MyCity » Ambulanta » Kasperski mi je pronasao 4 trojanca molim za pregled loga

Kasperski mi je pronasao 4 trojanca molim za pregled loga

Napisano na dan: 21.4.2025

Kasperski mi je pronasao 4 trojanca molim za pregled loga

Odgovori

krokodokodil Poslao: 21 Apr 2025 19:43 Idi na vrh
offline krokodokodil Građanin Pridružio: 18 Nov 2013 Poruke: 51 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025 Ran by WINDOWS 10 (administrator) on DESKTOP-JBCEDCK (21-04-2025 19:00:11) Running from C:\Users\WINDOWS 10\Desktop\FRST64.exe Loaded Profiles: WINDOWS 10 Platform: Microsoft Windows 10 Pro Version 22H2 19045.5737 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\avp.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\avpui.exe (C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (cmd.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\plugins_nms.exe (DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atieclxx.exe (explorer.exe ->) (Comfort Software Group -> Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10> (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (explorer.exe ->) (Viber Media S.a r.l. -> Viber Media S.Ã r.l.) C:\Users\WINDOWS 10\AppData\Local\Viber\Viber.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe (services.exe ->) (AI MEDIA LIMITED -> ) C:\Program Files\MobiGame\aeg_launcher.exe (services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\avp.exe <2> (services.exe ->) (Open Source Developer, Károly Dávid Pados -> Károly Pados) C:\Program Files (x86)\TinyWall\TinyWall.exe <2> (services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files\Microvirt\MEmu\MemuService.exe (services.exe ->) (Sophos BV -> Sophos B.V.) C:\Program Files\HitmanPro\hmpsched.exe (services.exe ->) (Tencent Technology(Shenzhen) Company Limited -> Tencent) C:\Program Files\txgameassistant\appmarket\QMEmulatorService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Tencent Technology(Shenzhen) Company Limited -> ) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2025-04-05] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45875504 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [MicrosoftEdgeAutoLaunch_89684F21A6BD3CCF47EF386417CDB5C6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37093392 2025-03-18] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4693088 2025-03-11] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [Discord] => C:\Users\WINDOWS 10\AppData\Local\Discord\Update.exe [1525024 2023-11-28] (Discord Inc. -> GitHub) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\WINDOWS 10\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2024-05-08] (Now.gg, INC -> now.gg, Inc.) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [Opera Browser Assistant] => C:\Users\WINDOWS 10\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3996064 2024-03-04] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [Mobigame Playstore] => C:\Program Files\MobiGame\playstore\playstore.exe [159264 2023-10-18] (AI MEDIA LIMITED -> ) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [Viber] => C:\Users\WINDOWS 10\AppData\Local\Viber\Viber.exe [101727064 2025-04-15] (Viber Media S.a r.l. -> Viber Media S.Ã r.l.) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [8539920 2025-01-09] (Comfort Software Group -> Comfort Software Group) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [CrosshairV2] => C:\Program Files\Epic Games\CrosshairV2QGIkt\Crosshair.exe [260608 2024-07-15] (Crosshair) [File not signed] HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [WingetUI] => C:\Program Files\UniGetUI\UniGetUI.exe [726672 2025-03-13] (Marti Climent Lopez -> ) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Run: [Ghostpress] => "C:\Ghostpress.exe" -autostart (No File) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\WINDOWS 10\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\WINDOWS 10\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [87794984 2025-04-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\RunOnce: [Uninstall 25.051.0317.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\WINDOWS 10\AppData\Local\Microsoft\OneDrive\25.051.0317.0003" [0 2025-04-21] () <==== ATTENTION [zero byte File/Folder] HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\MountPoints2: {9d395fcb-d4ce-11ea-8c26-a85e45b352cd} - "D:\AoE1_complete_setup.exe" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\MountPoints2: {fbb1ba75-1086-11ec-8c59-a85e45b352cd} - "D:\HiSuiteDownLoader.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\135.0.7049.96\Installer\chrmstp.exe [2025-04-17] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\135.1.77.100\Installer\chrmstp.exe [2025-04-16] (Brave Software, Inc. -> Brave Software, Inc.) IFEO\utilman.exe: [Debugger] GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {087E2A5B-364E-456E-8E6B-ABF04E2A896A} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2024-02-19] (Now.gg, INC -> BlueStack Systems, Inc.) Task: {68569D17-3ABA-4E3C-A8AB-5BB73641B255} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{AC0C9960-6F42-4AC1-B6CE-DF23DDEC279A} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-01-25] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {7A31F445-D02A-4F5C-8A26-678572249561} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{C3B3839C-AE9B-402C-B361-6D4C878208DA} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-01-25] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {847EFDFA-E0F2-4340-ABFE-A811BF001ACE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.) Task: {2C8D87DC-7E40-43ED-ADA1-C55F6E4B1409} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps\|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "20249cb4-2357-4238-95d8-37e98e0c6310" --version "6.34.0.11482" --silent Task: {9D3254E8-8E55-4FCE-B3EF-9F3DBE7D0804} - System32\Tasks\CCleanerSkipUAC - WINDOWS 10 => C:\Program Files\CCleaner\CCleaner.exe [39616304 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.) Task: {689CC7C7-66FB-4CCC-8553-D392C57359BB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\WINDOWS 10\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\esetonlinescanner_enu (1).exe LOGON (No File) Task: {6EC13A63-528A-4D52-93B8-7C98A0BDB7E4} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\WINDOWS 10\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\esetonlinescanner_enu (1).exe SCHED (No File) Task: {AEFB3013-0A8B-4DF1-8BF7-FB18A0D8B781} - System32\Tasks\Ghostpress_SkipUAC_32EE839D84718195D2D05C0E31B80723 => "C:\Ghostpress.exe" (No File) Task: {72522F75-A2F6-4118-9F99-4313C000905D} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7115.0{1B9BB05B-6E12-4F0C-A2C4-7D850D7020AE} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7115.0\updater.exe [7360096 2025-04-08] (Google LLC -> Google LLC) Task: {5836B102-DF5A-4A38-AF57-BA02DB1238E6} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{D887A16F-559D-4F2C-BEF6-9C4BCC2D4035} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC) Task: {32F22559-3FFA-44EF-92E0-9199E1CBC4FC} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky\upgrade_launcher.exe [728992 2025-01-24] (AO Kaspersky Lab -> AO Kaspersky Lab) Task: {80503BE2-0D57-4A7E-8CCE-FBF0EB48A284} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {7E5D1493-6A28-4706-B103-EC2BC6001C92} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {C091D53A-60DA-405E-84A4-61816F7C332A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {2A4F5A28-40C2-4537-85C7-0B6DCAA11718} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). Task: {EDBC8401-7970-4B63-A96E-30F815BFFB37} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3022971249-551779898-3356740188-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-04-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). Task: {5F0478A9-C96A-4A4E-B0B8-CDCABA06928A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-04-15] (Mozilla Corporation -> Mozilla Foundation) Task: {14D69A81-C6E9-41C1-8C8F-04681607553D} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3022971249-551779898-3356740188-1001 => C:\Users\WINDOWS 10\AppData\Local\Microsoft\OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-21] (Microsoft Corporation -> Microsoft Corporation) Task: {F3B07D3C-0B45-4A61-B867-F2BDAB277332} - System32\Tasks\Opera scheduled assistant Autoupdate 1601119536 => C:\Users\WINDOWS 10\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\WINDOWS 10\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {BC7A1AA0-049B-4F48-BB01-2E29568C362E} - System32\Tasks\Opera scheduled Autoupdate 1601119533 => C:\Users\WINDOWS 10\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5966232 2025-04-14] (Opera Norway AS -> Opera Software) Task: {A534A299-F810-46DD-8B85-3FE1CE10632C} - System32\Tasks\SoftwareInformerService => "C:\Program Files\Software Informer\softinfo.exe" -service (No File) Task: {35DAF3AC-77D1-4539-8597-F93EA7083005} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {580406F5-18C1-45AD-9381-9CF279083708} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {3256115D-DF1F-49F4-945B-99FFAF6DC639} - System32\Tasks\TabServiceScheduler => C:\Program Files (x86)\TabService\tabservicepack.exe (No File) Task: {C8488842-B09B-4EDF-A799-D6D4825D79C2} - System32\Tasks\TinyWall Controller => C:\Program Files (x86)\TinyWall\TinyWall.exe [1175200 2025-04-06] (Open Source Developer, Károly Dávid Pados -> Károly Pados) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6a7182f3-c901-42f1-9ef9-adb78c7f9e98}: [DhcpNameServer] 192.168.1.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\WINDOWS 10\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-18] Edge Extension: (Kaspersky Protection) - C:\Users\WINDOWS 10\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2025-01-25]hxxps://clients2.google.com/service/update2/crx Edge Extension: (Kaspersky Password Manager) - C:\Users\WINDOWS 10\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eolheccophlcbnkkbelcgminoojochgj [2025-02-25]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx Edge Extension: (Google Docs Offline) - C:\Users\WINDOWS 10\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-10]hxxps://clients2.google.com/service/update2/crx Edge Extension: (Edge relevant text changes) - C:\Users\WINDOWS 10\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-02]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx Edge HKU\S-1-5-21-3022971249-551779898-3356740188-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF DefaultProfile: p6q5y7mr.default FF ProfilePath: C:\Users\WINDOWS 10\AppData\Roaming\Mozilla\Firefox\Profiles\p6q5y7mr.default [2022-12-21] FF SearchPlugin: C:\Users\WINDOWS 10\AppData\Roaming\Mozilla\Firefox\Profiles\p6q5y7mr.default\searchplugins\AdTrustMediaComodo Dragon.xml [2020-07-21] FF ProfilePath: C:\Users\WINDOWS 10\AppData\Roaming\Mozilla\Firefox\Profiles\w52by4y7.default-release [2025-04-21] FF Homepage: Mozilla\Firefox\Profiles\w52by4y7.default-release -> [Link mogu videti samo ulogovani korisnici] FF Notifications: Mozilla\Firefox\Profiles\w52by4y7.default-release -> [Link mogu videti samo ulogovani korisnici] FF Extension: (Kaspersky Protection) - C:\Users\WINDOWS 10\AppData\Roaming\Mozilla\Firefox\Profiles\w52by4y7.default-release\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2025-01-24] FF Extension: (WOT Website Security & Privacy Protection) - C:\Users\WINDOWS 10\AppData\Roaming\Mozilla\Firefox\Profiles\w52by4y7.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2023-07-11] FF SearchPlugin: C:\Users\WINDOWS 10\AppData\Roaming\Mozilla\Firefox\Profiles\w52by4y7.default-release\searchplugins\AdTrustMediaComodo Dragon.xml [2020-06-05] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found FF Plugin: @java.com/DTPlugin,version=11.451.0 -> C:\Program Files\Java\jre1.8.0_451\bin\dtplugin\npDeployJava1.dll [2025-04-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.451.0 -> C:\Program Files\Java\jre1.8.0_451\bin\plugin2\npjp2.dll [2025-04-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [2024-12-04] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-12-22] <==== ATTENTION (Points to .cfg file) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-12-22] <==== ATTENTION Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Default [2025-04-21] CHR Notifications: Default -> [Link mogu videti samo ulogovani korisnici]* [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] CHR DefaultSearchURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms} CHR DefaultSearchKeyword: Default -> duckduckgo.com CHR DefaultNewTabURL: Default -> [Link mogu videti samo ulogovani korisnici] CHR DefaultSuggestURL: Default -> [Link mogu videti samo ulogovani korisnici]{searchTerms}&type=list CHR Extension: (Kaspersky Protection) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2025-01-25]hxxps://clients2.google.com/service/update2/crx CHR Extension: (WOT: Website Security & Safety Checker) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2025-03-23]hxxp://clients2.google.com/service/update2/crx CHR Extension: (DuckDuckGo) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2025-04-10]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Kaspersky Password Manager) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2025-01-29]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Chrome Web Store Payments) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-18]hxxps://clients2.google.com/service/update2/crx CHR Profile: C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-04-17] CHR Profile: C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-04-17] CHR Extension: (Torrent Scanner) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-23]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Kaspersky Protection) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-06-12]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Google Docs Offline) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-14]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Chrome Web Store Payments) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-08]hxxps://clients2.google.com/service/update2/crx CHR Profile: C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 5 [2025-04-17] CHR Extension: (Torrent Scanner) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-06-21]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Kaspersky Protection) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-06-21]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Google Docs Offline) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-21]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Chrome Web Store Payments) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-21]hxxps://clients2.google.com/service/update2/crx CHR Profile: C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 7 [2025-04-17] CHR Extension: (Torrent Scanner) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-09-14]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Kaspersky Protection) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2025-01-12]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Google Docs Offline) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-25]hxxps://clients2.google.com/service/update2/crx CHR Extension: (Chrome Web Store Payments) - C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-09-14]hxxps://clients2.google.com/service/update2/crx CHR Profile: C:\Users\WINDOWS 10\AppData\Local\Google\Chrome\User Data\System Profile [2025-04-21] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - [Link mogu videti samo ulogovani korisnici] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - [Link mogu videti samo ulogovani korisnici] Opera: ======= OPR DefaultProfile: Default Brave: ======= BRA Profile: C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-04-17] BRA Extension: (Torrent Scanner) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-03-02]hxxps://clients2.google.com/service/update2/crx BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-01-29] BRA Extension: (Brave Local Data Files Updater) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-01-29] BRA Extension: (Brave NTP background images) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-11-10] BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-01-29] BRA Extension: (Wallet Data Files Updater) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-12-29] BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-01-29] BRA Extension: (Brave NTP sponsored images) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2025-01-29] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-01-26] BRA Extension: (Brave Ads Resources) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\iblokdlgekdjophgeonmanpnjihcjkjj [2025-01-29] BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-01-29] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2025-01-26] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\WINDOWS 10\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-12-29] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AegLauncher; C:\Program Files\MobiGame\aeg_launcher.exe [7199264 2023-10-18] (AI MEDIA LIMITED -> ) R2 AVP21.20; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\avp.exe [32008 2025-01-18] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2025-01-18] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-01-25] (Brave Software, Inc. -> BraveSoftware Inc.) S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\135.1.77.100\elevation_service.exe [3512848 2025-04-16] (Brave Software, Inc. -> Brave Software, Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-01-25] (Brave Software, Inc. -> BraveSoftware Inc.) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2024-11-23] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [965872 2024-11-22] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3064848 2025-03-18] (Epic Games Inc. -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-12-30] (Epic Games Inc. -> Epic Games, Inc.) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2433528 2024-04-11] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [154920 2025-03-21] (Sophos BV -> Sophos B.V.) S3 klvssbridge64_21.20; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\x64\vssbridge64.exe [301472 2025-01-18] (AO Kaspersky Lab -> AO Kaspersky Lab) S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123304 2025-03-21] (The Document Foundation -> The Document Foundation) R2 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> ) S3 MobiGameUpdater; C:\Program Files\MobiGame\MobiGameUpdater.exe [604704 2023-10-18] (AI MEDIA LIMITED -> ) R2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [244680 2021-11-25] (Tencent Technology(Shenzhen) Company Limited -> Tencent) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2025-03-29] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TinyWall; C:\Program Files (x86)\TinyWall\TinyWall.exe [1175200 2025-04-06] (Open Source Developer, Károly Dávid Pados -> Károly Pados) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-03-20] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-03-20] (Microsoft Windows Publisher -> Microsoft Corporation) S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aow_drv; C:\Program Files\TxGameAssistant\UI\3.21.5080.80\aow_drv_x64_ev.sys [1415304 2024-02-20] (Tencent Technology (Shenzhen) Company Limited -> Tencent) R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [394176 2024-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed] R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [226784 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-08-11] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-08-11] (AVB Disc Soft, SIA -> Disc Soft Ltd) S4 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupdisk.K4W-21-20; C:\WINDOWS\system32\DRIVERS\K4W-21-20\klbackupdisk.sys [93232 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S4 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupflt.K4W-21-20; C:\WINDOWS\System32\DRIVERS\K4W-21-20\klbackupflt.sys [253976 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S4 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk.K4W-21-20; C:\WINDOWS\system32\DRIVERS\K4W-21-20\kldisk.sys [109088 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [48776 2025-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) S4 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klflt.K4W-21-20; C:\WINDOWS\system32\DRIVERS\K4W-21-20\klflt.sys [712768 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S4 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [717448 2022-11-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse.K4W-21-20; C:\WINDOWS\System32\DRIVERS\K4W-21-20\klgse.sys [857432 2025-04-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S4 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1729160 2022-11-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klhk.K4W-21-20; C:\WINDOWS\system32\DRIVERS\K4W-21-20\klhk.sys [2256208 2025-04-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids.K4W-21-20; C:\ProgramData\Kaspersky Lab\AVP21.20\Bases\klids.sys [236024 2025-02-19] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF.K4W-21-20; C:\WINDOWS\System32\DRIVERS\K4W-21-20\klif.sys [1434176 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90144 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klkbdflt.K4W-21-20; C:\WINDOWS\system32\DRIVERS\K4W-21-20\klkbdflt.sys [97744 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klmouflt.K4W-21-20; C:\WINDOWS\system32\DRIVERS\K4W-21-20\klmouflt.sys [103752 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S4 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd.K4W-21-20; C:\WINDOWS\System32\DRIVERS\K4W-21-20\klpd.sys [59944 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt.K4W-21-20; C:\WINDOWS\system32\DRIVERS\K4W-21-20\klpnpflt.sys [86568 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_K4W-21-20_arkmon; C:\WINDOWS\System32\Drivers\klupd_K4W-21-20_arkmon.sys [400152 2025-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_K4W-21-20_klark; C:\WINDOWS\System32\Drivers\klupd_K4W-21-20_klark.sys [364056 2025-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_K4W-21-20_klbg; C:\WINDOWS\System32\Drivers\klupd_K4W-21-20_klbg.sys [204440 2025-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_K4W-21-20_mark; C:\WINDOWS\System32\Drivers\klupd_K4W-21-20_mark.sys [266432 2025-03-07] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp.K4W-21-20; C:\WINDOWS\system32\DRIVERS\K4W-21-20\klwtp.sys [550936 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S4 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps.K4W-21-20; C:\WINDOWS\system32\DRIVERS\K4W-21-20\kneps.sys [385048 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2024-02-24] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation) R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) R1 MobiVBoxDrv; C:\Program Files\MobiGame\player\MobiVBoxDrv.sys [314688 2023-10-02] (Iron Entertainment Inc. -> Oracle Corporation) S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 storahciz; C:\WINDOWS\System32\DRIVERS\T17A9.SYS [187240 2023-02-26] (Microsoft Windows -> Microsoft Corporation) R1 TBoxDrv; C:\Program Files\AndroidTbox\TBoxDrv.sys [291912 2024-02-22] (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-03-20] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-03-20] (Microsoft Windows -> Microsoft Corporation) S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X] S1 epp; \??\C:\EEK\bin64\epp.sys [X] U3 iswSvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2025-04-21 19:00 - 2025-04-21 19:00 - 000040995 _____ C:\Users\WINDOWS 10\Desktop\FRST.txt 2025-04-21 18:58 - 2025-04-21 18:26 - 002404864 _____ (Farbar) C:\Users\WINDOWS 10\Desktop\FRST64.exe 2025-04-21 18:26 - 2025-04-21 18:26 - 002404864 _____ (Farbar) C:\Users\WINDOWS 10\Downloads\FRST64.exe 2025-04-20 04:31 - 2025-04-20 04:31 - 000003136 _____ C:\WINDOWS\system32\Tasks\Ghostpress_SkipUAC_32EE839D84718195D2D05C0E31B80723 2025-04-20 04:28 - 2025-04-20 04:28 - 007698932 _____ C:\Users\WINDOWS 10\Downloads\Ghostpress.zip 2025-04-18 20:49 - 2025-04-19 13:02 - 000001376 _____ C:\WINDOWS\ntbtlog.txt 2025-04-18 03:28 - 2025-04-18 03:29 - 000000000 ____D C:\Users\WINDOWS 10\Downloads\MobLand 2025-04-18 00:31 - 2025-04-18 00:31 - 036996243 _____ C:\Users\WINDOWS 10\Desktop\Your computer is logging this.mp4 2025-04-18 00:29 - 2025-04-18 00:29 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Local\ClipGrab 2025-04-17 19:45 - 2025-04-17 19:47 - 004487136 ____H C:\Users\WINDOWS 10\Downloads\.61cdc85bb6330327585b7cb979d9b339a6558014.parts 2025-04-17 16:06 - 2025-04-17 16:06 - 000003212 _____ C:\WINDOWS\system32\Tasks\TabServiceScheduler 2025-04-17 05:27 - 2025-04-17 05:27 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Roaming\Sun 2025-04-17 05:27 - 2025-04-17 05:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2025-04-17 05:27 - 2025-04-17 05:27 - 000000000 ____D C:\Program Files\Java 2025-04-17 05:27 - 2025-04-05 03:39 - 000213120 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2025-04-15 19:01 - 2025-04-15 19:01 - 000001088 _____ C:\Users\Public\Desktop\BleachBit.lnk 2025-04-15 19:01 - 2025-04-15 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BleachBit 2025-04-15 18:56 - 2025-04-16 19:38 - 000000000 ____D C:\Program Files (x86)\HotAlarmClock 2025-04-15 18:55 - 2025-04-15 18:55 - 000001370 _____ C:\Users\WINDOWS 10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2025-04-15 18:55 - 2025-04-15 18:55 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Local\PCHealthCheck 2025-04-15 18:51 - 2025-04-15 18:51 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Roaming\NuGet 2025-04-15 18:48 - 2025-04-15 18:48 - 000000859 _____ C:\ProgramData\Microsoft\Windows\Start Menu\UniGetUI.lnk 2025-04-15 18:48 - 2025-04-15 18:48 - 000000853 _____ C:\Users\Public\Desktop\UniGetUI.lnk 2025-04-15 18:44 - 2025-04-18 15:42 - 000000000 ____D C:\Program Files\UniGetUI 2025-04-15 18:44 - 2025-04-15 18:51 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Local\UniGetUI 2025-04-15 18:44 - 2025-04-15 18:44 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Local\PackageManagement 2025-04-15 18:44 - 2025-04-15 18:44 - 000000000 ____D C:\Program Files\PackageManagement 2025-04-15 17:03 - 2025-04-16 19:38 - 000000000 ____D C:\Program Files\Mozilla Firefox 2025-04-14 18:54 - 2025-04-14 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2025-04-14 18:54 - 2025-04-14 18:54 - 000000000 ____D C:\Program Files\qBittorrent 2025-04-14 18:51 - 2025-04-14 18:51 - 000529408 ____H C:\Users\WINDOWS 10\Downloads\.1e07306d36a6bebf3d68ac144847397db67a99f5.parts 2025-04-13 16:44 - 2025-04-13 16:45 - 001959572 ____H C:\Users\WINDOWS 10\Downloads\.425ea1ee72e212383c86aef6fbc0af7e03cb8603.parts 2025-04-13 16:43 - 2025-04-13 16:43 - 000000000 ____D C:\Users\WINDOWS 10\Downloads\The Alto Knights (2025) [1080p] [WEBRip] [5.1] [YTS.MX] 2025-04-12 20:37 - 2025-04-12 20:38 - 008391680 ____H C:\Users\WINDOWS 10\Downloads\.42f904dcbbdb68573f9ca26e6715d5497bb9e1b2.parts 2025-04-12 20:36 - 2025-04-12 20:36 - 000140965 _____ C:\Users\WINDOWS 10\Downloads\401334-black.bag.1080p.amzn.web-dl.ddp5.1.h.264-apex.zip 2025-04-12 20:35 - 2025-04-12 20:40 - 000000000 ____D C:\Users\WINDOWS 10\Downloads\Black.Bag.2025.1080p.WEB.H264-ThoughtfulOliveMayflyOfMaturity 2025-04-12 18:19 - 2025-04-12 18:19 - 000000000 ____D C:\Users\WINDOWS 10\Downloads\The.Wheel.of.Time.S01E01 2025-04-12 17:29 - 2025-04-12 18:19 - 000011713 _____ C:\Users\WINDOWS 10\Downloads\338008-tocak_vremena_s01e01.zip 2025-04-10 19:04 - 2025-04-10 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TinyWall 2025-04-09 17:51 - 2025-04-09 17:57 - 000000000 ____D C:\Users\WINDOWS 10\Downloads\Dark.Winds.S01.COMPLETE.720p.AMZN.WEBRip.x264-GalaxyTV[TGx] 2025-04-09 17:37 - 2025-04-09 17:37 - 000000000 ____D C:\inetpub 2025-04-09 15:55 - 2025-04-09 15:55 - 000000000 ___HD C:\$WinREAgent 2025-04-04 17:19 - 2025-04-04 17:19 - 000032080 _____ C:\Users\WINDOWS 10\Desktop\SystemSettings.rar 2025-04-04 14:45 - 2025-04-04 14:45 - 000079990 _____ C:\Users\WINDOWS 10\Desktop\QMEmulatorService.rar 2025-04-04 05:29 - 2025-04-04 05:30 - 000000011 _____ C:\Users\WINDOWS 10\Desktop\odsustvo.txt 2025-04-03 21:36 - 2025-04-04 04:35 - 000000050 _____ C:\Users\WINDOWS 10\Desktop\virusi.txt 2025-04-02 20:22 - 2025-04-02 20:23 - 000000000 ____D C:\Users\WINDOWS 10\Downloads\Adolescence 2025-04-02 19:25 - 2025-04-02 19:25 - 015616451 ____H C:\Users\WINDOWS 10\Downloads\.09e01e5be24a8ce4f867515fa6d57a9dcfd424eb.parts 2025-04-02 19:23 - 2025-04-02 19:25 - 010745026 ____H C:\Users\WINDOWS 10\Downloads\.4863dadbfeba27479b6fd5c80040c027e18838be.parts 2025-04-02 19:21 - 2025-04-02 19:26 - 013262401 ____H C:\Users\WINDOWS 10\Downloads\.6601f9e92ae4412f89a2e3e1df6f005bf8f0649e.parts 2025-04-02 19:21 - 2025-04-02 19:23 - 011395157 ____H C:\Users\WINDOWS 10\Downloads\.aa2e35f745a0ab15898285cbdbdaafa33aa1989e.parts 2025-04-01 16:42 - 2025-04-01 17:04 - 000000000 ____D C:\Users\WINDOWS 10\Downloads\Kingsman.The.Golden.Circle.2017.1080p.10bit.BluRay.8CH.x265.HEVC-PSA 2025-04-01 16:42 - 2025-04-01 16:45 - 022159370 ____H C:\Users\WINDOWS 10\Downloads\.057f87b969201563b136a057f3e2360540e5c58b.parts 2025-04-01 16:42 - 2025-04-01 16:42 - 000038387 _____ C:\Users\WINDOWS 10\Downloads\265505-kingsman.the.golden.circle.1080p.bluray.x264-sparks.zip 2025-03-31 20:29 - 2025-04-03 23:38 - 000000094 _____ C:\Users\WINDOWS 10\Documents\QMEmulatorService.dmp.vovf.rar 2025-03-31 20:29 - 2025-03-31 20:29 - 000000094 _____ C:\Users\WINDOWS 10\Downloads\QMEmulatorService.dmp.vovf.rar 2025-03-29 19:12 - 2025-03-29 19:12 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Roaming\LibreOffice 2025-03-29 19:11 - 2025-03-29 19:11 - 000001197 _____ C:\Users\Public\Desktop\LibreOffice 25.2.lnk 2025-03-29 19:11 - 2025-03-29 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 2025-03-29 19:09 - 2025-03-29 19:11 - 000000000 ____D C:\Program Files\LibreOffice 2025-03-29 19:02 - 2025-03-29 19:02 - 000000000 ____D C:\Program Files\VideoLAN 2025-03-29 18:02 - 2025-03-29 18:03 - 004725666 ____H C:\Users\WINDOWS 10\Downloads\.f731271be8bf4403975bb32b7ba3cfbe04ebb92c.parts 2025-03-29 17:58 - 2025-03-29 18:39 - 000000000 ____D C:\Users\WINDOWS 10\Downloads\www.Torrenting.com - The Count Of Monte-Cristo (2024) 1080p BluRay 5.1-WORLD 2025-03-29 17:53 - 2025-03-29 17:53 - 001871626 ____H C:\Users\WINDOWS 10\Downloads\.c9f76bc1c80a78a93fb2de416692273d436c70a7.parts 2025-03-28 19:15 - 2025-04-18 18:48 - 000000000 ____D C:\EEK 2025-03-25 19:30 - 2025-03-25 20:46 - 002723380 ____H C:\Users\WINDOWS 10\Downloads\.6ecbfbb7ba5f6ba41d1994c18ed5e552933301e6.parts 2025-03-25 18:50 - 2025-03-26 20:51 - 000000000 ____D C:\Users\WINDOWS 10\Downloads\The Brothers Grimsby 2016 720p BluRay DTS x264-FuzerHD 2025-03-22 20:46 - 2025-03-23 16:48 - 000000000 ____D C:\Users\WINDOWS 10\Downloads\Buckleys Chance (2021) [720p] [WEBRip] [YTS.MX] ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2025-04-21 19:00 - 2022-09-28 21:50 - 000000000 ____D C:\FRST 2025-04-21 18:59 - 2025-03-09 19:19 - 000000000 ____D C:\ProgramData\TinyWall 2025-04-21 18:59 - 2022-12-24 22:12 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Roaming\TinyWall 2025-04-21 18:42 - 2020-12-17 00:45 - 000004176 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{AA3553BE-6A1D-4E3D-8461-52F9706FD9E6} 2025-04-21 18:31 - 2021-12-25 10:57 - 000000000 ____D C:\WINDOWS\SystemTemp 2025-04-21 18:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2025-04-21 18:19 - 2022-02-09 20:03 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2025-04-21 18:16 - 2020-12-17 00:48 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2025-04-21 18:16 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2025-04-21 18:15 - 2025-02-05 22:37 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-3022971249-551779898-3356740188-1001 2025-04-21 18:15 - 2022-05-19 15:09 - 000002394 _____ C:\Users\WINDOWS 10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2025-04-21 18:15 - 2021-12-12 23:44 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3022971249-551779898-3356740188-1001 2025-04-21 18:15 - 2020-12-17 00:45 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3022971249-551779898-3356740188-1001 2025-04-21 18:14 - 2022-10-02 17:14 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2025-04-21 18:14 - 2022-10-02 17:14 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2025-04-21 18:12 - 2024-06-01 13:21 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Roaming\ViberPC 2025-04-21 18:12 - 2020-12-17 00:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2025-04-21 18:12 - 2020-12-17 00:39 - 000008192 ___SH C:\DumpStack.log.tmp 2025-04-21 18:12 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2025-04-21 18:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-04-21 15:19 - 2020-03-05 16:56 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2025-04-21 15:19 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2025-04-21 15:10 - 2020-03-07 13:01 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Local\D3DSCache 2025-04-21 13:09 - 2020-12-17 00:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2025-04-21 10:20 - 2024-06-01 13:21 - 000000000 ____D C:\Users\WINDOWS 10\Documents\ViberDownloads 2025-04-21 02:59 - 2022-08-10 23:26 - 005036051 _____ C:\Users\WINDOWS 10\AppData\Local\census.cache 2025-04-21 02:58 - 2022-08-10 23:25 - 000433187 _____ C:\Users\WINDOWS 10\AppData\Local\ars.cache 2025-04-20 23:29 - 2022-08-10 23:16 - 000000000 ____D C:\Program Files\Trend Micro 2025-04-20 23:28 - 2022-08-17 21:47 - 000000000 ___RD C:\Users\WINDOWS 10\Desktop\AntiMalware 2025-04-20 11:33 - 2020-03-07 13:02 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Roaming\Microsoft\Spelling 2025-04-19 21:08 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2025-04-19 20:52 - 2023-03-09 18:49 - 000000000 ____D C:\Users\WINDOWS 10\AppData\LocalLow\IGDump 2025-04-19 19:00 - 2023-11-27 23:46 - 000001277 _____ C:\Users\WINDOWS 10\Desktop\ESET Online Scanner.lnk 2025-04-19 19:00 - 2022-06-11 16:11 - 000001383 _____ C:\Users\WINDOWS 10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2025-04-19 18:07 - 2020-03-10 22:39 - 000000000 ____D C:\Users\WINDOWS 10\.dbus-keyrings 2025-04-19 15:32 - 2023-02-26 22:25 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Local\FSDART 2025-04-19 13:02 - 2020-12-17 00:40 - 000000000 ____D C:\Users\WINDOWS 10 2025-04-18 22:06 - 2020-03-05 17:03 - 000000000 ____D C:\ProgramData\Adobe 2025-04-18 21:20 - 2023-02-26 22:25 - 000000000 ____D C:\ProgramData\F-Secure 2025-04-18 20:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2025-04-18 19:54 - 2020-06-05 12:59 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Local\CrashDumps 2025-04-18 15:48 - 2020-06-11 00:08 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-04-18 15:48 - 2020-06-11 00:08 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2025-04-18 11:55 - 2022-12-25 18:14 - 000036208 _____ (Sysinternals - [Link mogu videti samo ulogovani korisnici]) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS 2025-04-18 10:54 - 2020-03-05 16:55 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Local\Packages 2025-04-18 10:51 - 2024-06-01 13:21 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Local\Viber 2025-04-18 03:30 - 2021-10-04 21:51 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Roaming\vlc 2025-04-18 03:29 - 2023-04-13 19:34 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Roaming\qBittorrent 2025-04-18 00:38 - 2020-03-08 07:44 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Local\GHISLER 2025-04-18 00:30 - 2020-03-15 14:41 - 000000000 ____D C:\Users\WINDOWS 10\.cache 2025-04-18 00:29 - 2021-12-17 22:11 - 000001076 _____ C:\Users\Public\Desktop\ClipGrab.lnk 2025-04-18 00:29 - 2021-12-17 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab 2025-04-18 00:29 - 2020-09-08 18:52 - 000000000 ____D C:\Program Files (x86)\ClipGrab 2025-04-17 16:37 - 2025-01-21 15:46 - 000008399 _____ C:\Users\WINDOWS 10\Desktop\Obroci.txt 2025-04-17 16:15 - 2020-03-17 22:24 - 000000000 ____D C:\Program Files\CCleaner 2025-04-17 16:12 - 2025-02-09 15:13 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Roaming\utorrent 2025-04-17 16:12 - 2022-12-06 18:36 - 000000000 ____D C:\Program Files (x86)\Steam 2025-04-17 16:12 - 2020-03-08 10:26 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Roaming\MPC-HC 2025-04-17 05:26 - 2020-03-07 13:02 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2025-04-16 19:45 - 2023-01-25 21:57 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2025-04-16 19:38 - 2020-04-11 21:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2025-04-15 19:05 - 2022-06-09 21:18 - 000001469 _____ C:\Users\WINDOWS 10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk 2025-04-15 19:05 - 2020-12-17 00:45 - 000004310 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1601119533 2025-04-15 19:01 - 2020-03-10 22:39 - 000000000 ____D C:\Program Files (x86)\BleachBit 2025-04-15 18:55 - 2020-03-08 07:44 - 000000000 ____D C:\totalcmd 2025-04-15 18:55 - 2020-03-05 16:57 - 000000000 ____D C:\ProgramData\Package Cache 2025-04-15 18:54 - 2024-11-20 06:38 - 000001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock.lnk 2025-04-15 18:54 - 2024-11-20 06:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock 2025-04-15 18:54 - 2024-11-20 06:38 - 000000000 ____D C:\Program Files (x86)\FreeAlarmClock 2025-04-15 18:48 - 2021-11-26 20:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2025-04-15 18:48 - 2020-04-11 21:53 - 000001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2025-04-10 19:04 - 2025-03-09 19:19 - 000003226 _____ C:\WINDOWS\system32\Tasks\TinyWall Controller 2025-04-10 19:04 - 2022-12-24 22:12 - 000005878 _____ C:\WINDOWS\system32\InstallUtil.InstallLog 2025-04-10 19:04 - 2022-12-24 22:12 - 000000000 ____D C:\Program Files (x86)\TinyWall 2025-04-09 17:38 - 2020-12-17 00:39 - 000599120 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2025-04-09 17:37 - 2019-12-07 11:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2025-04-09 17:37 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2025-04-09 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2025-04-09 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2025-04-09 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2025-04-09 17:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2025-04-09 16:12 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2025-04-05 19:08 - 2020-12-17 00:45 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2025-04-05 19:08 - 2020-12-17 00:45 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2025-04-04 17:43 - 2020-03-07 13:02 - 000000837 _____ C:\Users\Public\Desktop\Speccy.lnk 2025-04-04 16:58 - 2025-01-24 18:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\K4W-21-20 2025-03-29 23:36 - 2024-07-11 17:54 - 000000000 ____D C:\WINDOWS\system32\compatrel 2025-03-29 23:36 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2025-03-29 23:36 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2025-03-29 23:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2025-03-29 23:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2025-03-29 23:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2025-03-29 23:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2025-03-29 23:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2025-03-29 23:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2025-03-29 23:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2025-03-29 23:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2025-03-29 23:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2025-03-29 22:56 - 2020-12-17 00:43 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2025-03-29 22:40 - 2020-03-07 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2025-03-29 22:40 - 2020-03-07 18:28 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2025-03-29 22:35 - 2020-12-17 00:45 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2025-03-29 19:02 - 2021-10-04 21:51 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2025-03-25 21:56 - 2023-01-12 13:51 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Local\Roblox 2025-03-25 21:04 - 2025-03-18 16:18 - 000001396 _____ C:\Users\WINDOWS 10\Desktop\Roblox Player.lnk 2025-03-25 21:04 - 2023-01-12 13:51 - 000000000 ____D C:\Users\WINDOWS 10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox ==================== Files in the root of some directories ======== 2022-08-10 23:25 - 2025-04-21 02:58 - 000433187 _____ () C:\Users\WINDOWS 10\AppData\Local\ars.cache 2022-08-10 23:26 - 2025-04-21 02:59 - 005036051 _____ () C:\Users\WINDOWS 10\AppData\Local\census.cache 2022-08-10 23:16 - 2022-08-10 23:16 - 000000036 _____ () C:\Users\WINDOWS 10\AppData\Local\housecall.guid.cache 2025-01-23 20:17 - 2025-01-23 20:17 - 000007605 _____ () C:\Users\WINDOWS 10\AppData\Local\Resmon.ResmonCfg 2022-11-05 11:21 - 2022-11-05 11:21 - 000000000 _____ () C:\Users\WINDOWS 10\AppData\Local\{30CF3F16-328C-4923-9645-00C911E09CE7} ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025 Ran by WINDOWS 10 (21-04-2025 19:01:11) Running from C:\Users\WINDOWS 10\Desktop Microsoft Windows 10 Pro Version 22H2 19045.5737 (X64) (2020-12-16 22:46:05) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-3022971249-551779898-3356740188-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3022971249-551779898-3356740188-503 - Limited - Disabled) Guest (S-1-5-21-3022971249-551779898-3356740188-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3022971249-551779898-3356740188-504 - Limited - Disabled) WINDOWS 10 (S-1-5-21-3022971249-551779898-3356740188-1001 - Administrator - Enabled) => C:\Users\WINDOWS 10 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AV: Kaspersky Security Cloud (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Security Cloud (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ZoneAlarm Free Firewall Firewall (Disabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB} FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58} FW: Kaspersky Security Cloud (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AIDA64 Extreme v7.50 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 7.50 - FinalWire Ltd.) AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2019.0816.1152.21357 - Advanced Micro Devices, Inc.) BleachBit (HKLM-x32\...\BleachBit) (Version: 4.6.2.2665 - BleachBit) BlueStacks App Player (HKLM\...\BlueStacks_nxt) (Version: 5.20.105.1009 - now.gg, Inc.) BlueStacks Services (HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\BlueStacksServices) (Version: 3.0.9 - now.gg, Inc.) BlueStacks X (HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\BlueStacks X) (Version: 10.10.7.1004 - now.gg, Inc.) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 135.1.77.100 - Brave Software Inc) CCleaner (HKLM\...\CCleaner) (Version: 6.34 - Piriform) ClipGrab 3.9.11 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - The ClipGrab Project) Discord (HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Discord) (Version: 1.0.9036 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{20235E2B-1E9F-473D-A215-B2467F1F06E3}) (Version: 1.3.51.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.) Euro Truck Simulator 2 (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: 0.0.0 - DODI-Repacks) Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 2024.4.0.27683 - Foxit Software Inc.) Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 5.3.0.0 - Comfort Software Group) Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.107.5377 - GOM & Company) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.96 - Google LLC) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: - ) HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.44.340 - SurfRight B.V.) Java 8 Update 451 (64-bit) (HKLM\...\{71024AE4-039E-4CA4-87B4-2F64180451F0}) (Version: 8.0.4510.10 - Oracle Corporation) Kaspersky (HKLM-x32\...\{FBD1BD2C-E0CF-3B12-965E-B25D873F94A3}) (Version: 21.20.8.505 - Kaspersky) Hidden Kaspersky (HKLM-x32\...\InstallWIX_{FBD1BD2C-E0CF-3B12-965E-B25D873F94A3}) (Version: 21.20.8.505 - Kaspersky) K-Lite Mega Codec Pack 18.8.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 18.8.5 - KLCP) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LibreOffice 25.2 Help Pack (English (United States)) (HKLM\...\{5F797DD2-3265-4923-A958-7E6CE27959D1}) (Version: 25.2.2.2 - The Document Foundation) LibreOffice 25.2.2.2 (HKLM\...\{632F6BB4-FB41-4870-9EA9-346A347CABA6}) (Version: 25.2.2.2 - The Document Foundation) MEmu (HKLM-x32\...\MEmu) (Version: 9.2.0.0 - Microvirt Software Technology Co., Ltd.) Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.36 (x86) (HKLM-x32\...\{FBC9D6AE-6396-4FC7-BC18-00852836F16D}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.21 (x64) (HKLM\...\{D937EF87-F11D-4778-973C-B71E178F95D0}) (Version: 48.87.64667 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.36 (x86) (HKLM-x32\...\{6F73FE7B-B9C3-4A05-8138-0E44543D755F}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.21 (x64) (HKLM\...\{8D2EC92E-5903-4B25-9406-182B8EFA834F}) (Version: 48.87.64667 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.36 (x86) (HKLM-x32\...\{89C09E22-01D0-41F6-BAD3-CA0A8B74AD22}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft Access MUI (English) 2013 (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Access Setup Metadata MUI (English) 2013 (HKLM\...\{90150000-0117-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft DCF MUI (English) 2013 (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden Microsoft Excel MUI (English) 2013 (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Groove MUI (English) 2013 (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft InfoPath MUI (English) 2013 (HKLM\...\{90150000-0044-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Lync MUI (English) 2013 (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office OSM MUI (English) 2013 (HKLM\...\{90150000-00E1-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office OSM UX MUI (English) 2013 (HKLM\...\{90150000-00E2-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office Proofing (English) 2013 (HKLM\...\{90150000-002C-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (English) 2013 (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2013 (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2013 (HKLM\...\{90150000-0115-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft OneDrive (HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\OneDriveSetup.exe) (Version: 25.056.0324.0003 - Microsoft Corporation) Microsoft OneNote MUI (English) 2013 (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Outlook MUI (English) 2013 (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft PowerPoint MUI (English) 2013 (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Publisher MUI (English) 2013 (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{610487D9-3460-328A-9333-219D43A75CC5}) (Version: 10.0.60922 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60917 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM\...\{AF6BF7DD-2B12-40C5-919C-2EC99054BBE1}) (Version: 48.87.64723 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM-x32\...\{0f39db03-9030-48f3-82ef-5384bed81d85}) (Version: 6.0.21.32717 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.36 (x86) (HKLM-x32\...\{9A00C541-6944-4969-9DFE-A7289215800D}) (Version: 48.144.23186 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.36 (x86) (HKLM-x32\...\{c37854d7-1852-4785-82ff-86ff988e4caf}) (Version: 6.0.36.34217 - Microsoft Corporation) Microsoft Word MUI (English) 2013 (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden MobiGame (HKLM\...\{0CD5AE2D-BB58-4E35-8B5C-AFE9A9189E1A}) (Version: 3.87.1.0 - MobiGame) Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 137.0.2 (x64 en-US)) (Version: 137.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 109.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Neo's SafeKeys v3 (HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Neo's SafeKeys v3) (Version: 3.1.4.0 - Aplin Software) Opera Stable 118.0.5461.41 (HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Opera 118.0.5461.41) (Version: 118.0.5461.41 - Opera Software) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.0.5 - The qBittorrent project) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.) Return to Castle Wolfenstein (HKLM-x32\...\1441704976_is1) (Version: 2.0.0.2 - GOG.com) Roblox Player for WINDOWS 10 (HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\roblox-player) (Version: - Roblox Corporation) Roblox Studio for WINDOWS 10 (HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\roblox-studio) (Version: - Roblox Corporation) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C5D14A1B-6E3E-491A-96C6-ABDEEEC4E97D}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E4F470B2-3601-4E1C-B291-D6B580F53136}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0115-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0117-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version: - Microsoft) Hidden Software Informer 1.5.1346.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.) Speccy (HKLM\...\Speccy) (Version: 1.33 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stremio (HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\Stremio) (Version: 4.4.159 - Smart Code Ltd) TinyWall (HKLM-x32\...\{80ABCE3B-8743-4BA9-A5EB-7A8CA7E0B93C}) (Version: 3.4.1.0 - Károly Pados) TLauncher (HKLM-x32\...\TLauncher) (Version: 2.9316 - TLauncher Inc.) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.51 - Ghisler Software GmbH) UniGetUI (HKLM-x32\...\{889610CC-4337-4BDB-AC3B-4F21806C0BDE}_is1) (Version: 3.1.8 - Martí Climent) Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft) Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation) Viber (HKLM-x32\...\{FB307379-07A9-4A54-BE13-BCA0E6BFC178}) (Version: 22.8.0.0 - 2010-2024 Viber Media S.a.r.l) Hidden Viber (HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\{92714b5c-0ebd-459f-b823-a2b084d8fe2a}) (Version: 25.1.0.0 - 2010-2024 Viber Media S.a.r.l) VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.92.0 - Winamp SA) Windows PC Health Check (HKLM\...\{804A0628-543B-4984-896C-F58BF6A54832}) (Version: 3.7.2204.15001 - Microsoft Corporation) WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) Youtube-DLG version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos) Chrome apps: ============ Google диск (HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\30eea63bbc5ce416b5a57971a5a12ee7) (Version: 1.0 - Google\Chrome) Packages: ========= Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_4.10.1.0_x64__kgqvnymyfvs32 [2025-03-31] (king.com) Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.3000.2.0_x64__kgqvnymyfvs32 [2025-04-09] (king.com) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-16] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-16] (Microsoft Corporation) [MS Ad] Paket za lokalni interfejs za srpski -> C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePacksr-Latn-RS_19041.62.226.0_neutral__8wekyb3d8bbwe [2024-10-11] (Microsoft Corporation) Spotify - Music and Podcasts -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0 [2025-04-15] (Spotify AB) [Startup Task] Пакет за локални интерфејс за српски (Србија) -> C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePacksr-Cyrl-RS_19041.52.178.0_neutral__8wekyb3d8bbwe [2024-10-11] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3022971249-551779898-3356740188-1001_Classes\CLSID\{28D06DB2-0543-4F46-AACA-0438D70B6923}\localserver32 -> c:\program files\unigetui\unigetui.exe (Marti Climent Lopez -> ) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers1: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> No File ContextMenuHandlers1: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> No File ContextMenuHandlers1: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> No File ContextMenuHandlers1: [Kaspersky Free 21.20] -> {930F6476-55F3-4C35-9481-E3AFC97817FD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\x64\shellex.dll [2025-01-24] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> No File ContextMenuHandlers2: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> No File ContextMenuHandlers2: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> No File ContextMenuHandlers2: [Kaspersky Free 21.20] -> {930F6476-55F3-4C35-9481-E3AFC97817FD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\x64\shellex.dll [2025-01-24] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File ContextMenuHandlers4: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> No File ContextMenuHandlers4: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> No File ContextMenuHandlers4: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> No File ContextMenuHandlers4: [Kaspersky Free 21.20] -> {930F6476-55F3-4C35-9481-E3AFC97817FD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\x64\shellex.dll [2025-01-24] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File ContextMenuHandlers6: [Kaspersky Free 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> No File ContextMenuHandlers6: [Kaspersky Free 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll -> No File ContextMenuHandlers6: [Kaspersky Free 21.17] -> {0F574355-9FBE-40DB-ACB8-81F6612BB909} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.17\x64\shellex.dll -> No File ContextMenuHandlers6: [Kaspersky Free 21.20] -> {930F6476-55F3-4C35-9481-E3AFC97817FD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\x64\shellex.dll [2025-01-24] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] () [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed] HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\ir41_32.dll [756736 1997-07-06] (Intel Corporation) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\WINDOWS 10\Desktop\Milan - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default" ==================== Loaded Modules (Whitelisted) ============= 2019-06-28 18:32 - 2019-06-28 18:32 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL 2019-06-28 18:32 - 2019-06-28 18:32 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2019-08-16 12:37 - 2019-08-16 12:37 - 000158208 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll 2020-03-07 18:28 - 2012-07-21 13:55 - 000180736 _____ (fccHandler) [File not signed] C:\WINDOWS\SYSTEM32\ac3acm.acm 2019-06-28 18:32 - 2019-06-28 18:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll 2019-08-16 12:49 - 2019-08-16 12:49 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2019-06-28 18:32 - 2019-06-28 18:32 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2019-06-28 18:33 - 2019-06-28 18:33 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2019-06-28 18:33 - 2019-06-28 18:33 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2019-06-28 18:33 - 2019-06-28 18:33 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2019-06-28 18:33 - 2019-06-28 18:33 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2019-06-28 18:33 - 2019-06-28 18:33 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2019-06-28 18:33 - 2019-06-28 18:33 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2019-06-28 18:33 - 2019-06-28 18:33 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2019-06-28 18:33 - 2019-06-28 18:33 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll 2024-11-20 06:38 - 2019-12-17 14:16 - 000128181 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeAlarmClock\bass.dll 2024-11-20 06:38 - 2020-12-04 14:04 - 000029452 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeAlarmClock\bassflac.dll 2024-11-20 06:38 - 2016-04-04 12:22 - 000017733 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeAlarmClock\basswma.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2936] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ============= HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3022971249-551779898-3356740188-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] SearchScopes: HKLM -> DefaultScope value is missing SearchScopes: HKU\S-1-5-21-3022971249-551779898-3356740188-1001 -> {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_451\bin\ssv.dll [2025-04-05] (Oracle America, Inc. -> Oracle Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_451\bin\jp2ssv.dll [2025-04-05] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKU\S-1-5-21-3022971249-551779898-3356740188-1001 -> No Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - No File Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-04-12 01:38 - 2021-10-27 10:12 - 000334861 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 fr.a2dfp.net 0.0.0.0 mfr.a2dfp.net 0.0.0.0 ad.a8.net 0.0.0.0 asy.a8ww.net 0.0.0.0 static.a-ads.com 0.0.0.0 abcstats.com 0.0.0.0 track.acclaimnetwork.com 0.0.0.0 csh.actiondesk.com 0.0.0.0 ads.activepower.net 0.0.0.0 app.activetrail.com 0.0.0.0 ad2games.com 0.0.0.0 adadvisor.net 0.0.0.0 [Link mogu videti samo ulogovani korisnici] 0.0.0.0 pixel.adcrowd.com 0.0.0.0 ct1.addthis.com 0.0.0.0 static.uk.addynamo.com 0.0.0.0 adexc.net 0.0.0.0 static.adfclick1.com 0.0.0.0 server.adformdsp.net 0.0.0.0 s.adframesrc.com 0.0.0.0 media.adfrontiers.com 0.0.0.0 [Link mogu videti samo ulogovani korisnici] 0.0.0.0 [Link mogu videti samo ulogovani korisnici] #[Ban Man Pro Banner Code] 0.0.0.0 adgrx.com 0.0.0.0 adhall.com 0.0.0.0 adhitzads.com 0.0.0.0 aj.adjungle.com 0.0.0.0 adserver-e7.com 0.0.0.0 n.admagnet.net There are 8702 more lines. ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\;C:\Program Files\dotnet\ HKU\S-1-5-21-3022971249-551779898-3356740188-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\WINDOWS 10\Pictures\iStock-967126702.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. Network Binding: ============= Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys KL_KLIM6: Kaspersky Anti-Virus NDIS 6 Filter ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "ccleaner_update_helper" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "ut" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_89684F21A6BD3CCF47EF386417CDB5C6" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "kpm.exe" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "electron.app.BlueStacks Services" HKU\S-1-5-21-3022971249-551779898-3356740188-1001\...\StartupApproved\Run: => "Mobigame Playstore" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{FB1A2643-860B-4D13-952A-922F260784F0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6FC6A4D3-6D86-44F2-8869-5CA512EFCFFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2E751261-78AE-4F78-A512-7DBC256AB0BE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7156E49C-E621-42FB-9DF5-21E9A9AFA5A3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E092E5DA-11DD-4D96-B493-3E46A254F201}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5DD834EA-3F23-4070-9BB7-64122A6A2466}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{EDC0D9F7-29E8-49C3-91D4-97A91345A70C}C:\program files (x86)\popcorn time\nodejs\node.exe] => (Allow) C:\program files (x86)\popcorn time\nodejs\node.exe => No File FirewallRules: [TCP Query User{5B25ABD5-42F4-4F8F-830F-C19342565B2F}C:\program files (x86)\popcorn time\nodejs\node.exe] => (Allow) C:\program files (x86)\popcorn time\nodejs\node.exe => No File FirewallRules: [UDP Query User{3B605D2C-AAF1-4828-B59E-2FF8408F0A5D}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{264D01AC-F6FD-4415-A78E-5F107C797E2C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{581CAD92-DD27-4A6E-A93B-8E588219527E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F9BF4E17-3CA2-456A-98F4-177DAFD7727D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{996F6FDF-0A71-4953-AC23-8C7838C63F20}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{99E08A2E-074A-457F-87C4-7EEF12C0B657}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{72B06322-B243-473B-B23E-419194896EE0}C:\users\windows 10\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\windows 10\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Smart Code OOD -> Stremio Runtime) [File not signed] FirewallRules: [UDP Query User{C4FD6E31-16D3-4D19-A387-7ABC5C944DB4}C:\users\windows 10\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\windows 10\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Smart Code OOD -> Stremio Runtime) [File not signed] FirewallRules: [TCP Query User{B23E7E36-ACEB-48C0-A415-569466D6838F}C:\gog games\return to castle wolfenstein\wolfmp.exe] => (Block) C:\gog games\return to castle wolfenstein\wolfmp.exe () [File not signed] FirewallRules: [UDP Query User{BE0575B5-5356-47D6-85A2-B0E2D39D6D4C}C:\gog games\return to castle wolfenstein\wolfmp.exe] => (Block) C:\gog games\return to castle wolfenstein\wolfmp.exe () [File not signed] FirewallRules: [TCP Query User{D3CB59E8-3FCF-499D-9E06-451FC24626DC}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{0D864B53-0A83-47B2-A08F-82ABE943525F}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{48CB07F4-CEF9-46EA-A101-313C18EFBE27}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{01F00F24-78A4-411F-A6E2-E011CC9ADAA1}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{091E73A2-2D6A-433C-846A-20B2C73A88D5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{F887C4EF-A5DD-467F-9B8B-AF9EFAF14056}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4739085E-AA04-46B6-A16B-381F1ACA7093}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{98F12D97-F05D-4E63-98B2-C55D2CD499BC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5734133B-7E94-470B-B500-DA22579EDA38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe () [File not signed] FirewallRules: [{D768ED33-19FA-4285-831D-62BE69CF0B01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stumble Guys\Stumble Guys.exe () [File not signed] FirewallRules: [{C2EB75E2-9964-4E0E-AF41-229151BBDFE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File FirewallRules: [{DCF4A2A4-C54B-4EFF-8B8B-295B43F0D14D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File FirewallRules: [TCP Query User{F2337938-E343-4A3E-A15C-BD99E78BC84D}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Block) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe => No File FirewallRules: [UDP Query User{7FF39EF3-9D55-40F2-8A48-D5C109CF57CD}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe] => (Block) C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe => No File FirewallRules: [{B0837690-3FFA-42FA-99BA-D179040FA081}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA) FirewallRules: [{AF84B33D-6361-4890-8ACF-E8B90CAAAC37}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA) FirewallRules: [{0CE4268C-01A9-4CAC-866B-39E656F74164}] => (Allow) c:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{2F9ED40A-8290-40FA-A8F5-950B4DBF3414}] => (Allow) c:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{22F1667E-8735-4DEF-A0D2-8C467B460A41}] => (Allow) c:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{5698D9C3-5064-4B16-B696-CB9F0F75279E}] => (Allow) c:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{0345A786-24FC-4614-B8CB-8C9534612333}] => (Allow) c:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{989E45B9-32AC-4181-811B-5FFC64A30B09}] => (Allow) c:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{E3E7AD07-56C8-4D72-9A90-F422AB8CDF73}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{4CBB562B-7A44-458A-9CB7-4162F7AEA7D3}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{28859472-22FB-4736-8603-9EE326614AF1}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{DFAAF586-0A9A-48F7-AE5B-0A3BB4EF2B69}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{F62A0F22-493F-4D5C-AB87-151A10E9180F}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology (Shenzhen) Company Limited -> Tencent) FirewallRules: [{C31483F6-DADF-4F03-905D-AA266F0EC535}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulatorEx.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{C4C2E123-148F-49C1-9281-86A7162ABE9B}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulatorEn.exe (Tencent Technology (Shenzhen) Company Limited -> Tencent) FirewallRules: [{05D5C5C7-F585-4D7E-961A-B9D6EDFA2B71}] => (Allow) c:\program files\txgameassistant\ui\adb.exe () [File not signed] FirewallRules: [{BBFADE84-C6E3-412D-A6E8-FD66B15F9A7D}] => (Allow) c:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{4B62C8B0-5CE7-45FA-86A9-D16BB95713DC}] => (Allow) c:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{C286C6FB-808C-4BFD-82CD-0669608F10C4}] => (Allow) c:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{A8B6FADD-6218-48BF-9356-E9B93336B8E3}] => (Allow) C:\Users\WINDOWS 10\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{297E9CD3-08F8-431F-A80E-83D101A3B5E7}] => (Allow) C:\Users\WINDOWS 10\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{FD8FC66F-B352-4898-AF73-F29AD85DACF1}] => (Allow) C:\Users\WINDOWS 10\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{6B391B65-EE5A-4A73-AE63-7FED045CC6D1}] => (Allow) C:\Users\WINDOWS 10\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{B61D8892-AAFC-4A99-A829-96120B8CF1B5}] => (Allow) C:\Program Files\AndroidTbox\THypervBox.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation) FirewallRules: [{4F82FCC5-4486-4DB3-B27C-DD38EB23CF1B}] => (Allow) C:\Program Files\AndroidTbox\TBoxHeadless.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation) FirewallRules: [{E6EFDC00-5FB3-4C91-94A6-73874D30AAF1}] => (Allow) C:\Program Files\AndroidTbox\TBoxNetNAT.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation) FirewallRules: [{7E981115-2E94-47A6-A097-36FA46CBB709}] => (Allow) C:\Program Files\AndroidTbox\TBoxSDL.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation) FirewallRules: [{33EA1848-8756-4E36-BFA0-7EBF36593607}] => (Allow) C:\Program Files\AndroidTbox\TBoxExtPackHelperApp.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation) FirewallRules: [{D72543A4-2DEE-4F0A-B914-E0C90AEBCAA2}] => (Allow) C:\Program Files\AndroidTbox\USBInstall.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{D902399A-DCE5-4F73-ACF3-EF567CBA6980}] => (Allow) C:\Program Files\AndroidTbox\TBoxNetDHCP.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation) FirewallRules: [{1745B578-CB30-4548-9710-7A08CB3B9FF3}] => (Allow) C:\Program Files\AndroidTbox\TBoxManage.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation) FirewallRules: [{339AA61B-ABCA-410C-9D9F-13A9090BBE5A}] => (Allow) C:\Program Files\AndroidTbox\USBUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{E7F1B253-78D3-417B-9AD7-1A0B084E8EF0}] => (Allow) C:\Program Files\AndroidTbox\TInst.exe (Tencent Technology (Shenzhen) Company Limited -> ) FirewallRules: [{D4437CD7-4F80-4E00-A227-51B20EC89A2C}] => (Allow) C:\Program Files\AndroidTbox\SUPLoggerCtl.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{6DFD74E4-4E67-4929-910C-7048134B2BC6}] => (Allow) C:\Program Files\AndroidTbox\NetFltUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{B1BB1891-70DC-49D8-A9C1-DBD5566C621C}] => (Allow) C:\Program Files\AndroidTbox\NetFltInstall.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{F3DBFFF6-293F-4FAB-9D5A-4E3C4C4750B4}] => (Allow) C:\Program Files\AndroidTbox\SUPUninstall.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{47DCB2EB-1FFD-457B-85A7-8654A1EF9DD1}] => (Allow) C:\Program Files\AndroidTbox\TBoxBalloonCtrl.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation) FirewallRules: [{9F9FF5C2-FCFD-48BE-9FF9-99BFB6E13DE9}] => (Allow) C:\Program Files\AndroidTbox\SUPInstall.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{A9F1E717-DA36-4918-8108-15DE7719AF83}] => (Allow) C:\Program Files\AndroidTbox\TBoxSVC.exe (Tencent Technology(Shenzhen) Company Limited -> Hyperv Corporation) FirewallRules: [{CF618DD6-FD2B-46B8-BCB7-A5C78FE62A7E}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.) FirewallRules: [{77175D0C-90E8-4CDC-BAF4-B6A971A596B2}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME) FirewallRules: [{35B0F373-E305-4B01-9F39-7CC968EFB179}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems) FirewallRules: [{10DEC857-C4D9-41AF-A36C-146D0BC07792}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.) FirewallRules: [{b26480e4-1147-453a-9988-c0b03b465920}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation) FirewallRules: [{10f8b660-a296-4ed7-a6a7-4a8790f18e81}] => (Allow) C:\Program Files\ldplayer9box\VBoxNetNAT.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation) FirewallRules: [{8c817324-be8e-4658-bd2b-a0d603c8397b}] => (Allow) C:\LDPlayer\LDPlayer9\dnplayer.exe => No File FirewallRules: [{07F3F573-1677-4CF7-8B1F-6FE193B5BE02}] => (Allow) C:\Program Files\MobiGame\player\mobiplayer.exe (AI MEDIA LIMITED -> Game Player) FirewallRules: [{67DBC224-C3D6-453F-AD72-93A862F9975F}] => (Allow) C:\Program Files\MobiGame\player\vboxheadless.exe (AI MEDIA LIMITED -> Oracle Corporation) FirewallRules: [{41463A60-81B2-478F-8ACE-00029A094091}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{1708CF7C-0F30-4A05-BFC0-6B13DF70E220}] => (Allow) C:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{0CC864FA-4B89-40DD-AA43-9EFE62190AE1}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe => No File FirewallRules: [{78A23939-EA1A-4D34-8CAB-0586846A834C}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe => No File FirewallRules: [TCP Query User{C71AB64B-0E36-441C-A4F7-2D7B6F24BDA0}C:\program files (x86)\popcorn time\nodejs\node.exe] => (Allow) C:\program files (x86)\popcorn time\nodejs\node.exe => No File FirewallRules: [UDP Query User{6BCC4CBD-F607-444E-9E86-677D2E22EF08}C:\program files (x86)\popcorn time\nodejs\node.exe] => (Allow) C:\program files (x86)\popcorn time\nodejs\node.exe => No File FirewallRules: [{84EA4875-C8F0-4F1D-B8B6-D19D55A12AC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe => No File FirewallRules: [{63E0317B-5827-41CA-AAAF-2FCBE9F6AA02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe => No File FirewallRules: [{1FD8639E-0CEB-47AA-B349-6826E574BB3E}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File FirewallRules: [{E12F2309-0565-4F85-9631-E65DD7D451FA}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File FirewallRules: [{81EF4727-D572-4F46-A15F-CA055187B55A}] => (Allow) D:\DriverPack 06.02.2025\DriverPack\bin\tools\aria2c.exe => No File FirewallRules: [{86BE6787-B784-45CB-A86E-A1823E8BD75F}] => (Allow) C:\Users\WINDOWS 10\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{165C8DBC-0356-4124-B75A-BE5993481C78}] => (Allow) C:\Users\WINDOWS 10\AppData\Roaming\uTorrent\uTorrent.exe => No File FirewallRules: [{CC6B489D-8B28-418C-802E-492420C59869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{4683E68A-AE0D-4F07-A807-ED5825339F86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{B6E82161-CCCC-481B-954C-8DCBAA3E8436}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{969C4E1A-7690-44F9-A6E9-4BD6D1661BD6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{687F2FAB-80BB-4A43-8F28-9410BB6605D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{67103BBE-E9B0-4518-A2F3-5EFA6F68BF85}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2D435FCA-F12E-43E5-B1BC-02C77C0AEAF0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C86D062E-9576-4EFF-BBD7-7FB29A3003F6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C5779363-9092-4107-971A-225C15DCDA10}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{ABF24592-9A43-49B7-9DBE-20D45A370E88}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{36CFF309-07F8-47A4-AAE1-4BB6F614C6BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{A250D58A-76C8-4A20-B1DD-28F40CAF9D47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{B0ED4D7F-6B85-42FA-B829-7D39FE644744}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{5FF148A7-226A-4868-BD29-C38778C09F92}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{287AF03A-A2BD-483A-B879-DE73A6E4A674}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{CE9F1988-AA04-4237-9F75-9B51F0DFAAA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{CEF6E597-A024-40FB-B409-D032D7EAB581}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{25E7C947-CA59-4369-A45B-BA27065604D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{E365A560-6C90-404D-8A82-6719DCE1C464}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{478F51A6-4795-4C23-AC9D-FDBD42BB6450}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{B0BFB9B5-A194-490B-9607-1231643CC333}] => (Allow) C:\Users\WINDOWS 10\AppData\Local\Programs\Opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{7FDB03A0-8619-446C-A347-0357BB2AD4F4}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{B093C1E5-4BBD-4D10-B44A-3A6831D37C64}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{E55C150C-BC8F-465D-90DF-40C0243607F4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 15-04-2025 17:28:29 Checkpoint by Sophos Scan && Clean 18-04-2025 22:06:05 Removed Adobe Reader XI (11.0.06). ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (04/21/2025 06:12:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4176) (User: ) Description: PFX operation failed as AuthSafes count doesn't lie in expected range. Maximum permissible value: 200. Erroneous value: 300. Error: (04/21/2025 06:12:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4176) (User: ) Description: PFX operation failed as AuthSafes count doesn't lie in expected range. Maximum permissible value: 200. Erroneous value: 300. Error: (04/21/2025 06:12:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4176) (User: ) Description: PFX operation failed as AuthSafes count doesn't lie in expected range. Maximum permissible value: 200. Erroneous value: 300. Error: (04/21/2025 06:12:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4176) (User: ) Description: PFX operation failed as AuthSafes count doesn't lie in expected range. Maximum permissible value: 200. Erroneous value: 300. Error: (04/21/2025 06:12:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4176) (User: ) Description: PFX operation failed as AuthSafes count doesn't lie in expected range. Maximum permissible value: 200. Erroneous value: 300. Error: (04/21/2025 06:12:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4176) (User: ) Description: PFX operation failed as AuthSafes count doesn't lie in expected range. Maximum permissible value: 200. Erroneous value: 300. Error: (04/21/2025 06:12:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4176) (User: ) Description: PFX operation failed as AuthSafes count doesn't lie in expected range. Maximum permissible value: 200. Erroneous value: 300. Error: (04/21/2025 06:12:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4176) (User: ) Description: PFX operation failed as AuthSafes count doesn't lie in expected range. Maximum permissible value: 200. Erroneous value: 300. System errors: ============= Error: (04/21/2025 06:14:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The System Guard Runtime Monitor Broker service terminated with the following error: %%3489660935 Error: (04/21/2025 06:12:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Update service service failed to start due to the following error: The system cannot find the file specified. Error: (04/21/2025 03:11:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The System Guard Runtime Monitor Broker service terminated with the following error: %%3489660935 Error: (04/21/2025 03:09:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Update service service failed to start due to the following error: The system cannot find the file specified. Error: (04/19/2025 03:34:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The System Guard Runtime Monitor Broker service terminated with the following error: %%3489660935 Error: (04/19/2025 03:32:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Update service service failed to start due to the following error: The system cannot find the file specified. Error: (04/18/2025 08:51:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The System Guard Runtime Monitor Broker service terminated with the following error: %%3489660935 Error: (04/18/2025 08:49:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Update service service failed to start due to the following error: The system cannot find the file specified. Windows Defender: ================Event[0]: Date: 2023-03-30 19:35:46 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.385.548.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.20100.6 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2023-03-20 17:25:13 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.383.692.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.20000.2 Error code: 0x80072efd Error description: A connection with the server could not be established Date: 2023-03-20 17:25:13 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.383.692.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.20000.2 Error code: 0x80072efd Error description: A connection with the server could not be established Date: 2023-03-20 17:25:13 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.383.692.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.20000.2 Error code: 0x80072efd Error description: A connection with the server could not be established Date: 2023-03-20 17:25:13 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.383.692.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.20000.2 Error code: 0x80072efd Error description: A connection with the server could not be established CodeIntegrity: =============== Date: 2025-04-21 18:18:13 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Microsoft signing level requirements. Date: 2025-04-21 18:14:12 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky 21.20\x64\com_antivirus.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. 1823 10/15/2019 Motherboard: ASUSTeK COMPUTER INC. PRIME B450M-K Processor: AMD Ryzen 7 2700 Eight-Core Processor Percentage of memory in use: 20% Total physical RAM: 24507.2 MB Available physical RAM: 19578.2 MB Total Virtual: 26043.2 MB Available Virtual: 19591.45 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:446.09 GB) (Free:59.34 GB) (Model: KINGSTON SA400S37480G) NTFS \\?\Volume{2a6b96a9-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS \\?\Volume{2a6b96a9-0000-0000-0000-f0a76f000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 2A6B96A9) Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=446.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=517 MB) - (Type=27) ==================== End of Addition.txt =======================

Profil

helen1 Poslao: 25 Apr 2025 22:29 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8624 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, Ako mozes da mi posaljes taj log da vidim o cemu se radi?

Profil

krokodokodil Poslao: 26 Apr 2025 13:33 Idi na vrh
offline krokodokodil Građanin Pridružio: 18 Nov 2013 Poruke: 51 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 26 Apr 2025 13:29 Zdravo helen1, jel moze da ti posaljem sliku karantina u kome se nalaze pronadjeni trojanci? Dopuna: 26 Apr 2025 13:33 Inace Kasperski ih je pronasao tek kada sam sasvim slucajno uradio Full Scan, nije ih detektovao u realnom vremenu.

Profil

helen1 Poslao: 27 Apr 2025 08:41 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8624 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, obrisao sam sliku. Deluje mi da je ok sve. Stiglo je sa torentom. Tako da budi pazljiv prilikom skidanja sa torenta. I nije prava pretnja, vec moguca, heuristika, verovatno sadrzi nesto sto lici na malware. Isprati stanje pa pisi ako ima problema.

Profil

krokodokodil Poslao: 27 Apr 2025 13:00 Idi na vrh
offline krokodokodil Građanin Pridružio: 18 Nov 2013 Poruke: 51 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala puno na trudu, pozdrav.

Profil

MyCity » Ambulanta » Kasperski mi je pronasao 4 trojanca molim za pregled loga

Ko je trenutno na forumu

Ukupno su 1238 korisnika na forumu :: 72 registrovanih, 9 sakrivenih i 1157 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., aco76, advokat84, aramis s, Asteker, Azzo, Belac91, bobomicek, bojank, ccoogg123, chichabg, crnirocko, DeerHunter, dj.ape, Dukelander, Ezbuck, Feller, FileFinder, Filip981, Flanker-G, GeoM, Gogi do, ibssa, icemilos, Istman, Jan, joca83, jodzula, Josef, Kajzer Soze, Kandrbandrdzilo, kib, Kobrim, koneks, kontrasvijeta, lacko, lima, Lošmi, LUDI, Magarac, Magistar78, Malahit, Medojed, mercedesamg, milenko crazy north, milos.cbr, miroslav tamnavski, mist-mist, Ndsk, NeTot, nevjerna beba, PrincipL, R_038, radionica1, rovac, sedan, sekretar, Sir Budimir, sixpac, Sky diver 29, Snorks, stibium51, strn, suton, Topaz9, tuja, Velizar Laro, vensla, voja64, Zvonkozvonko, ZZtop, Šraf

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by