API tools faq
paste
Guest User

Untitled

a guest
Jun 23rd, 2020
37
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 65.81 KB | None | 0 0
raw download clone embed print report
  1. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2020
  2. Ran by User (23-06-2020 15:51:20)
  3. Running from D:\bungee\Downloads
  4. Windows 10 Pro Version 1903 18362.900 (X64) (2019-08-11 23:37:49)
  5. Boot Mode: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Accounts: =============================
  10.  
  11. Administrator (S-1-5-21-691218479-2863476526-4080224816-500 - Administrator - Disabled)
  12. DefaultAccount (S-1-5-21-691218479-2863476526-4080224816-503 - Limited - Disabled)
  13. Guest (S-1-5-21-691218479-2863476526-4080224816-501 - Limited - Disabled)
  14. User (S-1-5-21-691218479-2863476526-4080224816-1001 - Administrator - Enabled) => C:\Users\User
  15. WDAGUtilityAccount (S-1-5-21-691218479-2863476526-4080224816-504 - Limited - Disabled)
  16.  
  17. ==================== Security Center ========================
  18.  
  19. (If an entry is included in the fixlist, it will be removed.)
  20.  
  21. AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  22. AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
  23. AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  24. FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}
  25.  
  26. ==================== Installed Programs ======================
  27.  
  28. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  29.  
  30. 4K Video Downloader 4.4 (HKLM-x32\...\{4E97C234-3F6C-4AA9-BFAF-0166F3050A68}) (Version: 4.4.11.2412 - Open Media LLC)
  31. Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
  32. Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
  33. Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_3) (Version: 19.1.3 - Adobe Systems Incorporated)
  34. Amazon Kindle (HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Amazon Kindle) (Version: 1.23.1.50133 - Amazon)
  35. AMD Settings (HKLM\...\WUCCCApp) (Version: 2019.0816.1152.21357 - Advanced Micro Devices, Inc.)
  36. Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
  37. AutoHotkey 1.1.28.02 (HKLM\...\AutoHotkey) (Version: 1.1.28.02 - Lexikos)
  38. Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.7.915.0 - AVAST Software) Hidden
  39. Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 24.0.1.162 - Bitdefender)
  40. Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 24.0.20.114 - Bitdefender)
  41. Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 24.0.24.131 - Bitdefender)
  42. Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 24.0.4.712 - Bitdefender)
  43. Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  44. Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  45. Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  46. Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  47. Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  48. Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  49. Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  50. Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  51. Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  52. Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  53. Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  54. Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  55. Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  56. Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  57. Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  58. Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  59. Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  60. Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  61. Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  62. Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  63. Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
  64. Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version: - )
  65. Discord (HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
  66. D-Link DWA-131 - V5.10b03 (HKLM-x32\...\{B7C11488-750D-4E48-A9A4-7207A335984D}) (Version: 5.10 - D-Link)
  67. Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: 4.02 - NCH Software)
  68. EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
  69. Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
  70. Everything 1.4.1.935 (x86) (HKLM-x32\...\Everything) (Version: 1.4.1.935 - David Carpenter)
  71. Express Zip File Compression (HKLM-x32\...\ExpressZip) (Version: 5.05 - NCH Software)
  72. FileZilla Client 3.40.0 (HKLM-x32\...\FileZilla Client) (Version: 3.40.0 - Tim Kosse)
  73. GenArts Sapphire Plug-ins 6.10 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version: - )
  74. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
  75. Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
  76. Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
  77. Jaxx 1.3.15 (only current user) (HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\c8bd836d-41d7-5f55-90da-0bae2db13a07) (Version: 1.3.15 - decentral.ca)
  78. Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
  79. League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
  80. League of Legends PBE (HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Riot Game league_of_legends.pbe) (Version: - Riot Games, Inc)
  81. Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
  82. Magic Bullet Suite 64-bit (HKLM\...\{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software) Hidden
  83. Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)
  84. Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
  85. McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.117 - McAfee, LLC)
  86. Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.54 - Microsoft Corporation)
  87. Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
  88. Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.12827.20336 - Microsoft Corporation)
  89. Microsoft OneDrive (HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
  90. Microsoft PowerPoint 2010 Interactive Guide BGR (HKLM-x32\...\{639D0F32-CF2C-4170-A870-96C1A7C6F11F}) (Version: 1.2.1 - Microsoft)
  91. Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.12827.20336 - Microsoft Corporation)
  92. Microsoft Visio - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12827.20336 - Microsoft Corporation)
  93. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
  94. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
  95. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
  96. Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
  97. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
  98. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  99. Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
  100. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
  101. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  102. Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  103. Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  104. Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
  105. Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
  106. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
  107. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
  108. Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
  109. Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM-x32\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
  110. Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)
  111. Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version: - )
  112. MiniTool Power Data Recovery 8.8 (HKLM\...\{E1BCD081-4BF4-4E2F-832A-911EC42EF3C5}_is1) (Version: 8.8 - MiniTool Software Limited)
  113. Nmap 7.80 (HKLM-x32\...\Nmap) (Version: 7.80 - Nmap Project)
  114. NordVPN (HKLM-x32\...\{61912B8D-78D2-4C3A-B566-F72B189F9E30}) (Version: 6.28.13 - NordVPN) Hidden
  115. NordVPN (HKLM-x32\...\NordVPN 6.28.13) (Version: 6.28.13 - NordVPN)
  116. Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
  117. Npcap 0.9982 (HKLM-x32\...\NpcapInst) (Version: 0.9982 - Nmap Project)
  118. OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.0 - OBS Project)
  119. Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
  120. Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
  121. Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20336 - Microsoft Corporation) Hidden
  122. Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
  123. Overwolf (HKLM-x32\...\Overwolf) (Version: 0.148.0.4 - Overwolf Ltd.)
  124. Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version: 5.06 - NCH Software)
  125. Porofessor.gg (HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.4.7 - Overwolf app)
  126. Python 3.7.7 (64-bit) (HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\{6b043b92-4219-49e9-98cb-80558c6db697}) (Version: 3.7.7150.0 - Python Software Foundation)
  127. Python 3.7.7 Core Interpreter (64-bit) (HKLM\...\{9BE0AC23-0551-4755-94A3-F4D377E3CF16}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
  128. Python 3.7.7 Development Libraries (64-bit) (HKLM\...\{937814BD-E132-48AA-95BF-1DA243130C61}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
  129. Python 3.7.7 Documentation (64-bit) (HKLM\...\{9EED2F05-DE91-4CE8-B562-AB64115D2CD5}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
  130. Python 3.7.7 Executables (64-bit) (HKLM\...\{60776648-6B18-47AC-AAA3-0C0DCFC28F26}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
  131. Python 3.7.7 pip Bootstrap (64-bit) (HKLM\...\{DE9BCC96-48C4-4275-A383-C49B3957A617}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
  132. Python 3.7.7 Standard Library (64-bit) (HKLM\...\{5F12F065-8081-4D3A-B4B1-9A90953CE8CF}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
  133. Python 3.7.7 Tcl/Tk Support (64-bit) (HKLM\...\{F21D9D7C-3E98-4CF3-B450-30F794588EA7}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
  134. Python 3.7.7 Test Suite (64-bit) (HKLM\...\{40D70865-BA27-44B6-AA5C-2215098AEA50}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
  135. Python 3.7.7 Utility Scripts (64-bit) (HKLM\...\{3B826D9B-4141-455E-967A-B0984088BC2E}) (Version: 3.7.7150.0 - Python Software Foundation) Hidden
  136. Python Launcher (HKLM-x32\...\{06667732-CFB4-44B1-86AF-D7FDF9962B84}) (Version: 3.7.7008.0 - Python Software Foundation)
  137. qBittorrent 4.1.2 (HKLM-x32\...\qBittorrent) (Version: 4.1.2 - The qBittorrent project)
  138. Skype version 8.43 (HKLM-x32\...\Skype_is1) (Version: 8.43 - Skype Technologies S.A.)
  139. Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
  140. TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
  141. TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
  142. TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
  143. TunnelBear (HKLM-x32\...\{EEDD05EC-ACB0-4C9D-BFE0-BD2531ADD21B}) (Version: 4.2.8.0 - TunnelBear) Hidden
  144. TunnelBear (HKLM-x32\...\{f415078c-395e-4aea-ad09-1cfcb7cc126a}) (Version: 4.2.8.0 - TunnelBear)
  145. Universe (HKLM\...\Universe Premium_is1) (Version: 1.6.0 CE - Team V.R)
  146. Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
  147. Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
  148. VEGAS Pro 15.0 (HKLM\...\{E0F91FB0-7FC4-11E7-B8E9-95BE57594EAC}) (Version: 15.0.177 - VEGAS)
  149. Viber (HKLM-x32\...\{B0693754-3B15-42E6-A4CF-D7F2B56B1684}) (Version: 8.7.1.3 - Viber Media Inc.) Hidden
  150. Viber (HKU\S-1-5-21-691218479-2863476526-4080224816-1001\...\{0e60dacb-6246-4da2-8783-496f59f6bb54}) (Version: 8.7.1.3 - Viber Media Inc.)
  151. WinRAR 5.90 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
  152. WinSCP 5.15.2 (HKLM-x32\...\winscp3_is1) (Version: 5.15.2 - Martin Prikryl)
  153. Wireshark 3.2.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.2.3 - The Wireshark developer community, hxxps://www.wireshark.org)
  154.  
  155. Packages:
  156. =========
  157. Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
  158. Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.10.5.0_x86__kgqvnymyfvs32 [2020-06-18] (king.com)
  159. Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.170.800.0_x86__kgqvnymyfvs32 [2020-06-18] (king.com)
  160. Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.1.2.2_x86__h6adky7gbf63m [2020-06-23] (Gameloft SE)
  161. Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-17] (Dolby Laboratories)
  162. March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.8.1.1_x86__h6adky7gbf63m [2020-05-21] (Gameloft SE)
  163. Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
  164. Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
  165. Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation)
  166. Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad]
  167. MSN Време -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
  168. Python 3.8 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.8_3.8.1008.0_x64__qbz5n2kfra8p0 [2020-05-21] (Python Software Foundation)
  169. Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-01] (Spotify AB) [Startup Task]
  170.  
  171. ==================== Custom CLSID (Whitelisted): ==============
  172.  
  173. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  174.  
  175. CustomCLSID: HKU\S-1-5-21-691218479-2863476526-4080224816-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A53DA100DCA5} -> [Creative Cloud Files] => C:\Users\User\Creative Cloud Files [2018-04-15 12:08]
  176. CustomCLSID: HKU\S-1-5-21-691218479-2863476526-4080224816-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
  177. ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
  178. ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
  179. ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
  180. ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
  181. ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
  182. ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> )
  183. ContextMenuHandlers1: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2018-04-14] () [File not signed]
  184. ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\vinrar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
  185. ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\vinrar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
  186. ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-02] (Malwarebytes Corporation -> Malwarebytes)
  187. ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
  188. ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
  189. ContextMenuHandlers6: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2018-04-14] () [File not signed]
  190. ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-02] (Malwarebytes Corporation -> Malwarebytes)
  191. ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\vinrar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
  192. ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\vinrar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
  193.  
  194. ==================== Codecs (Whitelisted) ====================
  195.  
  196. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  197.  
  198. HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
  199. HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
  200.  
  201. ==================== Shortcuts & WMI ========================
  202.  
  203. (The entries could be listed to be restored or removed.)
  204.  
  205. Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Деинсталиране на World of Tanks.lnk -> D:\James\world of tanks\unins000.exe (No File) <==== Cyrillic
  206. Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Енциклопедия.lnk -> D:\James\world of tanks\wiki.url (No File) <==== Cyrillic
  207. Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Официален уебсайт.lnk -> D:\James\world of tanks\website.url (No File) <==== Cyrillic
  208. Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Последни обновления.lnk -> D:\James\world of tanks\readme.url (No File) <==== Cyrillic
  209. Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks\Упътване за играта.lnk -> D:\James\world of tanks\game_manual.url (No File) <==== Cyrillic
  210. Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Какво е новото в последната версия.lnk -> D:\vinrar\WhatsNew.txt () <==== Cyrillic
  211. Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Помощен файл на WinRAR.lnk -> D:\vinrar\WinRAR.chm () <==== Cyrillic
  212. Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Ръководство за конзолната версия на RAR.lnk -> D:\vinrar\Rar.txt () <==== Cyrillic
  213. Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\User\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()
  214. ShortcutWithArgument: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
  215. ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
  216.  
  217. ==================== Loaded Modules (Whitelisted) =============
  218.  
  219. 2020-06-01 14:03 - 2020-06-01 14:03 - 000030720 _____ ( () [File not signed]) [File is in use ] D:\osci\TunnelBear\TunnelBear.Maintenance.Wrapper.dll
  220. 2018-04-14 21:48 - 2018-04-14 21:48 - 000105984 _____ () [File not signed] C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
  221. 2019-06-28 17:32 - 2019-06-28 17:32 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
  222. 2019-06-28 17:32 - 2019-06-28 17:32 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
  223. 2019-08-16 11:37 - 2019-08-16 11:37 - 000158208 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll
  224. 2018-04-09 22:17 - 2017-05-23 14:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
  225. 2018-04-09 22:17 - 2017-05-23 14:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
  226. 2019-06-28 17:32 - 2019-06-28 17:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
  227. 2019-06-28 17:32 - 2019-06-28 17:32 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
  228. 2019-06-28 17:32 - 2019-06-28 17:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
  229. 2019-06-28 17:32 - 2019-06-28 17:32 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
  230. 2019-06-28 17:32 - 2019-06-28 17:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
  231. 2019-06-28 17:32 - 2019-06-28 17:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
  232. 2019-06-28 17:32 - 2019-06-28 17:32 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
  233. 2019-06-28 17:32 - 2019-06-28 17:32 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
  234. 2019-06-28 17:32 - 2019-06-28 17:32 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
  235. 2019-08-16 11:49 - 2019-08-16 11:49 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
  236. 2019-06-28 17:32 - 2019-06-28 17:32 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
  237. 2019-06-28 17:32 - 2019-06-28 17:32 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
  238. 2019-06-28 17:32 - 2019-06-28 17:32 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
  239. 2019-06-28 17:32 - 2019-06-28 17:32 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
  240. 2019-06-28 17:32 - 2019-06-28 17:32 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
  241. 2019-06-28 17:32 - 2019-06-28 17:32 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
  242. 2019-06-28 17:32 - 2019-06-28 17:32 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
  243. 2019-06-28 17:32 - 2019-06-28 17:32 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
  244. 2019-06-28 17:32 - 2019-06-28 17:32 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
  245. 2019-06-28 17:32 - 2019-06-28 17:32 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
  246. 2019-06-28 17:32 - 2019-06-28 17:32 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
  247. 2019-06-28 17:32 - 2019-06-28 17:32 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
  248. 2019-06-28 17:32 - 2019-06-28 17:32 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
  249. 2019-06-28 17:33 - 2019-06-28 17:33 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
  250. 2019-06-28 17:33 - 2019-06-28 17:33 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
  251. 2019-06-28 17:33 - 2019-06-28 17:33 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
  252. 2019-06-28 17:33 - 2019-06-28 17:33 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
  253. 2019-06-28 17:33 - 2019-06-28 17:33 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
  254. 2019-06-28 17:33 - 2019-06-28 17:33 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
  255. 2019-06-28 17:33 - 2019-06-28 17:33 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
  256. 2019-06-28 17:33 - 2019-06-28 17:33 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
  257.  
  258. ==================== Alternate Data Streams (Whitelisted) ========
  259.  
  260. (If an entry is included in the fixlist, only the ADS will be removed.)
  261.  
  262. AlternateDataStreams: C:\Users\Public\AppData:CSM [466]
  263. AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
  264. AlternateDataStreams: C:\Users\User\Application Data:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
  265. AlternateDataStreams: C:\Users\User\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
  266.  
  267. ==================== Safe Mode (Whitelisted) ==================
  268.  
  269. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  270.  
  271. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
  272. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
  273.  
  274. ==================== Association (Whitelisted) =================
  275.  
  276. ==================== Internet Explorer trusted/restricted ==========
  277.  
  278. ==================== Hosts content: =========================
  279.  
  280. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  281.  
  282. 2018-03-30 07:04 - 2020-06-23 15:18 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
  283.  
  284. ==================== Other Areas ===========================
  285.  
  286. (Currently there is no automatic fix for this section.)
  287.  
  288. HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Skype\Phone\
  289. HKU\S-1-5-21-691218479-2863476526-4080224816-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Desktop\R34 NIGHT.png
  290. DNS Servers: 192.168.1.1
  291. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  292. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
  293. Windows Firewall is enabled.
  294.  
  295. Network Binding:
  296. =============
  297. Npcap Loopback Adapter: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
  298. Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
  299. Wi-Fi 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
  300. Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
  301. Ethernet 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
  302.  
  303. ==================== MSCONFIG/TASK MANAGER disabled items ==
  304.  
  305. ==================== FirewallRules (Whitelisted) ================
  306.  
  307. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  308.  
  309. FirewallRules: [TCP Query User{8C8DE8DD-ADEB-4EE4-9E64-AF3B421BFCD1}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
  310. FirewallRules: [UDP Query User{F6CE91B3-1EE0-442D-9E54-0B8AF6615C39}D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
  311. FirewallRules: [{88716973-7DBA-44E8-AC24-2B038BDA2F29}] => (Allow) D:\papapaka\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
  312. FirewallRules: [{516C2B55-6F91-4F37-962A-C7CAF8D967F3}] => (Allow) D:\papapaka\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
  313. FirewallRules: [TCP Query User{D7D7DA1A-0A7A-4363-9135-1E7B173E788A}D:\papapaka\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\papapaka\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
  314. FirewallRules: [UDP Query User{984FF1AB-8F78-4350-8051-6C5373B0BEB3}D:\papapaka\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\papapaka\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
  315. FirewallRules: [TCP Query User{CFA75E13-08C4-4D7F-B37B-9982F7641EEB}C:\users\user\desktop\smile dog\ethdcrminer64.exe] => (Allow) C:\users\user\desktop\smile dog\ethdcrminer64.exe => No File
  316. FirewallRules: [UDP Query User{7E5266C0-1F94-4FAA-9B51-41F90D263320}C:\users\user\desktop\smile dog\ethdcrminer64.exe] => (Allow) C:\users\user\desktop\smile dog\ethdcrminer64.exe => No File
  317. FirewallRules: [TCP Query User{DDFC96CB-3A63-4F5D-AF80-9D88ADD9BC5C}C:\users\user\desktop\mining\ethdcrminer64.exe] => (Allow) C:\users\user\desktop\mining\ethdcrminer64.exe => No File
  318. FirewallRules: [UDP Query User{EC3DA5E9-7862-45CA-BA1E-6DA96DD8D414}C:\users\user\desktop\mining\ethdcrminer64.exe] => (Allow) C:\users\user\desktop\mining\ethdcrminer64.exe => No File
  319. FirewallRules: [TCP Query User{27CB68AF-722F-4D7B-8F4A-FECC072BE567}C:\program files\windowsapps\spotifyab.spotifymusic_1.112.449.0_x86__zpdnekdrzrea0\spotify.exe] => (Block) C:\program files\windowsapps\spotifyab.spotifymusic_1.112.449.0_x86__zpdnekdrzrea0\spotify.exe => No File
  320. FirewallRules: [UDP Query User{22317F48-0639-43D3-96AD-B141CC33B79C}C:\program files\windowsapps\spotifyab.spotifymusic_1.112.449.0_x86__zpdnekdrzrea0\spotify.exe] => (Block) C:\program files\windowsapps\spotifyab.spotifymusic_1.112.449.0_x86__zpdnekdrzrea0\spotify.exe => No File
  321. FirewallRules: [TCP Query User{F25018E5-EAE7-4BB0-B1AC-3DD066E7E6B1}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
  322. FirewallRules: [UDP Query User{3A4AB95F-7DB8-45BE-B37B-82F2AE865DD3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
  323. FirewallRules: [{9D48979E-62F3-45BE-8A1A-4E08A4C72864}] => (Allow) D:\papapaka\Steam.exe (Valve -> Valve Corporation)
  324. FirewallRules: [{4B4C2519-7D32-444A-9AB0-391102D27751}] => (Allow) D:\papapaka\Steam.exe (Valve -> Valve Corporation)
  325. FirewallRules: [{EE2E22C6-C427-4DD0-B858-5B6500D4C348}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
  326. FirewallRules: [{B2AA2CF9-E5D8-49E6-86D0-4046B893F0E9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
  327. FirewallRules: [{0E7022FD-040A-4261-827F-441DACAAE433}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
  328. FirewallRules: [{79F25546-A837-4B91-B619-CD2E253A3375}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
  329. FirewallRules: [TCP Query User{8623FEF9-E457-4F84-AA92-C2419E1EBC94}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
  330. FirewallRules: [UDP Query User{7F82CC06-E4C6-40A1-A226-516CC3C238E2}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
  331. FirewallRules: [TCP Query User{9D57E8C4-6696-48C1-9CF3-123E37DBA3F7}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
  332. FirewallRules: [UDP Query User{02DDF0DE-E765-4B12-9985-8A4F7D470D04}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe => No File
  333. FirewallRules: [TCP Query User{6ABDBE2A-C89E-43E9-BD51-2AB3FC0ED774}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe (Sony Creative Software Inc -> Sony Creative Software Inc.) [File not signed]
  334. FirewallRules: [UDP Query User{5EE1E832-F745-43E7-AB98-EFD28018C463}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe (Sony Creative Software Inc -> Sony Creative Software Inc.) [File not signed]
  335. FirewallRules: [TCP Query User{2373BD20-F059-4290-A4EE-698725450C43}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
  336. FirewallRules: [UDP Query User{ACD62026-A31F-4907-96A8-B21004DE6D8B}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
  337. FirewallRules: [TCP Query User{3C91DE98-18CF-484D-A7E7-80A6956CFF8A}D:\bungee\downloads\anydesk (1).exe] => (Allow) D:\bungee\downloads\anydesk (1).exe => No File
  338. FirewallRules: [UDP Query User{FAAAF2D8-F273-44E7-A5A9-DE8289E0F3C3}D:\bungee\downloads\anydesk (1).exe] => (Allow) D:\bungee\downloads\anydesk (1).exe => No File
  339. FirewallRules: [TCP Query User{EF8620E6-7535-4B98-BB1E-5748B0696494}D:\bungee\downloads\anydesk (3).exe] => (Allow) D:\bungee\downloads\anydesk (3).exe => No File
  340. FirewallRules: [UDP Query User{BE24CADF-C3B1-4EA9-AF4F-33590F5809F3}D:\bungee\downloads\anydesk (3).exe] => (Allow) D:\bungee\downloads\anydesk (3).exe => No File
  341. FirewallRules: [{DB142FB6-F3D2-483B-8A64-4B406418000F}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
  342. FirewallRules: [{7F32791B-3E29-4941-8056-0E298336BE97}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\PortableWiFi.exe (D-Link Corporation -> D-Link Corp.)
  343. FirewallRules: [{61D1F8DA-E675-49BF-B9A0-4E2C1257EAA4}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\PortableWiFi.exe (D-Link Corporation -> D-Link Corp.)
  344. FirewallRules: [{074CFA1A-C72F-4D88-9A14-007D217CB5BD}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
  345. FirewallRules: [TCP Query User{D16B49CA-C918-412B-B230-DC1CC1B28192}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
  346. FirewallRules: [UDP Query User{77E33E57-9434-4A4A-991B-750FD45D9BB4}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
  347. FirewallRules: [TCP Query User{9F321557-4F54-433D-B2A9-0627BFD97CC6}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe (Sony Creative Software Inc -> Sony Creative Software Inc.) [File not signed]
  348. FirewallRules: [UDP Query User{404FA97F-3B37-4B84-9F20-BD22D9290DF2}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe (Sony Creative Software Inc -> Sony Creative Software Inc.) [File not signed]
  349. FirewallRules: [TCP Query User{65DA2BB4-9BEF-4A78-90EC-9265AF79802C}C:\riot games\league of legends (pbe)\game\league of legends.exe] => (Allow) C:\riot games\league of legends (pbe)\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
  350. FirewallRules: [UDP Query User{3AF79A8A-9430-44A6-98F7-4342ED291A8B}C:\riot games\league of legends (pbe)\game\league of legends.exe] => (Allow) C:\riot games\league of legends (pbe)\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
  351. FirewallRules: [TCP Query User{2FF95B88-5A57-4954-8824-0B8CFEE7CB44}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
  352. FirewallRules: [UDP Query User{BD13423B-CE57-41DA-A4FF-DD75C28CFFED}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
  353. FirewallRules: [{40F27692-946E-4099-B959-A7D8CAC7A5DB}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
  354. FirewallRules: [{EEFF05F1-B56A-434F-A42A-20E96FBE51C8}] => (Allow) C:\Program Files (x86)\D-Link\DWA-131 revE\IHV\PortableWiFi.exe (D-Link Corporation -> D-Link Corp.)
  355. FirewallRules: [TCP Query User{C044AB97-3B53-442D-AB61-1D3663B565A1}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
  356. FirewallRules: [UDP Query User{899B3FE8-3107-4C94-9118-621802436799}C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\user\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
  357. FirewallRules: [TCP Query User{8BA202F1-667B-476A-BFC5-B840A37BB3BE}C:\users\user\desktop\unreal tournament goty\system\unrealtournament.exe] => (Allow) C:\users\user\desktop\unreal tournament goty\system\unrealtournament.exe () [File not signed]
  358. FirewallRules: [UDP Query User{9F02F745-09FB-45F1-99D7-48F0ED72FE55}C:\users\user\desktop\unreal tournament goty\system\unrealtournament.exe] => (Allow) C:\users\user\desktop\unreal tournament goty\system\unrealtournament.exe () [File not signed]
  359. FirewallRules: [TCP Query User{FA9B17D4-C855-4377-8C8E-DB8FEBE159E0}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
  360. FirewallRules: [UDP Query User{3E14C25D-4F78-4BB4-B1DE-B6600401225E}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe => No File
  361. FirewallRules: [{87F9056E-6B25-4469-AE05-3001E8A6B9C1}] => (Allow) D:\papapaka\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
  362. FirewallRules: [{5774A043-A952-4C30-A911-2F8A17BBB45B}] => (Allow) D:\papapaka\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
  363. FirewallRules: [{70749FE4-2E18-4727-862D-443CC7A8B49B}] => (Allow) D:\papapaka\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
  364. FirewallRules: [{A12DAB03-C85F-4E85-A3D2-C72E3E941F0B}] => (Allow) D:\papapaka\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
  365. FirewallRules: [{26959A78-5317-4C94-BE7C-87383150D325}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
  366. FirewallRules: [TCP Query User{C0585502-E6AE-4DCA-9C1E-3103199E116F}C:\program files (x86)\common files\oracle\java\javapath_target_385676859\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_385676859\java.exe => No File
  367. FirewallRules: [UDP Query User{805D7666-3C99-483D-B0B8-D320D7600FD9}C:\program files (x86)\common files\oracle\java\javapath_target_385676859\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_385676859\java.exe => No File
  368. FirewallRules: [TCP Query User{4059F54D-FFB4-4E55-8AE1-595919327B1B}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
  369. FirewallRules: [UDP Query User{7DBED780-01BE-4DD6-A7BF-145FC43C3B9A}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
  370. FirewallRules: [TCP Query User{51ADD5FD-A034-474C-9598-6091DC1666BD}C:\program files\vegas\vegas pro 15.0\vegas150.exe] => (Allow) C:\program files\vegas\vegas pro 15.0\vegas150.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) [File not signed]
  371. FirewallRules: [UDP Query User{31692B15-D6B1-46B3-94E8-6CDF1A5B54A1}C:\program files\vegas\vegas pro 15.0\vegas150.exe] => (Allow) C:\program files\vegas\vegas pro 15.0\vegas150.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) [File not signed]
  372. FirewallRules: [{AFEF74A2-A1FB-46BD-8544-F74BC26EE98C}] => (Block) C:\program files\vegas\vegas pro 15.0\vegas150.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) [File not signed]
  373. FirewallRules: [{76A1D1DD-73BE-4506-BCEE-86818F165BA6}] => (Block) C:\program files\vegas\vegas pro 15.0\vegas150.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) [File not signed]
  374. FirewallRules: [{AB42A75B-4545-482F-B78B-251B54CBAAD9}] => (Allow) D:\papapaka\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
  375. FirewallRules: [{50E9BAD9-05F0-4704-85F1-A73BB0563C7C}] => (Allow) D:\papapaka\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
  376. FirewallRules: [TCP Query User{89E1F0CE-DF34-4C27-B860-42436EDBB884}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
  377. FirewallRules: [UDP Query User{50B42939-AE12-48B8-B99A-C2D0F639E07F}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
  378. FirewallRules: [TCP Query User{BF6D4A31-E307-47B1-A2BD-AC9609068BFD}D:\bungee\downloads\anydesk (4).exe] => (Allow) D:\bungee\downloads\anydesk (4).exe => No File
  379. FirewallRules: [UDP Query User{C464E3BE-1A4B-421B-AB86-954C572B004B}D:\bungee\downloads\anydesk (4).exe] => (Allow) D:\bungee\downloads\anydesk (4).exe => No File
  380. FirewallRules: [{6B585B0F-7EF0-4B11-BFFB-27693E4D3C5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
  381. FirewallRules: [{5F09E175-FB28-483E-BD37-63D13995D041}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
  382. FirewallRules: [{F34F7823-7584-48CD-B986-D1435B6F2740}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
  383. FirewallRules: [{01D5A222-E9A2-44CC-8E23-E6D1280AD7D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
  384. FirewallRules: [{DDD82C22-DDF6-4D90-80A9-410CEF28A55F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
  385. FirewallRules: [{97901879-45F1-442E-BC4C-9C5866238E46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
  386. FirewallRules: [{EA57DCB4-3227-42DF-A1D0-B3E837CC61B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
  387. FirewallRules: [{8F14D72E-6178-42AC-B011-4DA71C5CE11E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
  388. FirewallRules: [{B409B2FD-0C74-4E07-83FB-5F94A598C05E}] => (Allow) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  389. FirewallRules: [{EC259A93-AE0A-4ECA-B9C0-FC35D72ED652}] => (Allow) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  390. FirewallRules: [{FD616DA7-45FA-499A-903E-E23A5C540EB9}] => (Allow) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  391. FirewallRules: [{5845E77E-8A1C-4242-93E0-6F5ACF2A39E1}] => (Allow) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  392. FirewallRules: [{10DA3C0E-BAE3-462A-9522-051080DA9B59}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  393. FirewallRules: [{D937DC45-231C-4737-A2ED-EBEE53EE65D5}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  394. FirewallRules: [{CEF7F28C-9FED-496B-BC3F-5C5DE674546E}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  395. FirewallRules: [{DDF6ABEC-22A1-4B5D-AAA8-204CCE0DAFC1}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  396. FirewallRules: [{4C935BFF-A24F-48AE-A485-DDB95C488172}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  397. FirewallRules: [{E619FE21-32D5-4992-B292-C997760C190E}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  398. FirewallRules: [{CA2EB43B-31BA-4498-B665-0582F396D61E}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  399. FirewallRules: [{FA85DBD1-582D-48CD-81AF-33B310D701A2}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
  400. FirewallRules: [{A8F38647-A87D-467C-9D41-7BA9231A13BB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
  401. FirewallRules: [{E78062B1-50F6-4B53-A701-C559E69DD5B6}] => (Allow) C:\Users\User\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe => No File
  402. FirewallRules: [TCP Query User{7B925B99-0D28-4022-8E66-776AEF5DCE63}C:\program files (x86)\common files\oracle\java\javapath_target_259945828\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_259945828\java.exe
  403. FirewallRules: [UDP Query User{7EB85872-AD9A-47D9-9D7F-8BE592CBAEE4}C:\program files (x86)\common files\oracle\java\javapath_target_259945828\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_259945828\java.exe
  404. FirewallRules: [TCP Query User{9699CEF4-8AAF-4E9B-AA4F-A7853426C74B}C:\alphaantileak\aal\bin\server\alphaantileak.exe] => (Allow) C:\alphaantileak\aal\bin\server\alphaantileak.exe (Constantin Schreiber -> )
  405. FirewallRules: [UDP Query User{BA883867-AA4F-4341-8090-DB357E363969}C:\alphaantileak\aal\bin\server\alphaantileak.exe] => (Allow) C:\alphaantileak\aal\bin\server\alphaantileak.exe (Constantin Schreiber -> )
  406. FirewallRules: [{2EC07C0F-3B0E-478E-8AD2-119E9FA3D508}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
  407. FirewallRules: [TCP Query User{B90B07E3-25A0-4B23-80A2-B5BF99DAD0E3}D:\documents\cosmicclient-x64\jre64\bin\javaw.exe] => (Allow) D:\documents\cosmicclient-x64\jre64\bin\javaw.exe
  408. FirewallRules: [UDP Query User{22F1052C-1091-4BE2-A6E9-2BC45DFCF300}D:\documents\cosmicclient-x64\jre64\bin\javaw.exe] => (Allow) D:\documents\cosmicclient-x64\jre64\bin\javaw.exe
  409. FirewallRules: [TCP Query User{D265CA3C-B0DE-4317-AC9B-B0B9DD929731}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
  410. FirewallRules: [UDP Query User{40FD19A1-0288-475E-9694-70578E2063F6}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
  411. FirewallRules: [{5C5B89E2-ECDA-4B71-A530-2F80048AAEF6}] => (Allow) C:\Users\User\AppData\Local\Programs\Opera\68.0.3618.173\opera.exe => No File
  412.  
  413. ==================== Restore Points =========================
  414.  
  415. 23-06-2020 13:53:28 Scheduled Checkpoint
  416.  
  417. ==================== Faulty Device Manager Devices ============
  418.  
  419.  
  420. ==================== Event log errors: ========================
  421.  
  422. Application errors:
  423. ==================
  424. Error: (06/23/2020 03:53:10 PM) (Source: ESENT) (EventID: 455) (User: )
  425. Description: svchost (18820,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
  426.  
  427. Error: (06/23/2020 03:53:00 PM) (Source: ESENT) (EventID: 467) (User: )
  428. Description: svchost (3400,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AutoIncIdIndex of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA86} is corrupted (0).
  429.  
  430. Error: (06/23/2020 03:33:42 PM) (Source: ESENT) (EventID: 455) (User: )
  431. Description: svchost (19280,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
  432.  
  433. Error: (06/23/2020 03:24:00 PM) (Source: ESENT) (EventID: 467) (User: )
  434. Description: svchost (3400,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AutoIncIdIndex of table {D10CA2FE-6FCF-4F6D-848E-B2E99266FA86} is corrupted (0).
  435.  
  436. Error: (06/23/2020 02:56:29 PM) (Source: ESENT) (EventID: 455) (User: )
  437. Description: svchost (13212,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
  438.  
  439. Error: (06/23/2020 01:57:46 PM) (Source: ESENT) (EventID: 455) (User: )
  440. Description: svchost (12536,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
  441.  
  442. Error: (06/23/2020 01:54:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
  443. Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
  444.  
  445. Details:
  446. AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed
  447.  
  448. System Error:
  449. The system cannot find the file specified.
  450. .
  451.  
  452. Error: (06/23/2020 01:54:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
  453. Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
  454.  
  455. Details:
  456. AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed
  457.  
  458. System Error:
  459. The system cannot find the file specified.
  460. .
  461.  
  462.  
  463. System errors:
  464. =============
  465. Error: (06/23/2020 09:18:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
  466. Description: The Bitdefender Virus Shield service terminated unexpectedly. It has done this 1 time(s).
  467.  
  468. Error: (06/23/2020 07:43:00 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
  469. Description: The Update Orchestrator Service service hung on starting.
  470.  
  471. Error: (06/23/2020 07:37:55 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
  472. Description: WLAN Extensibility Module has failed to start.
  473.  
  474. Module Path: C:\WINDOWS\system32\Rtlihvs.dll
  475. Error Code: 126
  476.  
  477. Error: (06/21/2020 03:16:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EF75065)
  478. Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
  479.  
  480. Error: (06/21/2020 03:16:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EF75065)
  481. Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
  482.  
  483. Error: (06/20/2020 12:53:21 PM) (Source: volsnap) (EventID: 36) (User: )
  484. Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
  485.  
  486. Error: (06/20/2020 12:24:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
  487. Description: The Windows Search service failed to start due to the following error:
  488. The service did not respond to the start or control request in a timely fashion.
  489.  
  490. Error: (06/20/2020 12:24:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
  491. Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
  492.  
  493.  
  494. Windows Defender:
  495. ===================================
  496. Date: 2020-05-31 18:46:22.044
  497. Description:
  498. Windows Defender Antivirus scan has been stopped before completion.
  499. Scan ID: {BB273703-CE27-4571-865B-661BD0F46539}
  500. Scan Type: Antimalware
  501. Scan Parameters: Quick Scan
  502.  
  503. Date: 2020-05-31 18:38:02.708
  504. Description:
  505. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  506. For more information please see the following:
  507. https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
  508. Name: HackTool:Win64/AutoKMS
  509. ID: 2147723334
  510. Severity: Високо
  511. Category: Инструмент
  512. Path: containerfile:_C:\Program Files\KMSpico\Service_KMS.exe; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.dll]; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.exe]; file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe; process:_pid:4564,ProcessStart:132354124426772785; service:_Service KMSELDI
  513. Detection Origin: Local machine
  514. Detection Type: Concrete
  515. Detection Source: Real-Time Protection
  516. Process Name: C:\Program Files\KMSpico\Service_KMS.exe
  517. Security intelligence Version: AV: 1.317.333.0, AS: 1.317.333.0, NIS: 1.317.333.0
  518. Engine Version: AM: 1.1.17100.2, NIS: 1.1.17100.2
  519.  
  520. Date: 2020-05-31 18:37:40.277
  521. Description:
  522. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  523. For more information please see the following:
  524. https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
  525. Name: HackTool:Win64/AutoKMS
  526. ID: 2147723334
  527. Severity: Високо
  528. Category: Инструмент
  529. Path: containerfile:_C:\Program Files\KMSpico\Service_KMS.exe; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.dll]; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.exe]; file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
  530. Detection Origin: Local machine
  531. Detection Type: Concrete
  532. Detection Source: Real-Time Protection
  533. Process Name: C:\Program Files\KMSpico\Service_KMS.exe
  534. Security intelligence Version: AV: 1.317.333.0, AS: 1.317.333.0, NIS: 1.317.333.0
  535. Engine Version: AM: 1.1.17100.2, NIS: 1.1.17100.2
  536.  
  537. Date: 2020-05-31 18:37:38.621
  538. Description:
  539. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  540. For more information please see the following:
  541. https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
  542. Name: HackTool:Win64/AutoKMS
  543. ID: 2147723334
  544. Severity: Високо
  545. Category: Инструмент
  546. Path: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
  547. Detection Origin: Local machine
  548. Detection Type: Concrete
  549. Detection Source: Real-Time Protection
  550. Process Name: C:\Program Files\KMSpico\Service_KMS.exe
  551. Security intelligence Version: AV: 1.317.333.0, AS: 1.317.333.0, NIS: 1.317.333.0
  552. Engine Version: AM: 1.1.17100.2, NIS: 1.1.17100.2
  553.  
  554. Date: 2020-05-31 18:37:38.592
  555. Description:
  556. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  557. For more information please see the following:
  558. https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
  559. Name: HackTool:Win64/AutoKMS
  560. ID: 2147723334
  561. Severity: Високо
  562. Category: Инструмент
  563. Path: file:_C:\Windows\SECOH-QAD.dll
  564. Detection Origin: Local machine
  565. Detection Type: Concrete
  566. Detection Source: Real-Time Protection
  567. Process Name: C:\Program Files\KMSpico\Service_KMS.exe
  568. Security intelligence Version: AV: 1.317.333.0, AS: 1.317.333.0, NIS: 1.317.333.0
  569. Engine Version: AM: 1.1.17100.2, NIS: 1.1.17100.2
  570.  
  571. Date: 2020-05-13 21:01:45.041
  572. Description:
  573. Windows Defender Antivirus has encountered an error trying to update security intelligence.
  574. New security intelligence Version:
  575. Previous security intelligence Version: 1.315.568.0
  576. Update Source: Microsoft Update Server
  577. Security intelligence Type: AntiVirus
  578. Update Type: Full
  579. Current Engine Version:
  580. Previous Engine Version: 1.1.17000.7
  581. Error code: 0x80240438
  582. Error description: Възникна неочакван проблем при проверка за актуализации. За информация относно инсталирането или отстраняването на неизправности на актуализации вж. "Помощ и поддръжка".
  583.  
  584. CodeIntegrity:
  585. ===================================
  586.  
  587. Date: 2020-06-23 15:57:52.128
  588. Description:
  589. Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
  590.  
  591. Date: 2020-06-23 15:57:26.931
  592. Description:
  593. Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
  594.  
  595. Date: 2020-06-23 15:57:26.105
  596. Description:
  597. Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
  598.  
  599. Date: 2020-06-23 15:57:24.850
  600. Description:
  601. Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
  602.  
  603. Date: 2020-06-23 15:57:23.641
  604. Description:
  605. Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
  606.  
  607. Date: 2020-06-23 15:57:22.592
  608. Description:
  609. Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
  610.  
  611. Date: 2020-06-23 15:57:22.080
  612. Description:
  613. Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
  614.  
  615. Date: 2020-06-23 15:57:17.008
  616. Description:
  617. Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
  618.  
  619. ==================== Memory info ===========================
  620.  
  621. BIOS: American Megatrends Inc. P7.10 11/30/2016
  622. Motherboard: ASRock B150M Pro4
  623. Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
  624. Percentage of memory in use: 77%
  625. Total physical RAM: 8125.6 MB
  626. Available physical RAM: 1820.57 MB
  627. Total Virtual: 25533.6 MB
  628. Available Virtual: 13066.67 MB
  629.  
  630. ==================== Drives ================================
  631.  
  632. Drive c: () (Fixed) (Total:242.82 GB) (Free:21.9 GB) NTFS
  633. Drive d: () (Fixed) (Total:687.37 GB) (Free:63.7 GB) NTFS
  634.  
  635. \\?\Volume{4b4e1c60-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
  636. \\?\Volume{4b4e1c60-0000-0000-0000-00d43c000000}\ () (Fixed) (Total:0.83 GB) (Free:0.41 GB) NTFS
  637.  
  638. ==================== MBR & Partition Table ====================
  639.  
  640. ==========================================================
  641. Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4B4E1C60)
  642. Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
  643. Partition 2: (Not Active) - (Size=242.8 GB) - (Type=07 NTFS)
  644. Partition 3: (Not Active) - (Size=847 MB) - (Type=27)
  645. Partition 4: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)
  646.  
  647. ==================== End of Addition.txt =======================
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!