fc49581f9f82c556d27f9bb.dll 2019-01-29 04:11 - 2019-02-09 21:58 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\d92b9ce5f9f41a6d518fdcbc62bd3532.dll 2019-01-15 17:01 - 2019-01-11 11:31 - 000397520 _____ (NVIDIA Corporation) C:\Users\GAMEPC\AppData\Local\Temp\nvStInst.exe 2019-01-19 17:38 - 2019-01-19 17:39 - 062928040 _____ (Skype Technologies S.A.) C:\Users\GAMEPC\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\SysWOW64\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-02-02 06:31 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 8.02.2019 Ran by GAMEPC (10-02-2019 12:38:44) Running from C:\Users\GAMEPC\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2017-09-08 09:32:01) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2297230751-1021565052-1431566534-500 - Administrator - Disabled) GAMEPC (S-1-5-21-2297230751-1021565052-1431566534-1000 - Administrator - Enabled) => C:\Users\GAMEPC Guest (S-1-5-21-2297230751-1021565052-1431566534-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) ATI Catalyst Install Manager (HKLM\...\{DC9C8BC1-72CE-B5FE-EA4F-6D9127E51746}) (Version: 3.0.736.0 - ATI Technologies, Inc.) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP) CpuCoreParking (HKLM-x32\...\{0984C56D-2985-4786-AB62-39AB985E269C}) (Version: 2.1.2.0 - CpuCoreParking) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.81 - NVIDIA Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD) FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.14.5270 - Gretech Corporation) Google Chrome (HKLM\...\{DA081EB6-F64C-358C-9BB0-AF1EA8001F34}) (Version: 71.0.3578.98 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office Language Pack 2010 - Bulgarian/български (HKLM-x32\...\Office14.OMUI.bg-bg) (Version: 14.0.4763.1021 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Mozilla Firefox 64.0.2 (x64 bg) (HKLM\...\Mozilla Firefox 64.0.2 (x64 bg)) (Version: 64.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision Driver 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 418.81 - NVIDIA Corporation) NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation) NVIDIA Graphics Driver 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 418.81 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation) NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software) PokerStars.bg (HKLM-x32\...\PokerStars.bg) (Version: - PokerStars.bg) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.16291 - Kakao Corp.) PotPlayer-64 bit (HKLM-x32\...\PotPlayer64) (Version: 1.7.8556 - Kakao Corp.) qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games) Skype, версия 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Spotify) (Version: 1.0.99.250.g936eab8d - Spotify AB) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft) Viber (HKLM-x32\...\{0235CB19-2284-4C34-9CF9-04078CF94C32}) (Version: 7.7.0.1126 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\{f37aa91a-8669-4ac1-bb40-8cc05c3beca1}) (Version: 7.7.0.1126 - Viber Media Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinRAR 5.50 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1EC5AF9E-5A52-4FE5-A2E8-539165748CC5} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {29CD2B59-F360-4EA0-8046-E993FB989355} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {3216E845-2829-4DBE-AA88-3252ACB814DC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3DAD135E-7AD5-4D57-B3E2-9E7F6AD9E01C} - System32\Tasks\{76A40252-E785-4407-9A98-34E12F6F05C9} => C:\Windows\system32\pcalua.exe -a "c:\program files (x86)\hi-rez studios\HiRezGamesDiagAndSupport.exe" -c uninstall=0 Task: {47FB829C-5030-4A81-8AE1-E19E047EF8CF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {593E836D-18E7-4C3A-A10E-E739556F42F1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {64503CA0-D96B-485A-A2ED-32E1ADEC5130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc -> Google Inc.) Task: {82C47114-5EDD-46D5-95B9-AA03FCB16F9C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {94F3AB4C-229D-4981-8100-F63CF93E0D45} - System32\Tasks\Opera scheduled Autoupdate 1504866897 => C:\Program Files (x86)\Opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software) Task: {96F1B500-22FF-4448-9D51-718DA940360E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9D60B4F8-D682-4540-9CBB-BBA043460DF1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A19D33FF-7FBC-4D6F-B122-FFBC2947D956} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {A95A63BB-59FF-4E60-A4BC-C4AF14655608} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B7BAE40D-B03C-4ABB-BBB5-9C26431B4B11} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe Task: {CB523FAF-057C-440F-B17F-8A36BBB5394E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F67C982E-B27B-4B4D-B6F1-B5474BEA2341} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {F77C5DF3-2A9F-4C58-909F-C3F4DFDE4752} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FB761E82-2ABF-4B7D-A0A8-3F00F3533DD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc -> Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic ==================== Loaded Modules (Whitelisted) ============== 2010-01-09 19:17 - 2010-01-09 19:17 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2018-05-24 21:15 - 2018-12-06 12:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-08-29 01:53 - 2018-12-06 01:47 - 001066784 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll 2018-08-29 01:53 - 2018-11-20 02:56 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2018-08-29 01:53 - 2018-11-20 02:56 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2018-08-29 01:53 - 2018-11-20 02:56 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2018-12-12 21:53 - 2018-12-12 07:12 - 002682336 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libglesv2.dll 2018-12-12 21:53 - 2018-12-12 07:12 - 000156640 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libegl.dll 2017-09-08 13:04 - 2018-12-06 12:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-09-23 17:44 - 2018-12-06 01:47 - 000885536 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2017-09-23 17:44 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2017-09-23 17:44 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2017-09-23 17:44 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2017-09-23 17:44 - 2019-02-02 19:33 - 002667296 _____ () C:\Program Files (x86)\Steam\video.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000810784 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2017-09-23 17:44 - 2019-02-02 19:33 - 001031456 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-09-23 17:43 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\hola.org -> hxxp://hola.org ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 94.72.140.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: FACEIT => "C:\Users\GAMEPC\AppData\Local\FACEITApp\update.exe" --processStart "FACEIT.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{11074DEE-7B8C-4DC2-AE4C-93DF0A309913}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D19357FE-92D5-4C15-865D-6BA1144E3141}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{21EB0059-8DA7-4F26-8EBC-947F0C4E2AAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{F8BB1871-4D02-4C5E-A222-4D557710B3E1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{1EE7FB5D-9E25-4DA9-ACB5-D608ECDBB452}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{84ACAD4A-CAC3-405E-BED8-CCE7B6F558B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5C9FEA0E-0037-4228-8A5E-308AD75AC1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FD05E114-41E1-4EC3-B5A2-BBA593EE39E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{831352BE-7396-43E6-9657-9ED9D8BAB30D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{AB5ACC3F-22CB-469F-9EB3-8D69417E7CD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{43ADA9C0-2E56-45D1-B73D-9C89040C463D}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{06129773-C563-4DFF-8D34-BEA82843A4F0}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [TCP Query User{A7A3205E-5145-4588-981D-700ACBF67C2F}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File FirewallRules: [UDP Query User{FCB7CF1E-D214-47B7-8337-D288C7BAF41D}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File FirewallRules: [TCP Query User{0D1FADB8-FCE1-4E0E-B19A-D5490965A994}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [UDP Query User{F6FECCC1-1C2E-45A5-B7AC-EAF4B88229DF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [TCP Query User{DEFA441A-0140-4630-9B49-0F0DB88705EC}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.) FirewallRules: [UDP Query User{2F3AD7BE-C36D-4E24-BFFA-EED5BE5D11F4}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.) FirewallRules: [{3B7D3801-5557-4905-A940-9FFB3D9419C2}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe () FirewallRules: [{B5A843B5-4869-438A-A418-D42BF3EC672D}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe () FirewallRules: [{B5E37EE1-9BE1-4B57-9AD5-EEF981D7F031}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () FirewallRules: [{DC6EA5CC-0B14-4DA5-BA55-E772E5860678}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () FirewallRules: [{C118432B-871D-4268-9C07-248641F7E265}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe (Codemasters Software Company Limited) FirewallRules: [{9A5D2120-07BE-4587-9767-DFFC0484207F}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe (Codemasters Software Company Limited) FirewallRules: [{CC5A4281-306D-4711-91C7-E00E2ABEBC40}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () FirewallRules: [{8A4DCBEC-E89C-462E-8216-8A9A38C394ED}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () FirewallRules: [{BA413E19-022B-4719-B578-4F0E6C99F5FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FDAF511F-0C5C-4E27-8950-6B78D13412DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{B1B4DF97-831E-413C-A928-4176B7B76801}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [UDP Query User{8691C936-9089-4A6A-9831-A0087C639A9C}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [{FF76D716-DBA6-437A-A34F-847AF6AB88AD}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{13A0D233-1007-4376-A4B4-1DA27C101ECB}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [TCP Query User{86D55748-40A6-4288-AEF7-2C0B25BDF778}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [UDP Query User{D8AE6DDF-C0F2-475C-AB9C-B84C11DDC8AB}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [TCP Query User{695C8135-FF2C-4E94-9566-E526643684CA}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [UDP Query User{3091889E-265D-4648-88DF-CEE54431325D}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [{19A95D83-1997-4E1D-B782-E9518C66DFBB}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{A1F359C7-4712-4555-B250-972DC5238157}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{9310E9DD-E024-4761-B062-698FB0E3AB13}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{F2B11A3B-CC53-4DFF-B8AC-3ADDA6F5D794}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{DB2F74E8-C7EB-44B3-81D7-12B84175E2EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{E44676E1-030C-4238-B65F-434792B61DE5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{0E47D0AA-C664-4226-B706-39D5D9E15552}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [{0FE9DEBC-25B9-4A7D-A2B1-D61EE33E7F27}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [TCP Query User{0E86F5BD-F2B3-4EF9-8B0C-48823DA809CB}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [UDP Query User{0C5E839A-52EC-40D4-969E-24F12ED8D2D0}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [TCP Query User{8796E73D-79C0-4D0B-AF34-FB3AF9BCC9BA}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [UDP Query User{EFB29360-AB3A-4A44-9CB4-EF91CEBDB39C}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [{CE4CC83D-33DB-4941-B63E-839395BEF26D}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{62B0C736-3662-4965-ABCF-C095480B3E5E}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{91266298-136D-4BB3-8C13-A850A76C9BF1}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{E3EAEE44-6095-4A5E-BE2F-F3E3F8349E0A}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{12A4A27A-BB67-48E9-9C50-3BFF7FAFB778}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{AEEB531B-9796-4704-ACF2-4D21152475BF}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{7F3749E0-59C1-4422-B6F5-FB6E3727295D}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{60F8D80B-FA92-4B64-93F5-05A4F7DADF00}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{2D541380-97BF-4291-BDBE-2F2228CAEA60}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{127D37C8-619F-462E-BE1A-E32131065FF4}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{3AE125A7-E2F2-4264-9007-75C3A531B173}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) FirewallRules: [{9CB2E9CF-4CF5-4270-90C8-708DF5C9EA41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5DDB721B-805F-4405-9439-CF48D05CD91D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FBCDCF18-DF9A-480D-8245-D45ACCBABE9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{38AC95F2-BD01-4E8B-9093-31663D8E317A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{458841A3-2771-481D-884C-B7930C379C97}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{235BAD27-D13D-420B-8B97-7A919F070DAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{13789DD3-E1EC-4822-B391-E7109AE3CC48}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [TCP Query User{3DE0592A-8D12-447D-939D-BCA439AFF137}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{33216198-C2C2-482B-9DC9-2D0D13DBB4FA}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BC1B52E7-C2B8-4017-8791-69B710F1CCBB}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{270B0322-3799-457B-960A-455318931953}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{A13AA196-1978-4C67-902B-2460B54A5BBF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{EF08AF4C-3154-4DAB-BCE6-F39115FD1EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{DFBF8C13-3341-468F-9043-C61EE1DF2608}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{64832D58-8D2F-49F2-9821-FC19B1E90DA6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{26B327D5-AC62-4B35-9E8A-241677C45E6B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{17F7F489-79F0-4B1E-8C40-2AE2479A4164}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) FirewallRules: [{12452DC3-0184-4D50-9874-AFEDEF2EFAA9}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) FirewallRules: [{59D96386-6E3E-4356-8348-CF3CFA65A81B}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{FFA55DD9-7016-4EC4-A808-1A467A45E95C}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{DC649560-4400-4885-84A1-B96EE04BD03C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{962C91EA-9380-4D1D-8A2F-E951089E3F37}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6E404A41-222B-4F61-937B-39B8D0A5BE40}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{394ABFE5-D758-4C24-B451-12FE329ECF53}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{CAB0B3BC-BD97-4B9F-AD34-4EA3FD6A653B}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{D1AE7604-9B6C-4322-8475-D1AC1B29A431}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) ==================== Restore Points ========================= 01-02-2019 16:11:32 Планирана контролна точка 09-02-2019 15:07:59 Планирана контролна точка ==================== Faulty Device Manager Devices ============= Name: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Description: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Service: L1C Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (02/10/2019 03:12:13 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/10/2019 03:12:13 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/09/2019 03:26:38 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/09/2019 03:26:38 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/08/2019 04:45:30 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/08/2019 04:45:29 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/07/2019 03:15:48 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/07/2019 03:15:48 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (02/09/2019 11:34:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (02/09/2019 02:59:26 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (02/06/2019 08:56:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на отговор за транзакция от услуга eventlog. Error: (02/05/2019 07:09:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (02/04/2019 09:08:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Услуга NVIDIA Telemetry Container прекъсна със следната грешка: Изпълним файл за обща команда върна резултат, показващ грешка. Error: (02/04/2019 08:48:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга NVIDIA LocalSystem Container беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата. Error: (02/04/2019 08:48:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Услуга NVIDIA LocalSystem Container прекъсна със следната грешка: Изпълним файл за обща команда върна резултат, показващ грешка. Error: (02/03/2019 01:44:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Услуга Steam Client Service не може да бъде стартирана поради следната грешка: Услугата не отговори навреме на искане за стартиране или управление. ==================== Memory info =========================== Processor: AMD FX-8320E Eight-Core Processor Percentage of memory in use: 41% Total physical RAM: 8189.54 MB Available physical RAM: 4811.05 MB Total Virtual: 16377.26 MB Available Virtual: 11050.03 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:150 GB) (Free:70.97 GB) NTFS Drive d: () (Fixed) (Total:781.41 GB) (Free:323.18 GB) NTFS \\?\Volume{2f050b3f-9477-11e7-8c98-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0C59AE75) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=781.4 GB) - (Type=05) ==================== End of Addition.txt ============================
  24. Fix result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03 Ran by GAMEPC (02-09-2018 13:37:40) Run:1 Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: EmptyTemp: CloseProcesses: HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\MountPoints2: {2d2c5be0-94b8-11e7-8704-048d38748987} - E:\stp-fifa18.exe HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\MountPoints2: {609d2171-c4d2-11e7-a1c0-048d38748987} - F:\Lenovo_Suite.exe Task: {853107D5-99D9-4ED4-9D50-87311C1ED5BC} - System32\Tasks\GAMEPC => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v GAMEPC /t REG_SZ /d "explorer.exe hxxp://exinariuminix.info" <==== ATTENTION AlternateDataStreams: C:\Users\Public\AppData:CSM [472] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476] reboot: end ***************** Restore point was successfully created. Processes closed successfully. "HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2d2c5be0-94b8-11e7-8704-048d38748987}" => removed successfully HKLM\Software\Classes\CLSID\{2d2c5be0-94b8-11e7-8704-048d38748987} => not found "HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{609d2171-c4d2-11e7-a1c0-048d38748987}" => removed successfully HKLM\Software\Classes\CLSID\{609d2171-c4d2-11e7-a1c0-048d38748987} => not found "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{853107D5-99D9-4ED4-9D50-87311C1ED5BC}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{853107D5-99D9-4ED4-9D50-87311C1ED5BC}" => removed successfully C:\Windows\System32\Tasks\GAMEPC => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GAMEPC" => removed successfully C:\Users\Public\AppData => ":CSM" ADS removed successfully C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 74717645 B Java, Flash, Steam htmlcache => 36882886 B Windows/system/drivers => 272470749 B Edge => 0 B Chrome => 739939091 B Firefox => 378838671 B Opera => 373626447 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 128 B systemprofile32 => 128 B LocalService => 0 B NetworkService => 0 B GAMEPC => 3381879203 B RecycleBin => 0 B EmptyTemp: => 4.9 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 13:38:50 ====
  25. Добър вечер имам съмнение за вирус който по някакъв начин е свързан с интернет-а ми През определен период от време от порядъка на час и половина нета ми буквално забива. Имам 2 лан карти тествах ги и не е от тях за това реших да се допитам до вас Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03 Ran by GAMEPC (administrator) on GAMEPC-PC (01-09-2018 20:09:16) Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (TeamSpeak Systems GmbH) C:\Users\GAMEPC\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2017-09-08] () HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-08-30] (Valve Corporation) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Viber] => C:\Users\GAMEPC\AppData\Local\Viber\Viber.exe [33453640 2018-08-21] (Viber Media S.Ã r.l.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\MountPoints2: {2d2c5be0-94b8-11e7-8704-048d38748987} - E:\stp-fifa18.exe HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\MountPoints2: {609d2171-c4d2-11e7-a1c0-048d38748987} - F:\Lenovo_Suite.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 87.121.24.12 Tcpip\..\Interfaces\{BFE47783-CFC6-4DEE-8858-A9889FC23A55}: [DhcpNameServer] 87.121.24.12 Tcpip\..\Interfaces\{F8E6BFBF-08DD-4CEC-8468-25670AF9DFE4}: [DhcpNameServer] 87.121.24.12 Internet Explorer: ================== HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle Corporation) FireFox: ======== FF DefaultProfile: mrpwyf7s.default FF ProfilePath: C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default [2018-08-28] FF Homepage: Mozilla\Firefox\Profiles\mrpwyf7s.default -> google.bg FF Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\[email protected] [2018-07-25] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-15] () FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-15] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-08-21] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-08-21] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.bg/" CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default [2018-09-01] CHR Extension: (Презентации) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Документи) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Диск) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-08] CHR Extension: (YouTube) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-08] CHR Extension: (Таблици) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Документи офлайн) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (Hoxx VPN Proxy) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2018-08-27] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-08] CHR Extension: (Chrome Media Router) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10] Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-06-25] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-08-08] () S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-07-29] (EasyAntiCheat Ltd) U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-03-29] (Hi-Rez Studios) [File not signed] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2017-09-08] (Realtek Semiconductor.) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-06-20] (Microsoft Corporation) R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2651136 2017-09-08] (Microsoft Corporation) [File not signed] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-09-08] (Advanced Micro Devices Inc.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-11] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-11] (Disc Soft Ltd) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-08] (REALiX(tm)) S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2017-09-08] (Qualcomm Atheros Co., Ltd.) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation) R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2017-09-08] (Realtek Semiconductor Corporation ) S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-01 20:09 - 2018-09-01 20:09 - 000015452 _____ C:\Users\GAMEPC\Downloads\FRST.txt 2018-09-01 20:08 - 2018-09-01 20:09 - 002413056 _____ (Farbar) C:\Users\GAMEPC\Downloads\FRST64.exe 2018-09-01 17:36 - 2018-09-01 17:36 - 000014477 _____ C:\Users\GAMEPC\Downloads\Upgrade.2018.BRRip.AC3.X264-CMRG.torrent 2018-09-01 03:38 - 2018-09-01 03:38 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\SmartSteamEmu 2018-09-01 03:13 - 2018-09-01 03:13 - 000059462 _____ C:\Users\GAMEPC\Downloads\HALF-LIFE 2 (1).torrent 2018-09-01 03:13 - 2018-09-01 03:13 - 000012474 _____ C:\Users\GAMEPC\Downloads\Half-Life 2 Episode Two v2257546 FiNAL.torrent 2018-09-01 03:12 - 2018-09-01 03:12 - 000059462 _____ C:\Users\GAMEPC\Downloads\HALF-LIFE 2.torrent 2018-09-01 02:55 - 2018-09-01 02:55 - 000060204 _____ C:\Users\GAMEPC\Downloads\Half Life 2. Crack & Cd Key. Works.rar.torrent 2018-08-30 15:56 - 2018-08-30 15:56 - 000013166 _____ C:\Users\GAMEPC\Downloads\Captain.America.The.First.Avenger.2011.BRRip.XviD.BGAudio-SLSS.torrent 2018-08-30 15:56 - 2018-08-30 15:56 - 000013166 _____ C:\Users\GAMEPC\Downloads\Captain.America.The.First.Avenger.2011.BRRip.XviD.BGAudio-SLSS (1).torrent 2018-08-30 15:54 - 2018-08-30 15:54 - 000019853 _____ C:\Users\GAMEPC\Downloads\Captain.America.The.First.Avenger.2011.480p.BDRip.XviD.DUAL-KiNGS.torrent 2018-08-28 18:10 - 2018-08-28 18:10 - 000014341 _____ C:\Users\GAMEPC\Downloads\Scary Movie 4 (2006) DVDRip.BGAudio-CoveR.avi.torrent 2018-08-28 00:34 - 2018-08-21 13:24 - 000132408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2018-08-28 00:31 - 2018-08-22 19:12 - 032457736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2018-08-28 00:31 - 2018-08-22 19:12 - 017014632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2018-08-28 00:31 - 2018-08-22 19:12 - 000628560 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2018-08-28 00:31 - 2018-08-22 19:12 - 000519120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 040346976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 035250176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 031248576 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 025964944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 019088480 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 017755768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 015699512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 015169920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 013732120 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 011276424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 004085328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 003967304 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 003504968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 002015184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439907.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001564136 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001467728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439907.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001420296 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001217352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001159096 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001093456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000906608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000546880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000464536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000420032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000182624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000164792 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000159736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000142656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2018-08-27 18:10 - 2018-08-27 18:10 - 000106090 _____ C:\Users\GAMEPC\Downloads\Pirates_of_the_Caribbean_Dead_Men_Tell_No_Tales_2017.(subs.sab.bz).rar 2018-08-27 18:10 - 2018-08-27 18:10 - 000016254 _____ C:\Users\GAMEPC\Downloads\Pirates.of.the.Caribbean.Dead.Men.Tell.No.Tales.2017.BRRip.XViD.AC3-HUD.torrent 2018-08-27 02:28 - 2018-08-27 02:29 - 000493548 _____ C:\Users\GAMEPC\Downloads\The Simpsons S01 - S27 Mega Pack x265.torrent 2018-08-26 17:54 - 2018-08-26 17:54 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Viber 2018-08-26 10:45 - 2018-08-26 10:45 - 000022858 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x19___Whiskey_Business.(subs.sab.bz).rar 2018-08-26 10:45 - 2018-08-26 10:45 - 000020450 _____ C:\Users\GAMEPC\Downloads\The_Simpsons__24x20__The_Fabulous_Faker_Boy.(subs.sab.bz).rar 2018-08-26 08:04 - 2018-08-26 08:04 - 000022840 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x17___What_Animated_Women_Want.(subs.sab.bz).rar 2018-08-26 08:04 - 2018-08-26 08:04 - 000021986 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x18___Pulpit_Friction.(subs.sab.bz).rar 2018-08-26 03:59 - 2018-08-26 03:59 - 000021949 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x16.(subs.sab.bz).rar 2018-08-26 03:59 - 2018-08-26 03:59 - 000020900 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x15___Black_Eyed__Please.(subs.sab.bz).rar 2018-08-26 03:22 - 2018-08-26 03:22 - 000022549 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x14___Gorgeous_Grampa.(subs.sab.bz).rar 2018-08-26 03:22 - 2018-08-26 03:22 - 000018792 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x13___Hardly_Kirk_ing.(subs.sab.bz).rar 2018-08-24 09:07 - 2018-08-24 09:07 - 000021584 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x12___Love_Is_a_Many_Splintered_Thing.(subs.sab.bz).rar 2018-08-24 08:28 - 2018-08-24 08:28 - 000021542 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x11___Changing_of_the_Guardian.(subs.sab.bz).rar 2018-08-24 08:28 - 2018-08-24 08:28 - 000018550 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x10___A_Test_Before_Trying.(subs.sab.bz).rar 2018-08-24 04:23 - 2018-08-24 04:23 - 000019082 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x09___Homer_Goes_to_Prep_School.(subs.sab.bz).rar 2018-08-24 03:33 - 2018-08-24 03:33 - 000022972 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x07___The_Day_The_Earth_Stood_Cool.(subs.sab.bz).rar 2018-08-24 03:33 - 2018-08-24 03:33 - 000020357 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x08___To_Cur_With_Love.(subs.sab.bz).rar 2018-08-23 09:03 - 2018-08-23 09:03 - 000018620 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x06___A_Tree_Grows_in_Springfield.(subs.sab.bz).rar 2018-08-23 08:41 - 2018-08-23 08:41 - 000020144 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x05___Penny_Wiseguys.(subs.sab.bz).rar 2018-08-23 04:21 - 2018-08-23 04:21 - 000020846 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x04___Gone_Abie_Gone..(subs.sab.bz).rar 2018-08-23 04:19 - 2018-08-23 04:19 - 000021718 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x03___Adventures_in_Baby_Getting.(subs.sab.bz).rar 2018-08-23 03:21 - 2018-08-23 03:21 - 000021140 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x01___Moonshine_River.(subs.sab.bz) (1).rar 2018-08-23 03:21 - 2018-08-23 03:21 - 000017872 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x02___Treehouse_of_Horror_XXIII.(subs.sab.bz) (1).rar 2018-08-23 03:21 - 2018-08-23 03:21 - 000014133 _____ C:\Users\GAMEPC\Downloads\The.Simpsons.Season.24.HDTV.x264-***.torrent 2018-08-23 03:21 - 2018-08-23 03:21 - 000014133 _____ C:\Users\GAMEPC\Downloads\The.Simpsons.Season.24.HDTV.x264-*** (1).torrent 2018-08-23 03:20 - 2018-08-23 03:20 - 000021140 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x01___Moonshine_River.(subs.sab.bz).rar 2018-08-23 03:20 - 2018-08-23 03:20 - 000017872 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x02___Treehouse_of_Horror_XXIII.(subs.sab.bz).rar 2018-08-23 03:19 - 2018-08-23 03:19 - 000012426 _____ C:\Users\GAMEPC\Downloads\The.Simpsons.Season.24.HDTV.XviD-***.torrent 2018-08-22 09:27 - 2018-08-22 09:27 - 000021840 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x21___Ned__N__Edna_s_Blend.(subs.sab.bz) (1).rar 2018-08-22 09:26 - 2018-08-22 09:26 - 000021840 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x21___Ned__N__Edna_s_Blend.(subs.sab.bz).rar 2018-08-22 09:26 - 2018-08-22 09:26 - 000019622 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x20___The_Spy_Who_Learned_Me.(subs.sab.bz).rar 2018-08-22 03:41 - 2018-08-22 03:41 - 000019260 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x19____A_Totally_Fun_Thing_Bart_Will_Never_Do_Again.(subs.sab.bz).rar 2018-08-22 03:41 - 2018-08-22 03:41 - 000018680 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x18___Beware_My_Cheating_Bart.(subs.sab.bz) (1).rar 2018-08-22 02:28 - 2018-08-22 02:28 - 000018680 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x18___Beware_My_Cheating_Bart.(subs.sab.bz).rar 2018-08-22 02:27 - 2018-08-22 02:27 - 000018962 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x17___Them__Robot.(subs.sab.bz).rar 2018-08-22 02:27 - 2018-08-22 02:27 - 000009178 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x16___How_I_Wet_Your_Mother.(subs.sab.bz) (1).rar 2018-08-21 16:59 - 2018-08-21 16:59 - 000003506 _____ C:\Windows\System32\Tasks\GAMEPC 2018-08-21 13:29 - 2018-08-21 13:29 - 000009178 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x16___How_I_Wet_Your_Mother.(subs.sab.bz).rar 2018-08-21 11:56 - 2018-08-21 11:56 - 000019710 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x15___Exit_Through_the_Kwik_E_Mart.(subs.sab.bz).rar 2018-08-21 11:14 - 2018-08-21 11:14 - 000018647 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x14___At_Long_Last_Leave.(subs.sab.bz).rar 2018-08-21 11:14 - 2018-08-21 11:14 - 000016842 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x13___The_Daughter_Also_Rises_.(subs.sab.bz).rar 2018-08-21 03:31 - 2018-08-21 03:31 - 000017623 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x12___Moe_Goes_from_Rags_to_Riches.(subs.sab.bz).rar 2018-08-21 02:23 - 2018-08-21 02:23 - 000022312 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x10___Politically_Inept__with_Homer_Simpson.(subs.sab.bz) (1).rar 2018-08-21 02:23 - 2018-08-21 02:23 - 000019117 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x11___The_D_oh_cial_Network.(subs.sab.bz).rar 2018-08-20 00:25 - 2018-08-20 00:25 - 000012347 _____ C:\Users\GAMEPC\Downloads\Euro Truck Simulator 2 [v 1.30.2.2s + 56 DLC] (2013) PC RePack.torrent 2018-08-19 21:03 - 2018-08-19 21:08 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\.ACEStream 2018-08-19 21:03 - 2018-08-19 21:03 - 000000000 ___HD C:\_acestream_cache_ 2018-08-19 20:58 - 2018-08-19 21:00 - 079522432 _____ C:\Users\GAMEPC\Downloads\Ace_Stream_Media_3.1.2.exe 2018-08-19 04:15 - 2018-08-19 04:15 - 000022312 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x10___Politically_Inept__with_Homer_Simpson.(subs.sab.bz).rar 2018-08-19 03:39 - 2018-08-19 03:39 - 000021035 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x08___The_Ten_Per_Cent_Solution.(subs.sab.bz).rar 2018-08-19 03:39 - 2018-08-19 03:39 - 000019249 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x09___Holidays_of_Future_Passed.(subs.sab.bz).rar 2018-08-19 02:42 - 2018-08-19 02:42 - 000023026 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x06___The_Book_Job.(subs.sab.bz).rar 2018-08-19 02:42 - 2018-08-19 02:42 - 000021969 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x07___The_Man_in_the_Blue_Flannel_Pants.(subs.sab.bz).rar 2018-08-18 17:22 - 2018-08-18 17:22 - 000000000 ____D C:\Users\GAMEPC\AppData\LocalLow\SKS 2018-08-13 21:06 - 2018-08-13 21:06 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\EasyAntiCheat 2018-08-04 02:57 - 2018-08-14 23:50 - 000000000 ____D C:\Users\GAMEPC\Documents\ETS2MP 2018-08-04 02:57 - 2018-08-04 02:57 - 000000000 ____D C:\ProgramData\TruckersMP 2018-08-04 02:56 - 2018-08-04 02:56 - 000000681 _____ C:\Users\Public\Desktop\TruckersMP.lnk 2018-08-04 02:56 - 2018-08-04 02:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher 2018-08-03 23:58 - 2018-08-31 23:52 - 000000000 ____D C:\Users\GAMEPC\Documents\Euro Truck Simulator 2 2018-08-03 23:46 - 2018-08-03 23:46 - 000000222 _____ C:\Users\GAMEPC\Desktop\Euro Truck Simulator 2.url ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-01 20:09 - 2018-04-05 15:41 - 000000000 ____D C:\FRST 2018-09-01 19:59 - 2017-09-19 23:12 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\TS3Client 2018-09-01 19:47 - 2017-09-23 18:42 - 000000000 ____D C:\Program Files (x86)\Steam 2018-09-01 17:40 - 2009-07-14 07:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-09-01 17:40 - 2009-07-14 07:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-09-01 17:37 - 2017-09-10 01:33 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\qBittorrent 2018-09-01 17:33 - 2017-12-06 19:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\ViberPC 2018-09-01 17:33 - 2017-09-08 14:03 - 000000000 ____D C:\ProgramData\NVIDIA 2018-09-01 17:31 - 2017-12-08 19:36 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios 2018-09-01 17:31 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-09-01 03:37 - 2017-09-23 16:30 - 000000000 ____D C:\Windows\SysWOW64\directx 2018-08-31 14:43 - 2017-10-13 16:36 - 000000000 ____D C:\Users\GAMEPC\Documents\ViberDownloads 2018-08-31 14:42 - 2017-09-08 14:05 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\NVIDIA 2018-08-31 13:50 - 2017-09-08 13:35 - 000003864 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1504866897 2018-08-31 13:50 - 2017-09-08 13:34 - 000000000 ____D C:\Program Files (x86)\Opera 2018-08-28 14:52 - 2011-04-12 11:34 - 000000000 ___RD C:\Users\Public\Recorded TV 2018-08-28 14:40 - 2017-09-08 13:51 - 000000000 ____D C:\Users\GAMEPC\AppData\LocalLow\Mozilla 2018-08-28 14:39 - 2017-09-08 12:32 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\VirtualStore 2018-08-28 00:35 - 2017-09-08 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2018-08-28 00:35 - 2017-09-08 13:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-08-28 00:34 - 2018-05-24 22:23 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-08-28 00:34 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf 2018-08-28 00:33 - 2018-04-26 20:20 - 000000000 ____D C:\Windows\system32\unknown 2018-08-22 19:12 - 2018-08-01 22:39 - 040189616 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2018-08-22 19:11 - 2018-06-27 16:06 - 020330616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2018-08-22 19:11 - 2017-09-08 14:02 - 004616904 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2018-08-22 19:11 - 2017-09-08 14:02 - 000505592 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2018-08-22 19:11 - 2017-09-08 13:22 - 023305232 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2018-08-21 15:08 - 2017-09-08 13:21 - 000041866 _____ C:\Windows\system32\nvinfo.pb 2018-08-21 13:15 - 2017-09-08 14:03 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2018-08-21 13:14 - 2017-09-08 14:03 - 005947600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2018-08-21 13:14 - 2017-09-08 14:03 - 002612264 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2018-08-21 13:14 - 2017-09-08 14:03 - 001767632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2018-08-21 13:14 - 2017-09-08 14:03 - 000634352 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2018-08-21 13:14 - 2017-09-08 14:03 - 000450768 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2018-08-21 13:14 - 2017-09-08 14:03 - 000124216 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2018-08-21 13:14 - 2017-09-08 14:03 - 000083440 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2018-08-19 21:08 - 2018-07-25 19:56 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\ACEStream 2018-08-18 17:17 - 2018-07-30 18:09 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\.minecraft 2018-08-15 14:13 - 2017-09-18 19:14 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-08-15 14:13 - 2017-09-18 19:14 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-08-15 14:13 - 2017-09-18 19:14 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-08-15 14:13 - 2017-09-18 19:14 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-08-15 14:13 - 2017-09-18 19:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-08-15 14:13 - 2017-09-18 19:14 - 000000000 ____D C:\Windows\system32\Macromed 2018-08-15 10:27 - 2018-03-14 01:27 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-08-13 15:24 - 2017-09-08 15:54 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\CrashDumps 2018-08-10 03:55 - 2017-09-08 13:35 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-08-10 03:55 - 2017-09-08 13:35 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-08-03 01:32 - 2017-09-08 14:03 - 008273432 _____ C:\Windows\system32\nvcoproc.bin Some files in TEMP: ==================== 2018-01-11 20:05 - 2018-08-29 00:10 - 000000000 _____ () C:\Users\GAMEPC\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll 2018-07-28 16:07 - 2018-08-29 00:10 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\663bdeddf9fcedcae13cc41b1f0d9432.dll 2018-01-11 20:05 - 2018-07-27 00:20 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\9cfeec25b194d212cb1a549f559db4ab.dll 2018-04-08 23:24 - 2017-09-19 20:57 - 000037376 _____ (Microsoft) C:\Users\GAMEPC\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe 2018-04-08 23:24 - 2017-09-19 20:57 - 000020480 _____ (Microsoft) C:\Users\GAMEPC\AppData\Local\Temp\HiRezLauncherControls.dll 2018-01-20 23:46 - 2018-01-20 23:46 - 001864256 _____ (Oracle Corporation) C:\Users\GAMEPC\AppData\Local\Temp\jre-8u161-windows-au.exe 2018-04-20 23:42 - 2018-04-20 23:42 - 001884616 _____ (Oracle Corporation) C:\Users\GAMEPC\AppData\Local\Temp\jre-8u171-windows-au.exe 2018-01-08 19:01 - 2018-06-01 11:47 - 000728648 _____ (NVIDIA Corporation) C:\Users\GAMEPC\AppData\Local\Temp\nvSCPAPI64.dll 2018-01-29 20:03 - 2018-07-30 20:50 - 000395656 _____ (NVIDIA Corporation) C:\Users\GAMEPC\AppData\Local\Temp\nvStInst.exe 2018-04-12 20:38 - 2018-04-12 20:38 - 058834376 _____ (Skype Technologies S.A.) C:\Users\GAMEPC\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-08-26 04:44 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03 Ran by GAMEPC (01-09-2018 20:10:01) Running from C:\Users\GAMEPC\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2017-09-08 09:32:01) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2297230751-1021565052-1431566534-500 - Administrator - Disabled) GAMEPC (S-1-5-21-2297230751-1021565052-1431566534-1000 - Administrator - Enabled) => C:\Users\GAMEPC Guest (S-1-5-21-2297230751-1021565052-1431566534-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated) Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) ATI Catalyst Install Manager (HKLM\...\{DC9C8BC1-72CE-B5FE-EA4F-6D9127E51746}) (Version: 3.0.736.0 - ATI Technologies, Inc.) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) Discord (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Discord) (Version: 0.0.301 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 399.07 - NVIDIA Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{8F89B0CF-8144-43EE-AB9F-B7F8F23D85FB}) (Version: 1.1.135.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.14.5270 - Gretech Corporation) Google Chrome (HKLM\...\{DA081EB6-F64C-358C-9BB0-AF1EA8001F34}) (Version: 68.0.3440.106 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 6.0.2.4 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office Language Pack 2010 - Bulgarian/български (HKLM-x32\...\Office14.OMUI.bg-bg) (Version: 14.0.4763.1021 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Mozilla Firefox 61.0.1 (x64 bg) (HKLM\...\Mozilla Firefox 61.0.1 (x64 bg)) (Version: 61.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision Driver 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.07 - NVIDIA Corporation) NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation) NVIDIA Graphics Driver 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.07 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 55.0.2994.44 (HKLM-x32\...\Opera 55.0.2994.44) (Version: 55.0.2994.44 - Opera Software) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.13622 - Kakao Corp.) PotPlayer-64 bit (HKLM-x32\...\PotPlayer64) (Version: 1.7.8556 - Kakao Corp.) qBittorrent 4.1.1 (HKLM-x32\...\qBittorrent) (Version: 4.1.1 - The qBittorrent project) Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Viber (HKLM-x32\...\{0235CB19-2284-4C34-9CF9-04078CF94C32}) (Version: 7.7.0.1126 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\{f37aa91a-8669-4ac1-bb40-8cc05c3beca1}) (Version: 7.7.0.1126 - Viber Media Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinRAR 5.50 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: 1.12.1.5875 - Blizzard Entertainment) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-08-21] (NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {17541074-21CD-4A00-B834-A5C51C9117DE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation) Task: {29CD2B59-F360-4EA0-8046-E993FB989355} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_pepper.exe [2018-08-15] (Adobe Systems Incorporated) Task: {2BEF52B4-7020-4DE8-A8E3-1EF9C11AE72E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation) Task: {4AD8F034-A7E9-402D-91CD-4DC03140A409} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation) Task: {541488F0-996C-41A7-9FD0-B384D368B53E} - System32\Tasks\Opera scheduled Autoupdate 1504866897 => C:\Program Files (x86)\Opera\launcher.exe [2018-08-23] (Opera Software) Task: {5EB42901-F6E5-4B7E-ACED-5B56332750D0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation) Task: {64503CA0-D96B-485A-A2ED-32E1ADEC5130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc.) Task: {73FC8EF7-E132-4317-92E8-E7FC4CA2F6EA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) Task: {8528CA4D-0B26-4E28-85F3-3F183D807591} - System32\Tasks\Driver Booster SkipUAC (GAMEPC) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe Task: {853107D5-99D9-4ED4-9D50-87311C1ED5BC} - System32\Tasks\GAMEPC => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v GAMEPC /t REG_SZ /d "explorer.exe hxxp://exinariuminix.info" <==== ATTENTION Task: {A19D33FF-7FBC-4D6F-B122-FFBC2947D956} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-15] (Adobe Systems Incorporated) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe Task: {CE666270-E9FC-4C1B-B1E2-7F3D281B959B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation) Task: {EB620B18-B5AA-4EB6-9CE3-AA5A941F2E00} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) Task: {ED30AF38-938D-4526-94E7-55D411155D8F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation) Task: {EFA9CC79-0313-4D33-94BC-FED17F4BF7AA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation) Task: {F381ABC2-2626-4AC3-AE8D-FB12F3685D5D} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) Task: {F67C982E-B27B-4B4D-B6F1-B5474BEA2341} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-15] (Adobe Systems Incorporated) Task: {FB761E82-2ABF-4B7D-A0A8-3F00F3533DD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc.) Task: {FFA6E2EE-E424-45AF-A108-E61D708B7695} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic ==================== Loaded Modules (Whitelisted) ============== 2017-09-08 14:03 - 2018-08-21 13:14 - 000142888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-01-09 20:17 - 2010-01-09 20:17 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2018-05-24 22:15 - 2018-07-19 23:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-08-29 02:53 - 2018-08-27 22:41 - 001054496 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll 2018-08-29 02:53 - 2018-08-27 23:52 - 098006816 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2018-01-22 13:34 - 2018-01-22 13:34 - 000174744 _____ () C:\Users\GAMEPC\AppData\Local\TeamSpeak 3 Client\quazip.dll 2017-10-13 14:17 - 2017-10-13 14:17 - 000020632 _____ () C:\Users\GAMEPC\AppData\Local\TeamSpeak 3 Client\libEGL.DLL 2017-10-13 14:17 - 2017-10-13 14:17 - 001981592 _____ () C:\Users\GAMEPC\AppData\Local\TeamSpeak 3 Client\libGLESv2.dll 2018-01-22 13:34 - 2018-01-22 13:34 - 000125592 _____ () C:\Users\GAMEPC\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll 2018-01-22 13:34 - 2018-01-22 13:34 - 000150680 _____ () C:\Users\GAMEPC\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll 2017-09-19 23:12 - 2017-09-19 23:12 - 000157696 _____ () C:\Users\GAMEPC\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll 2017-09-19 23:12 - 2017-09-19 23:12 - 000012288 _____ () C:\Users\GAMEPC\AppData\Roaming\TS3Client\plugins\gamepad_joystick\api_stub.dll 2017-09-19 23:12 - 2017-09-19 23:12 - 000345880 _____ () C:\Users\GAMEPC\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll 2018-08-29 02:53 - 2018-08-27 23:52 - 004443424 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2018-08-29 02:53 - 2018-08-27 23:52 - 000100128 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2018-08-10 03:55 - 2018-08-08 03:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll 2018-08-10 03:55 - 2018-08-08 03:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll 2017-09-08 14:04 - 2018-07-19 23:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-09-23 18:44 - 2018-08-27 22:41 - 000874784 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2017-09-23 18:44 - 2016-09-01 04:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2017-09-23 18:44 - 2016-09-01 04:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2017-09-23 18:44 - 2016-09-01 04:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2017-09-23 18:44 - 2018-08-30 00:17 - 002646304 _____ () C:\Program Files (x86)\Steam\video.dll 2017-12-14 11:20 - 2017-12-20 04:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2017-12-14 11:20 - 2017-12-20 04:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2017-12-14 11:20 - 2017-12-20 04:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2017-12-14 11:20 - 2017-12-20 04:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2017-12-14 11:20 - 2017-12-20 04:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2017-09-23 18:44 - 2018-08-30 00:17 - 001015584 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-09-23 18:43 - 2016-07-05 01:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\AppData:CSM [472] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2009-06-11 00:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 87.121.24.12 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^Users^GAMEPC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Need for Speed™ Undercover Registration.lnk => C:\Windows\pss\Need for Speed™ Undercover Registration.lnk.Startup MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: Discord => C:\Users\GAMEPC\AppData\Local\Discord\app-0.0.300\Discord.exe MSCONFIG\startupreg: RazerCortex => "C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe" -autorun MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Viber => "C:\Users\GAMEPC\AppData\Local\Viber\Viber.exe" StartMinimized ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{11074DEE-7B8C-4DC2-AE4C-93DF0A309913}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{D19357FE-92D5-4C15-865D-6BA1144E3141}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{21EB0059-8DA7-4F26-8EBC-947F0C4E2AAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{F8BB1871-4D02-4C5E-A222-4D557710B3E1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{1E8A507C-3B06-43AB-92D1-1DF3E7592F50}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{1EE7FB5D-9E25-4DA9-ACB5-D608ECDBB452}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{84ACAD4A-CAC3-405E-BED8-CCE7B6F558B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{ECD86BF2-018A-42DF-BDE1-D3B78B430449}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{5C9FEA0E-0037-4228-8A5E-308AD75AC1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{FD05E114-41E1-4EC3-B5A2-BBA593EE39E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{831352BE-7396-43E6-9657-9ED9D8BAB30D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{AB5ACC3F-22CB-469F-9EB3-8D69417E7CD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F49F4A4B-5D47-4938-9A35-D5AC2266716F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{4145C754-6CAB-4BD7-B9A0-015670DBEB52}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{43ADA9C0-2E56-45D1-B73D-9C89040C463D}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{06129773-C563-4DFF-8D34-BEA82843A4F0}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7AEADA08-C908-4138-A481-C7A9273E9FCB}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{2570E448-A94B-49F4-BB96-09C89387333D}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{A7A3205E-5145-4588-981D-700ACBF67C2F}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe FirewallRules: [UDP Query User{FCB7CF1E-D214-47B7-8337-D288C7BAF41D}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe FirewallRules: [TCP Query User{FE770401-859A-47E7-83C8-031A3CCB827E}D:\1.6\hl.exe] => (Allow) D:\1.6\hl.exe FirewallRules: [UDP Query User{6ADE0CF9-8E94-4097-8470-CF141DE016AF}D:\1.6\hl.exe] => (Allow) D:\1.6\hl.exe FirewallRules: [TCP Query User{0D1FADB8-FCE1-4E0E-B19A-D5490965A994}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{F6FECCC1-1C2E-45A5-B7AC-EAF4B88229DF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [TCP Query User{71DEC4BA-0EE6-44EB-B6E4-3F2B7E7B033C}D:\sdad\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\sdad\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{AAFB686C-3BA7-489D-AD75-25F81C3129EA}D:\sdad\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\sdad\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{86071F7C-F2FF-404C-BDFF-DEC06251CE41}D:\sdad\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\sdad\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{8429747D-9E78-43DA-A34C-9E12DBE52ABD}D:\sdad\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\sdad\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{190C4BF7-61BF-421A-87DE-236D48F2F203}D:\frot\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\frot\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{F4C57F24-879D-4F9A-B8E8-DAFB45A1C764}D:\frot\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\frot\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [TCP Query User{662290C0-C811-4E20-AEF3-23DFAA94C7C1}D:\human\wolfenstein - the new order\wolfneworder_x64.exe] => (Allow) D:\human\wolfenstein - the new order\wolfneworder_x64.exe FirewallRules: [UDP Query User{D80C48E0-BCA2-4D0F-B628-97E9FF7A83E7}D:\human\wolfenstein - the new order\wolfneworder_x64.exe] => (Allow) D:\human\wolfenstein - the new order\wolfneworder_x64.exe FirewallRules: [TCP Query User{795A7748-4348-4E5A-B2D5-B4B7A1324DC7}D:\ijijj\f1 2016\f1_2016.exe] => (Allow) D:\ijijj\f1 2016\f1_2016.exe FirewallRules: [UDP Query User{BC1990C5-EB17-4471-A2D7-034561829F99}D:\ijijj\f1 2016\f1_2016.exe] => (Allow) D:\ijijj\f1 2016\f1_2016.exe FirewallRules: [TCP Query User{14DDF284-5460-443A-A985-ED25EFDEF97A}D:\aasd\battlefield hardline\bfh.exe] => (Allow) D:\aasd\battlefield hardline\bfh.exe FirewallRules: [UDP Query User{41B16D1B-DA09-4913-8F3D-A29DAAF8BC6D}D:\aasd\battlefield hardline\bfh.exe] => (Allow) D:\aasd\battlefield hardline\bfh.exe FirewallRules: [TCP Query User{7FFD35DD-B830-4881-9F21-B0DDD87C935E}D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{0422AA3B-D32B-4AE2-8E19-F4D4ED2A2BDA}D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{CD2A8849-5FA2-4B7F-9315-E011E25C0F34}D:\sc2\sc2\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) D:\sc2\sc2\starcraft ii\versions\base60321\sc2_x64.exe FirewallRules: [UDP Query User{21623E77-268D-4B31-B4E2-E4D028DC7916}D:\sc2\sc2\starcraft ii\versions\base60321\sc2_x64.exe] => (Allow) D:\sc2\sc2\starcraft ii\versions\base60321\sc2_x64.exe FirewallRules: [TCP Query User{E098DE48-4A6A-4CF4-AC43-CFCFEFC46C76}D:\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo 3\diablo iii\x64\diablo iii64.exe FirewallRules: [UDP Query User{74DA4CD7-8E73-4107-8D65-D40C2EE60DA9}D:\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo 3\diablo iii\x64\diablo iii64.exe FirewallRules: [TCP Query User{DF89E965-0B93-4801-A529-B1FDCF96DC5E}D:\heroes\might & magic.heroes 6.gold edition.v 2.1.1.0 + 4 dlc\might & magic heroes vi.exe] => (Allow) D:\heroes\might & magic.heroes 6.gold edition.v 2.1.1.0 + 4 dlc\might & magic heroes vi.exe FirewallRules: [UDP Query User{F4B31A0B-4922-456C-9A2B-33260CE59A1F}D:\heroes\might & magic.heroes 6.gold edition.v 2.1.1.0 + 4 dlc\might & magic heroes vi.exe] => (Allow) D:\heroes\might & magic.heroes 6.gold edition.v 2.1.1.0 + 4 dlc\might & magic heroes vi.exe FirewallRules: [TCP Query User{DEFA441A-0140-4630-9B49-0F0DB88705EC}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [UDP Query User{2F3AD7BE-C36D-4E24-BFFA-EED5BE5D11F4}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [TCP Query User{68773BE5-EEF8-470B-B1C8-8AEF54FF8AAC}D:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe FirewallRules: [UDP Query User{C67CBA43-ED5A-43CD-96B6-63C91FC29243}D:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe FirewallRules: [TCP Query User{B02A6D6E-E443-466D-A359-23CF0374577C}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{7800F34C-7767-4BDF-8A49-26D1C6C80F5F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{B176F8F2-937B-49A8-AB1F-8E228B518267}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{94DE9988-CA46-400F-9C84-2E1FC7A47F6A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{366AF239-7D01-4970-8487-934BFB4B7396}D:\fortniteeeeeeeee\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortniteeeeeeeee\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{8C9336D5-DCAF-4329-8BB8-4F1F6DB85DBF}D:\fortniteeeeeeeee\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortniteeeeeeeee\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{3B7D3801-5557-4905-A940-9FFB3D9419C2}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe FirewallRules: [{B5A843B5-4869-438A-A418-D42BF3EC672D}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe FirewallRules: [TCP Query User{3E9CAAAF-B071-4C5A-BF3C-8D6CE738DDCF}D:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steamlibrary\steamapps\common\h1z1\h1z1.exe FirewallRules: [UDP Query User{5D93D003-DFB9-4F4B-9146-7E5878848F21}D:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steamlibrary\steamapps\common\h1z1\h1z1.exe FirewallRules: [TCP Query User{6974BC97-0928-445B-9F9D-0F91B4FFF12A}D:\raly\rads\projects\league_client\releases\0.0.0.132\deploy\leagueclient.exe] => (Allow) D:\raly\rads\projects\league_client\releases\0.0.0.132\deploy\leagueclient.exe FirewallRules: [UDP Query User{5B5C34D8-85D1-464C-BF0D-C0BC4965E441}D:\raly\rads\projects\league_client\releases\0.0.0.132\deploy\leagueclient.exe] => (Allow) D:\raly\rads\projects\league_client\releases\0.0.0.132\deploy\leagueclient.exe FirewallRules: [TCP Query User{9DFFCC02-9F9C-4A63-AEAD-98B046D6D7AF}D:\raly\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) D:\raly\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe FirewallRules: [UDP Query User{B81959A2-C448-41BA-BA68-04828BCD4CA7}D:\raly\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe] => (Allow) D:\raly\rads\projects\league_client\releases\0.0.0.133\deploy\leagueclient.exe FirewallRules: [TCP Query User{58724FF2-EE14-4D53-B797-DE1734F6983C}D:\raly\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) D:\raly\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe FirewallRules: [UDP Query User{6D577E05-BA57-4526-A81E-254BD8C9E7EC}D:\raly\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe] => (Allow) D:\raly\rads\projects\league_client\releases\0.0.0.134\deploy\leagueclient.exe FirewallRules: [TCP Query User{5B3437A8-B09D-438D-A545-CAE6B7A82962}D:\raly\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\raly\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe FirewallRules: [UDP Query User{8939EF7B-A8BE-4730-93F9-D8778A56462D}D:\raly\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) D:\raly\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe FirewallRules: [{B5E37EE1-9BE1-4B57-9AD5-EEF981D7F031}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe FirewallRules: [{DC6EA5CC-0B14-4DA5-BA55-E772E5860678}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe FirewallRules: [{C118432B-871D-4268-9C07-248641F7E265}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe FirewallRules: [{9A5D2120-07BE-4587-9767-DFFC0484207F}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe FirewallRules: [{CC5A4281-306D-4711-91C7-E00E2ABEBC40}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe FirewallRules: [{8A4DCBEC-E89C-462E-8216-8A9A38C394ED}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe FirewallRules: [TCP Query User{9EB67BC3-E37B-4DDA-8152-C4C212BCDB94}D:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe FirewallRules: [UDP Query User{06278712-8E63-4F40-ABC3-10BC10A83F0D}D:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe FirewallRules: [{59C433B9-0583-47C6-BBD8-EF6CED25387C}] => (Allow) D:\SteamLibrary\steamapps\common\We Were Here\We Were Here.exe FirewallRules: [{D5D9E8C7-DA4C-4CBB-AC6A-B6BA5761875C}] => (Allow) D:\SteamLibrary\steamapps\common\We Were Here\We Were Here.exe FirewallRules: [{F504A400-375A-4791-AA80-1D9A6E9B02C0}] => (Allow) D:\SteamLibrary\steamapps\common\We Were Here\We Were Here VR.exe FirewallRules: [{82CB8FD2-99BF-4B0A-A00B-1E3B0460446C}] => (Allow) D:\SteamLibrary\steamapps\common\We Were Here\We Were Here VR.exe FirewallRules: [{BA413E19-022B-4719-B578-4F0E6C99F5FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{FDAF511F-0C5C-4E27-8950-6B78D13412DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{375984E1-0435-4BEC-A184-6481B3B25DF1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{4694C972-1914-47E9-96EE-62ADBA23A733}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [TCP Query User{B1B4DF97-831E-413C-A928-4176B7B76801}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe FirewallRules: [UDP Query User{8691C936-9089-4A6A-9831-A0087C639A9C}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe FirewallRules: [{B55C2732-0E9E-43B3-B4D0-12834CB1DCC6}] => (Allow) D:\SteamLibrary\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe FirewallRules: [{E2D40EE2-980F-40C3-9A72-0C423C1EA748}] => (Allow) D:\SteamLibrary\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe FirewallRules: [TCP Query User{C8205113-646C-40BE-B04A-9737DE3D65A9}D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe FirewallRules: [UDP Query User{C869487F-15FB-47B4-A5E6-EFC90C935835}D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steamlibrary\steamapps\common\realm royale\binaries\win64\realm.exe FirewallRules: [{ACF2D27B-3389-4299-8332-3C95A0840B47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{1DB0B31E-D885-49A8-8116-59839190B5CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{4A6C302F-DC5D-4EC9-A3A8-7EBE0898B5FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7E8CD031-0619-4BF4-99C2-6EBEBF4F0EA1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{4F47D42D-E5BC-4589-B814-554FFBC0605A}C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe FirewallRules: [UDP Query User{C07DD726-677E-4397-BFE6-5AA734523796}C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\gamepc\appdata\roaming\acestream\engine\ace_engine.exe FirewallRules: [{FF76D716-DBA6-437A-A34F-847AF6AB88AD}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [{13A0D233-1007-4376-A4B4-1DA27C101ECB}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [{2A5A589D-F047-4DBC-AD59-C99098A30A85}] => (Allow) C:\Program Files (x86)\Opera\54.0.2952.64\opera.exe FirewallRules: [TCP Query User{86D55748-40A6-4288-AEF7-2C0B25BDF778}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe FirewallRules: [UDP Query User{D8AE6DDF-C0F2-475C-AB9C-B84C11DDC8AB}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe FirewallRules: [TCP Query User{695C8135-FF2C-4E94-9566-E526643684CA}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe FirewallRules: [UDP Query User{3091889E-265D-4648-88DF-CEE54431325D}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe FirewallRules: [{E370D323-1FD8-4B79-9CB6-FDF84B6DBAF4}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe FirewallRules: [{F6725860-B268-4D63-9C1A-31CFE62CB1E1}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe FirewallRules: [{19A95D83-1997-4E1D-B782-E9518C66DFBB}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{A1F359C7-4712-4555-B250-972DC5238157}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{9310E9DD-E024-4761-B062-698FB0E3AB13}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{F2B11A3B-CC53-4DFF-B8AC-3ADDA6F5D794}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{93C3F977-9460-4CA1-822E-97863829BC15}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{DB2F74E8-C7EB-44B3-81D7-12B84175E2EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{E44676E1-030C-4238-B65F-434792B61DE5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{42D8E88E-3D4D-4E4D-B97E-C0F5923D12E4}] => (Allow) C:\Program Files (x86)\Opera\55.0.2994.44\opera.exe FirewallRules: [{08673158-7D6C-4134-8F49-9BFD9F3D8235}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{3425B575-2ECF-49E3-A66B-4E8F2AC11D72}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{6E5214AA-681E-46A6-B41D-0831848FC23F}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{CEDE7961-E482-448F-9878-E882114A4D71}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [TCP Query User{7A0BC9E9-DE73-44F2-A9C4-D1CFCB7E7F10}D:\hl2\half-life 2 episode two\hl2.exe] => (Allow) D:\hl2\half-life 2 episode two\hl2.exe FirewallRules: [UDP Query User{BE13FAFC-58E8-41A9-BF26-8F33F6F4C271}D:\hl2\half-life 2 episode two\hl2.exe] => (Allow) D:\hl2\half-life 2 episode two\hl2.exe ==================== Restore Points ========================= 18-08-2018 15:07:15 Планирана контролна точка 24-08-2018 00:25:28 Installed DirectX 31-08-2018 07:26:57 Планирана контролна точка ==================== Faulty Device Manager Devices ============= Name: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Description: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Service: L1C Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/01/2018 05:32:03 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Could not get performance counter registry info for WSearchIdxPi for instance due to the following error: Операцията завърши успешно. 0x0. Error: (09/01/2018 05:32:00 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer. Context: Application, SystemIndex Catalog Error: (09/01/2018 05:32:00 PM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer. Error: (09/01/2018 05:31:48 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at SetupAfterRebootService.SetupARService.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/01/2018 03:13:54 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (09/01/2018 03:13:54 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (08/31/2018 03:18:22 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Could not get performance counter registry info for WSearchIdxPi for instance due to the following error: Операцията завърши успешно. 0x0. Error: (08/31/2018 03:18:18 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer. Context: Application, SystemIndex Catalog System errors: ============= Error: (09/01/2018 05:31:59 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: cdrom Error: (08/31/2018 03:18:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: cdrom Error: (08/31/2018 03:17:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на услуга Hi-Rez Studios Authenticate and Update Service да се свърже. Error: (08/31/2018 03:16:53 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 15:13:47 ч. on ‎31.‎8.‎2018 ‎г. was unexpected. Error: (08/30/2018 02:45:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Услуга Steam Client Service не може да бъде стартирана поради следната грешка: Услугата не отговори навреме на искане за стартиране или управление. Error: (08/30/2018 02:45:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на услуга Steam Client Service да се свърже. Error: (08/29/2018 02:54:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Услуга Steam Client Service не може да бъде стартирана поради следната грешка: Услугата не отговори навреме на искане за стартиране или управление. Error: (08/29/2018 02:54:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на услуга Steam Client Service да се свърже. ==================== Memory info =========================== Processor: AMD FX-8320E Eight-Core Processor Percentage of memory in use: 37% Total physical RAM: 8189.54 MB Available physical RAM: 5089.89 MB Total Virtual: 16377.26 MB Available Virtual: 12218.5 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:150 GB) (Free:69.91 GB) NTFS Drive d: () (Fixed) (Total:781.41 GB) (Free:509.92 GB) NTFS \\?\Volume{2f050b3f-9477-11e7-8c98-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0C59AE75) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=781.4 GB) - (Type=05) ==================== End of Addition.txt ============================
  • Разглеждащи това в момента   0 потребители

    • Няма регистрирани потребители разглеждащи тази страница.
×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване