Solved I just a big virus very weird

user75

Posts: 113   +0
Ok, I just explain, my problem in a little video,

I take any adress bitcoin and watch it:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-08-2019
Ran by reznov (administrator) on DESKTOP-4F34DJR (Dell Inc. G3 3579) (25-08-2019 01:59:29)
Running from C:\Users\pirja\Downloads
Loaded Profiles: reznov (Available Profiles: reznov)
Platform: Windows 10 Pro Version 1809 17763.678 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Clipdiary\Clipdiary.exe
() [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\32\Adobe QT32 Server.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\32\dynamiclinkmanager.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe
(Apowersoft Ltd -> Apowersoft) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
(Atheros Communications, Inc.) [File not signed] C:\Program Files (x86)\Jumpstart\jswpbapi.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6788\Agent.exe
(Decentral Inc. -> decentral.ca) C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\Jaxx Liberty.exe
(Decentral Inc. -> decentral.ca) C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\Jaxx Liberty.exe
(Decentral Inc. -> decentral.ca) C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\Jaxx Liberty.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Discord Inc. -> Discord Inc.) C:\Users\pirja\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\pirja\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\pirja\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\pirja\AppData\Local\Discord\app-0.0.305\Discord.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\79.4.143\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\79.4.143\QtWebEngineProcess.exe
(Druide Informatique Inc. -> Druide informatique inc.) [File not signed] C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\AgentAntidote.exe
(Druide Informatique Inc. -> Druide informatique inc.) [File not signed] C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.13\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.13\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_db953c52208ada71\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_db953c52208ada71\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2f4c7fcb86976beb\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_2f4c7fcb86976beb\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kakao corp. -> Kakao) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
(MAGIX Software GmbH -> MAGIX Software GmbH) C:\Program Files (x86)\MAGIX\Music Maker\28\MusicMaker.exe
(MAGIX Software GmbH -> MAGIX Software GmbH) C:\Program Files (x86)\MAGIX\Music Maker\28\Online\MagixOfa.exe
(Mega Limited -> Mega Limited) C:\Users\pirja\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\firefox.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\NVDisplay.Container.exe
(Open Media LLC -> Open Media LLC) C:\Program Files\4KDownload\4kyoutubetomp3\4kyoutubetomp3.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Osiris Development -> Osiris Development) C:\Program Files\BatteryBar\BatteryBar.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\pcdrwi.exe
(Privax Limited -> Privax Limited) C:\Program Files (x86)\HMA! Pro VPN\Vpn.exe
(Privax Limited -> Privax Limited) C:\Program Files (x86)\HMA! Pro VPN\VpnSvc.exe
(PushBullet Inc -> Pushbullet Inc) C:\Users\pirja\AppData\Local\Pushbullet\bin\pushbullet_client.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Spotify AB -> Spotify Ltd) C:\Users\pirja\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\pirja\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\pirja\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\pirja\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\pirja\AppData\Roaming\Spotify\Spotify.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\chrome.exe
(The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\QtWebEngineProcess.exe
(The Wise Dev -> OtohitsNetwork) C:\OtohitsNetwork\OtohitsApp\Otohits.App.exe
(The Wise Dev -> OtohitsNetwork) C:\OtohitsNetwork\OtohitsApp\Otohits.Viewer.exe
(The Wise Dev -> OtohitsNetwork) C:\OtohitsNetwork\OtohitsApp\Otohits.Viewer.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [881768 2019-06-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe [1222536 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [AgentAntidote32] => C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\AgentAntidote.exe [1653352 2017-09-12] (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
HKLM\...\Run: [AgentAntidote64] => C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe [1797736 2017-09-12] (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-08-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2019-03-15] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [jswtrayutil] => C:\Program Files (x86)\Jumpstart\jswtrayutil.exe [528384 2008-09-26] (Atheros Communications, Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [Pushbullet] => D:\program\pushbullet\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc) [File not signed]
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [ApowersoftScreenRecorder] => C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe [3016344 2018-09-29] (Apowersoft Ltd -> Apowersoft)
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [Clipdiary] => C:\Program Files (x86)\Clipdiary\clipdiary.exe [6735360 2019-05-06] () [File not signed]
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [Discord] => C:\Users\pirja\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software) [File not signed]
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Run: [NoxDaemon] => C:\Users\pirja\AppData\Roaming\NoxSrv\NoxSrv.exe [116736 2019-07-12] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [vidc.xtor] => C:\Windows\system32\DxtoryCodec.dll [2606144 2015-08-10] (ExKode Co.Ltd. -> ExKode Co. Ltd.)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [vidc.xtor] => C:\Windows\System32\DxtoryCodec.dll [2606144 2015-08-10] (ExKode Co.Ltd. -> ExKode Co. Ltd.)
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1294336 2003-01-20] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}] -> C:\Program Files (x86)\Chromium\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-18] (The Chromium Authors) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-21] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-06-30]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
InternetURL: C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\65fb187b-34f5-4f0f-b712-e25c5721a6ad.url -> URL: C:\ProgramData\VulkanInfo.exe
Startup: C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BatteryBar.lnk [2019-08-07]
ShortcutTarget: BatteryBar.lnk -> C:\Program Files\BatteryBar\BatteryBar.exe (Osiris Development -> Osiris Development)
Startup: C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-02-15]
ShortcutTarget: MEGAsync.lnk -> C:\Users\pirja\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ProtonMail Bridge.lnk [2019-03-30]
ShortcutTarget: ProtonMail Bridge.lnk -> C:\Program Files\Proton Technologies AG\ProtonMail Bridge\Desktop-Bridge.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13B68E53-CF6D-4AA8-85DC-629FC7D0AC7C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1878EDF5-1632-403F-A028-AC4C216B81AE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {207127DF-9415-4730-A259-9032E04BD93D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-05-24] (Dell Inc. -> Dell Inc.)
Task: {2FE2F2C0-2D96-465D-9161-825648EABC8C} - System32\Tasks\HMA! Pro VPN Update => C:\Program Files (x86)\HMA! Pro VPN\VpnUpdate.exe [1474672 2019-08-12] (Privax Limited -> Privax Limited)
Task: {32156E94-9975-4D29-B7F5-41F8F7848459} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177680 2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3769C2A2-4973-42B2-AE69-C38C65C0D66F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3D771F87-9A88-436F-8581-BBD7E3AE81B0} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-pirjackoy@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {40AF7EAF-47F5-412F-9681-4135DB56ED61} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {4D0F843B-AF01-48DB-A45A-D67AA6687B5A} - System32\Tasks\Dxstory\Dxstory => C:\Program Files (x86)\ExKode\Dxtory2.0\Dxtory.exe [609488 2017-04-08] (ExKode Co.Ltd. -> ExKode Co. Ltd.)
Task: {580DC558-C208-4789-8996-AB2F8A0A05F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {5A427DE9-CDBB-47FA-B674-D30FE9767246} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-15] (Adobe Inc. -> Adobe)
Task: {5C143FB3-8CA5-4C9C-96BE-633F937C5FF3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5E4BA37F-E9AA-47D1-9706-E00F0E29CCB0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6A291EBA-7B4F-4EB4-A388-A056D477321A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {6F5045D0-65AD-4FE4-979B-E2CDE5724ACA} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {7C3EFB71-D38E-4262-97E0-A406A38FB76A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177680 2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C928B29-D7FF-4120-A320-9C1B35655A85} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27278352 2019-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DA6AC64-1220-4330-A214-06BB117C457F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_pepper.exe [1452600 2019-08-15] (Adobe Inc. -> Adobe)
Task: {914ECA99-5ED2-4E79-8667-D8DDD48C8E10} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27278352 2019-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0D8644E-3276-437E-B6CD-D5801F32D631} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {AD7DE0FE-6A79-448F-A791-AB570B94A398} - System32\Tasks\ConsoleAct => C:\Windows\ConsoleAct_x64.exe [840560 2018-08-01] (WZTeam -> MSFree Inc., Ratiborus) [File not signed]
Task: {B16CE096-57EC-4EF1-A56A-B33770180AA6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B4567719-ACFD-4506-80F7-6624F95EBF92} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C226C3D1-020B-4DE8-859A-D0143D752CC2} - System32\Tasks\OInstall => C:\Windows\OInstall.exe [9683800 2018-08-01] (WZTeam -> ) [File not signed]
Task: {CA1999BD-1A1A-4ADA-BA50-0081B8E35F21} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6299792 2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE946BDA-0920-4667-A228-35A3795AE37B} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe
Task: {D3D4E141-E983-4796-85FA-8AFD2C096EF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-14] (Google Inc -> Google Inc.)
Task: {D69D2A2D-0E9E-42BE-9995-718F3C2E9EC7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E198A33F-D1E3-4613-AEA8-B9A618A6E94C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E21018B4-48B8-4B77-9261-A9E5EF26385E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9A6A25D-10E4-4300-AC39-5E930CBB0E6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-14] (Google Inc -> Google Inc.)
Task: {F317E543-52CE-4825-A7BE-17584584FC3C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F91E75A9-37FD-4EC7-899E-C05A65B81A1E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6299792 2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDA69153-E823-46C8-ABEC-F5E64A1D0C12} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{05f2a3dc-162b-4b5b-9d7a-4cf257aedc9f}: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{ab954629-d7b3-48f5-8e9a-6319c0a11212}: [NameServer] 100.120.120.1
Tcpip\..\Interfaces\{b999b08f-b0aa-4129-b051-c5fb43bd634c}: [DhcpNameServer] 4.2.2.1

Internet Explorer:
==================
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-408333896-3164079283-3827766986-1001 -> DefaultScope {61555BF3-C566-45DC-BD27-8F997BFA5C89} URL =
SearchScopes: HKU\S-1-5-21-408333896-3164079283-3827766986-1001 -> {61555BF3-C566-45DC-BD27-8F997BFA5C89} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH -> Eyeo GmbH) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH -> Eyeo GmbH) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\pirja\Downloads
 
FireFox:
========
FF DefaultProfile: 2e3397mj.default
FF DefaultProfile: x50lax2a.default
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11 [2019-08-24]
FF Homepage: Mozilla\Firefox\Profiles\ayiflckg.Default User11 -> about:blank
FF Extension: (TorGuard VPN Extension) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\@VPNetworksLLC.xpi [2019-08-07]
FF Extension: (Antidote) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\antidote9_firefox@druide.com.xpi [2017-11-30] [UpdateUrl:hxxps://www.druide.com/telecharger/texteurs/Mozilla/commun/maj_antidote_mozilla.php?id=%ITEM_ID%&version=%ITEM_VERSION%&appid=%APP_ID%&appversion=%APP_VERSION%&appos=%APP_OS%&appabi=%APP_ABI%&applocale=%APP_LOCALE%;&itemstatus=%ITEM_STATUS%]
FF Extension: (ReCaptcha Solver) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\doz4@hotmail.com.xpi [2019-08-07]
FF Extension: (TubeBuddy for YouTube) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2019-08-23]
FF Extension: (SaveFrom.net helper) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\helper@savefrom.net.xpi [2019-08-20]
FF Extension: (HTTPS Everywhere) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\https-everywhere@eff.org.xpi [2019-08-07]
FF Extension: (Honey) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2019-08-07]
FF Extension: (Pushbullet) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\jid1-BYcQOfYfmBMd9A@jetpack.xpi [2019-08-07]
FF Extension: (Pandora Extended Shortcuts) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\pandora@bbradley.net.xpi [2019-08-07]
FF Extension: (User-Agent Switcher) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2019-08-16]
FF Extension: (minerBlock) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\xd4rker@gmail.com.xpi [2019-08-07]
FF Extension: (Stylish - Custom themes for any website) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2019-08-07]
FF Extension: (Bh Dark Mode) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{62281241-d81e-4922-9c3e-b99fd1ebfcb2}.xpi [2019-08-07]
FF Extension: (DarkTheme) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{99c277af-d778-4a0b-9faa-b1d8165f0a55}.xpi [2019-08-07]
FF Extension: (Dark Fox) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-08-07]
FF Extension: (FTP System c.a.) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\Extensions\{ffca2acd-c848-4961-ab1a-14d45d2c9c22}.xpi [2019-08-07]
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default [2019-08-07]
FF user.js: detected! => C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\user.js [2019-02-15]
FF Homepage: Mozilla\Firefox\Profiles\2e3397mj.default -> about:blank
FF NewTab: Mozilla\Firefox\Profiles\2e3397mj.default -> about:blank
FF Extension: (TorGuard VPN Extension) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\@VPNetworksLLC.xpi [2019-07-01]
FF Extension: (Antidote-Firefox) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\antidote9_firefox@druide.com [2019-02-15] [Legacy]
FF Extension: (Antidote) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\antidote9_firefox@druide.com.xpi [2017-11-30] [UpdateUrl:hxxps://www.druide.com/telecharger/texteurs/Mozilla/commun/maj_antidote_mozilla.php?id=%ITEM_ID%&version=%ITEM_VERSION%&appid=%APP_ID%&appversion=%APP_VERSION%&appos=%APP_OS%&appabi=%APP_ABI%&applocale=%APP_LOCALE%;&itemstatus=%ITEM_STATUS%]
FF Extension: (ReCaptcha Solver) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\doz4@hotmail.com.xpi [2019-07-10]
FF Extension: (Spanish (Spain) Dictionary) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\es-es@dictionaries.addons.mozilla.org.xpi [2019-02-23]
FF Extension: (French spelling dictionary) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2019-04-01]
FF Extension: (SaveFrom.net helper) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\helper@savefrom.net.xpi [2019-08-05]
FF Extension: (HTTPS Everywhere) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\https-everywhere@eff.org.xpi [2019-07-08]
FF Extension: (Privacy Settings) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\jid1-CKHySAadH4nL6Q@jetpack.xpi [2019-06-16]
FF Extension: (English (GB) Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2019-07-24]
FF Extension: (Español (España) Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\langpack-es-ES@firefox.mozilla.org.xpi [2019-07-24]
FF Extension: (Français Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-07-24]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\marcoagpinto@mail.telepac.pt.xpi [2019-07-29]
FF Extension: (minerBlock) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\xd4rker@gmail.com.xpi [2019-06-21]
FF Extension: (Kolotibablo bot) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{228118ac-98b5-4b8f-9ed9-7c18b15c23c4}.xpi [2019-08-05] [UpdateUrl:hxxps://antcpt.com/downloads/kolotibablo/firefox/update_manifest.json]
FF Extension: (Fake video news debunker by InVID) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{b86b6076-1d0f-4ef1-bd24-16bfe94e3eb5}.xpi [2019-07-27]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-05]
FF Extension: (Save time by asking Buster to solve captchas for you.) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\Extensions\{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2019-06-21]
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release [2019-08-25]
FF Extension: (Antidote) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release\Extensions\antidote9_firefox@druide.com.xpi [2019-08-09] [UpdateUrl:hxxps://www.druide.com/telecharger/texteurs/Mozilla/commun/maj_antidote_mozilla.php?id=%ITEM_ID%&version=%ITEM_VERSION%&appid=%APP_ID%&appversion=%APP_VERSION%&appos=%APP_OS%&appabi=%APP_ABI%&applocale=%APP_LOCALE%;&itemstatus=%ITEM_STATUS%]
FF Extension: (French spelling dictionary) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2019-08-10]
FF Extension: (Français Language Pack) - C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\oahddy53.default-release\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-08-10]
FF ProfilePath: C:\Users\pirja\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\x50lax2a.default [2019-05-30]
FF Extension: (Adblock Plus - free ad blocker) - C:\Program Files\Mozilla Firefox\browser\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2019-02-15]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-08-05] (Google Inc -> Google LLC)
FF Plugin-x32: @Tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-408333896-3164079283-3827766986-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin HKU\S-1-5-21-408333896-3164079283-3827766986-1001: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\pirja\AppData\Local\Turbo\19.4.1964.21\npMozillaTurboPlugin.dll [No File]
StartMenuInternet: Firefox-CA9422711AE1A81C - C:\Program Files\Firefox Developer Edition\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default [2019-08-25]
CHR Extension: (Slides) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-17]
CHR Extension: (Docs) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-17]
CHR Extension: (Google Drive) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-17]
CHR Extension: (YouTube) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-17]
CHR Extension: (Honey) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-08-22]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-20]
CHR Extension: (uVPN - free and unlimited VPN for everyone) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog [2019-08-05]
CHR Extension: (Chameleon) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmpojjilddefgnhiicjcmhbkjgbbclob [2019-06-17]
CHR Extension: (Sheets) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-17]
CHR Extension: (Google Docs Offline) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-20]
CHR Extension: (ReCaptcha Solver) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\hapgiopokcmcnjmakciaeaocceodcjdn [2019-07-12]
CHR Extension: (Antidote) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbojggafdepnclikhiapkpinbfdhbdoi [2019-02-17]
CHR Extension: (TorGuard VPN Extension) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnfchpadaikneonajggpooeppnmdolhc [2019-08-13]
CHR Extension: (Buster: Captcha Solver for Humans) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpbjkejclgfgadiemmefgebjfooflfhl [2019-06-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-17]
CHR Extension: (Gmail) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-05]
CHR HKLM\...\Chrome\Extension: [lbojggafdepnclikhiapkpinbfdhbdoi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lbojggafdepnclikhiapkpinbfdhbdoi] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-03-06] (BattlEye Innovations e.K. -> )
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2019-08-23] (Microsoft Windows -> Microsoft Corporation)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2019-06-30] (GuinpinSoft inc) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11587592 2019-08-15] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-08-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [313440 2018-08-24] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; c:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [34976 2018-12-05] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe [1050952 2019-07-11] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{7EF782A9-9B4D-4D1D-8F51-2449D32827BA} [21304 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{7EF782A9-9B4D-4D1D-8F51-2449D32827BA} [21304 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [26984 2019-07-25] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [80744 2019-07-25] (IDSA Production signing key -> Intel)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1892512 2018-12-14] (Intel Corporation -> Intel Corporation)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel(R) Software Development Products -> )
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2019-08-07] (FUTUREMARK INC -> Futuremark)
S4 HfcDisableService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\HfcDisableService.exe [1881672 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 HmaProVpn; C:\Program Files (x86)\HMA! Pro VPN\VpnSvc.exe [6939760 2019-08-12] (Privax Limited -> Privax Limited)
S3 iaStorAfsService; C:\Windows\System32\iaStorAfsService.exe [2859592 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [530208 2019-05-28] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [214672 2018-01-31] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 jswpbapi; C:\Program Files (x86)\Jumpstart\jswpbapi.exe [265216 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\Jumpstart\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-20] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe [2156616 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [881768 2019-06-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-05-24] (Dell Inc. -> Dell Inc.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [205112 2019-05-15] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel(R) Software Development Products -> )
R2 WavesSysSvc; C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe [884616 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-11] (Microsoft Corporation -> Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-20] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (Anvsoft Inc. -> AnvSoft Inc.)
S3 cykbfltrService; C:\Windows\system32\DRIVERS\cykbfltr.sys [19968 2013-09-13] (Cypress Semiconductor, Inc.) [File not signed]
S3 cymfltrService; C:\Windows\system32\DRIVERS\cymfltr.sys [99328 2013-09-13] (Cypress Semiconductor, Inc.) [File not signed]
R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [78832 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [75248 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [403440 2018-12-14] (Intel Corporation -> Intel Corporation)
S3 HfAudio; C:\Windows\System32\drivers\HfAudio.sys [91200 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 HidEventFilter; C:\Windows\System32\DriverStore\FileRepository\hideventfilter.inf_amd64_1ed78f101bc29129\HidEventFilter.sys [84104 2018-11-20] (Intel(R) Software -> Intel Corporation)
R3 hmatap; C:\Windows\System32\drivers\hmatap.sys [36456 2018-09-05] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 hswultpep; C:\Windows\System32\drivers\hswultpep.sys [62968 2013-02-08] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-05-06] (Martin Malik - REALiX -> REALiX(tm))
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [128608 2019-05-22] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1033288 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [72776 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\Windows\System32\drivers\ibtusb.sys [15033120 2019-05-28] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 JSWPSLWF; C:\Windows\system32\DRIVERS\jswpslwfx.sys [26624 2008-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 MEIx64; C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Netwtw06; C:\Windows\System32\drivers\Netwtw06.sys [8723968 2018-09-15] (Microsoft Windows -> Intel Corporation)
R3 Netwtw08; C:\Windows\System32\drivers\Netwtw08.sys [9237792 2019-08-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\nvlddmkm.sys [22347976 2019-08-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-16] (NVIDIA Corporation -> NVIDIA Corporation)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1158944 2019-08-21] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [442664 2019-03-05] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 ScrHIDDriver2; C:\Windows\System32\drivers\ScrHIDDriver2.sys [75800 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2019-05-15] (Intel Corporation -> )
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46776 2019-05-24] (SteelSeries ApS -> )
R3 sshid; C:\Windows\System32\drivers\sshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [44976 2018-09-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
U5 vsock; C:\Windows\System32\Drivers\vsock.sys [92040 2018-06-22] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-07-12] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-25 01:59 - 2019-08-25 02:00 - 000066964 _____ C:\Users\pirja\Downloads\FRST.txt
2019-08-25 01:57 - 2019-08-25 01:59 - 000000000 ____D C:\FRST
2019-08-25 01:57 - 2019-08-25 01:57 - 001612800 _____ (Farbar) C:\Users\pirja\Downloads\FRST64.exe
2019-08-23 23:45 - 2019-08-23 23:45 - 000000000 ____D C:\Program Files\Windows Identity Foundation
2019-08-23 23:35 - 2019-08-23 23:35 - 000993280 _____ (Kculp) C:\ProgramData\VulkanInfo.exe
2019-08-23 20:36 - 2019-08-23 20:37 - 123477920 _____ (NVIDIA Corporation New) C:\Users\pirja\Downloads\GeForce_Experience_v3.19.0.107.exe
2019-08-23 18:30 - 2019-08-23 18:30 - 000196016 _____ C:\Users\pirja\Downloads\test.pdf
2019-08-23 18:14 - 2019-08-23 18:14 - 001194225 _____ C:\Users\pirja\Downloads\Demande de révision du prêt de 2018-2019-converted-fusionné.pdf
2019-08-23 18:08 - 2019-08-23 18:08 - 001129922 _____ C:\Users\pirja\Downloads\20190822103411877(1).pdf
2019-08-23 18:04 - 2019-08-23 18:04 - 000065603 _____ C:\Users\pirja\Downloads\Demande de révision du prêt de 2018-2019-converted.pdf
2019-08-23 00:02 - 2019-08-23 00:02 - 000000000 ____D C:\Users\pirja\AppData\Roaming\NVIDIA
2019-08-22 23:58 - 2019-08-22 23:58 - 000551172 _____ C:\Users\pirja\Downloads\4_6046298128577987784.mp4
2019-08-22 22:27 - 2019-08-22 22:28 - 116596248 _____ (decentral.ca) C:\Users\pirja\Downloads\Jaxx.Liberty-setup-2.2.5.exe
2019-08-22 21:23 - 2018-06-16 00:36 - 003936393 _____ C:\Users\pirja\Downloads\pass.7z
2019-08-22 16:51 - 2019-08-22 16:51 - 000012376 _____ C:\Users\pirja\AppData\Local\recently-used.xbel
2019-08-22 16:50 - 2019-08-22 16:51 - 004349883 _____ C:\Users\pirja\Documents\Unt1111111111111111111111111111111111111111111itled.jpeg
2019-08-22 16:26 - 2019-08-22 16:33 - 2780496356 _____ C:\Users\pirja\Downloads\facebook-guillaumedoyon117_2.7z
2019-08-22 16:17 - 2019-08-22 16:17 - 000156987 _____ C:\Users\pirja\Downloads\Complete_LinkedInDataExport_08-22-2019.zip
2019-08-22 15:56 - 2019-08-22 16:10 - 3002734127 _____ C:\Users\pirja\Downloads\Unconfirmed 706984.crdownload
2019-08-22 15:47 - 2019-08-22 15:47 - 001567169 _____ C:\Users\pirja\Documents\lllllllllllllllllllllllll.jpeg
2019-08-22 12:52 - 2019-08-22 12:52 - 001129922 _____ C:\Users\pirja\Downloads\20190822103411877.pdf
2019-08-21 19:10 - 2019-08-21 19:10 - 000000012 _____ C:\Users\pirja\Desktop\New Text Document (4).txt
2019-08-21 18:08 - 2019-08-21 18:08 - 001151544 _____ (Google LLC) C:\Users\pirja\Downloads\ChromeSetup.exe
2019-08-21 17:15 - 2019-08-21 17:26 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Somiibo
2019-08-21 16:11 - 2019-08-21 16:11 - 005509505 _____ C:\Users\pirja\Downloads\SetupTheBestSpinner3.exe
2019-08-21 15:53 - 2019-08-21 15:53 - 001424328 _____ (Microsoft Corporation) C:\Users\pirja\Downloads\NDP461-KB3102438-Web.exe
2019-08-21 00:59 - 2019-08-21 00:59 - 000000000 ____D C:\Users\pirja\Downloads\WiFi_21.30.3_Driver64_Win10
2019-08-21 00:59 - 2019-08-21 00:59 - 000000000 ____D C:\Program Files\DIFX
2019-08-21 00:58 - 2019-08-21 00:59 - 022143703 _____ C:\Users\pirja\Downloads\WiFi_21.30.3_Driver64_Win10.zip
2019-08-21 00:57 - 2019-08-21 00:57 - 011069014 _____ C:\Users\pirja\Downloads\Install_Win10_10036_07222019(1).zip
2019-08-21 00:57 - 2019-08-21 00:57 - 000000000 ____D C:\Users\pirja\Downloads\Install_Win10_10036_07222019(1)
2019-08-21 00:54 - 2019-08-21 00:54 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2019-08-21 00:53 - 2019-08-16 19:52 - 000075600 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2019-08-21 00:51 - 2019-08-17 17:26 - 001012432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 001012432 _____ C:\Windows\system32\vulkan-1.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000876240 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000876240 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000447368 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000352136 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-08-21 00:51 - 2019-08-17 17:26 - 000301264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-08-21 00:51 - 2019-08-17 17:26 - 000301264 _____ C:\Windows\system32\vulkaninfo.exe
2019-08-21 00:51 - 2019-08-17 17:26 - 000273104 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-08-21 00:51 - 2019-08-17 17:26 - 000273104 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-08-21 00:51 - 2019-08-17 17:25 - 011560536 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-08-21 00:51 - 2019-08-17 17:25 - 009935776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 017300360 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 014921096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 005478336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 005358016 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 004696512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 002051032 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001550480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001477512 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001247832 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 001140424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000999632 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000959904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000824200 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000813496 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000676552 _____ C:\Windows\system32\nvofapi64.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000659360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000633224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000571864 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2019-08-21 00:51 - 2019-08-17 17:24 - 000544648 _____ C:\Windows\SysWOW64\nvofapi.dll
 
2019-08-21 00:51 - 2019-08-17 17:24 - 000523712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-08-21 00:51 - 2019-08-17 17:24 - 000450304 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2019-08-21 00:51 - 2019-08-17 17:23 - 040441280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 035331008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 005002008 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 004263808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-08-21 00:51 - 2019-08-17 17:23 - 000858504 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2019-08-21 00:51 - 2019-08-16 19:52 - 000104564 _____ C:\Windows\system32\nvidia-smi.1.pdf
2019-08-21 00:51 - 2019-08-16 19:52 - 000073648 _____ C:\Windows\system32\nvinfo.pb
2019-08-20 23:16 - 2019-08-20 23:16 - 000116770 _____ C:\Users\pirja\Downloads\mydata.1566354890401_2.7z
2019-08-20 23:15 - 2019-08-20 23:15 - 000150418 _____ C:\Users\pirja\Downloads\Basic_LinkedInDataExport_08-21-2019_2.7z
2019-08-20 22:44 - 2019-08-20 22:46 - 387921972 _____ C:\Users\pirja\Downloads\polvojack_20190820_2.7z
2019-08-20 18:22 - 2019-08-21 00:53 - 000008457 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2019-08-20 02:09 - 2019-08-20 02:09 - 007948008 _____ (Tim Kosse) C:\Users\pirja\Downloads\FileZilla_3.44.2_win64-setup.exe
2019-08-20 01:49 - 2019-08-20 01:49 - 000002072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WickrMe.lnk
2019-08-20 01:49 - 2019-08-20 01:49 - 000002066 _____ C:\Users\Public\Desktop\WickrMe.lnk
2019-08-20 01:49 - 2019-08-20 01:49 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Wickr, LLC
2019-08-20 01:49 - 2019-08-20 01:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WickrMe
2019-08-20 00:04 - 2019-08-20 00:04 - 000560292 _____ C:\Users\pirja\Downloads\Game.of.Thrones.The.Last.Watch.2019.DOC.SUBFRENCH.1080p.HDTV.H264-ELEARNiNG.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000023507 _____ C:\Users\pirja\Downloads\RAMIN DJAWADI • 2019 • Game of Thrones - Season 8.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000017645 _____ C:\Users\pirja\Downloads\Game.Of.Thrones.S07.Les.Coulisses.Ep02.VOSTFR.HDTV.720P.AVC.AC3-Nikomimi.mkv.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000010985 _____ C:\Users\pirja\Downloads\Game.Of.Thrones.S07.Les.Coulisses.EP07.VOSTFR.HDTV.720P.AVC.AC3-Nikomimi.mkv.torrent
2019-08-20 00:03 - 2019-08-20 00:03 - 000009037 _____ C:\Users\pirja\Downloads\Game.Of.Thrones.S07.Les.Coulisses.EP03.HDTV.720P.AVC.AC3-Nikomimi.mkv.torrent
2019-08-20 00:02 - 2019-08-20 00:02 - 000022661 _____ C:\Users\pirja\Downloads\G2ameoThro5nesSE-EA-elamigos.torrent
2019-08-20 00:01 - 2019-08-20 00:01 - 000011873 _____ C:\Users\pirja\Downloads\zScience & Vie Game of Trones N°1 Avril 2019.pdf.torrent
2019-08-18 15:51 - 2019-08-18 15:51 - 000000000 ____D C:\Users\pirja\AppData\Roaming\MediaInfo
2019-08-18 15:43 - 2019-08-18 15:44 - 633725014 _____ C:\Users\pirja\Downloads\UN.PARALLÈLE.PLUS.TARD.2014.VFQ.Web-DL.x264.mp4
2019-08-18 15:22 - 2019-08-18 15:23 - 117199600 _____ (decentral.ca) C:\Users\pirja\Downloads\Jaxx.Liberty-setup-2.2.4.exe
2019-08-15 19:20 - 2019-08-15 19:20 - 000000000 ____D C:\Users\pirja\Downloads\Soundnode
2019-08-15 19:18 - 2019-08-15 19:18 - 000000981 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soundnode.exe - Shortcut.lnk
2019-08-15 18:30 - 2019-08-15 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-08-13 18:51 - 2019-08-13 18:51 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 023453696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 020816896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 019011584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 012939776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 012244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 011724288 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 009941504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 008900608 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 007921664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 007871488 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006925312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006544552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006308016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 006065152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 005587968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 004628992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 004344832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 003978240 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 003818632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 003656704 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002942976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002926096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 002778760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002765312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002700792 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002346496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002298880 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002278792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002177336 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-08-13 18:51 - 2019-08-13 18:51 - 002073232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 002017792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-08-13 18:51 - 2019-08-13 18:51 - 001966904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 001733120 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001711104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001701880 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-08-13 18:51 - 2019-08-13 18:51 - 001668752 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001506304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001483872 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001477432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001472568 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001465984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001391096 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001344960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-08-13 18:51 - 2019-08-13 18:51 - 001290752 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001280000 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001278808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001257472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001222160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 001221528 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001182240 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 001180464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000956416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000882688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000806024 _____ (Microsoft Corporation) C:\Windows\system32\BioIso.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000791040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000783184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000763392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000730112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000658944 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000535056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000522104 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000515440 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000495104 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000440320 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000398928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000383504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2PGraph.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000349184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingDiagSpp.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\ComposableShellProxyStub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000297984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000264704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShellCommonCommonProxyStub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-08-13 18:51 - 2019-08-13 18:51 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\p2pnetsh.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-08-13 18:51 - 2019-08-13 18:51 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\p2pnetsh.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000173216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000165888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComposableShellProxyStub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000152576 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSoftwareInstallationClient.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2019-08-13 18:51 - 2019-08-13 18:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000121656 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000114128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\CoreShellExtFramework.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000092832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2019-08-13 18:51 - 2019-08-13 18:51 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvsetup.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Groupinghc.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000058882 _____ C:\Windows\system32\srms.dat
2019-08-13 18:51 - 2019-08-13 18:51 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hmkd.dll
2019-08-13 18:51 - 2019-08-13 18:51 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 007687784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 005570968 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 004737536 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 004351656 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 004056576 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003635200 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 003567104 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003385856 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003363856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 003335224 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 003333632 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002999808 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002767160 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 002593544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002438576 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002421760 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002031104 _____ C:\Windows\system32\rdpnano.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 002022096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001892864 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001715712 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001674752 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001662264 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001479184 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001466880 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001321784 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001294488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001267712 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001260560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001232384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 001205248 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001171968 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001098272 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001048376 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 001038336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001020416 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 001004544 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000980992 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000900096 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000895792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000888832 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000869888 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000864568 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000850976 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000833024 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000799784 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000794040 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000788480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000771072 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000764416 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000732168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000678680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000652088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000622080 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000603280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000586256 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000580024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\ShellCommonCommonProxyStub.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000508968 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000482104 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000449576 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000444728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000394240 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000375752 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000371200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Diagnostics.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\LicensingDiagSpp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000349696 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000310072 _____ (Microsoft Corporation) C:\Windows\system32\computestorage.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000305664 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000294512 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000278624 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000270848 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000253256 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000248120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
 
2019-08-13 18:50 - 2019-08-13 18:50 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000230848 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000212792 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000203064 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000200504 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SIUF.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000193040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000189712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\appsruprov.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000152080 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000141736 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000125016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000118480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pmem.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\drvsetup.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-08-13 18:50 - 2019-08-13 18:50 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\DiskSnapshot.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000087056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\hmkd.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\WindowsUpdateElevatedInstaller.exe
2019-08-13 18:50 - 2019-08-13 18:50 - 000032784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000032568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys
2019-08-13 18:50 - 2019-08-13 18:50 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\kdcpw.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-08-13 18:50 - 2019-08-13 18:50 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-08-13 17:24 - 2019-08-13 17:24 - 000000206 _____ C:\Users\pirja\Downloads\github-recovery-codes (1).txt
2019-08-13 17:21 - 2019-08-13 17:21 - 000000206 _____ C:\Users\pirja\Downloads\github-recovery-codes.txt
2019-08-13 16:39 - 2019-08-13 16:39 - 000293341 _____ C:\Users\pirja\Downloads\nvidiaInspector.zip
2019-08-13 16:39 - 2019-08-13 16:39 - 000000000 ____D C:\Users\pirja\Downloads\nvidiaInspector
2019-08-13 16:21 - 2019-08-13 16:21 - 000000000 ____D C:\Program Files (x86)\Futuremark
2019-08-13 16:20 - 2019-08-13 16:20 - 000917486 _____ C:\Users\pirja\Downloads\4.3.1 (2).zip
2019-08-13 07:49 - 2019-08-13 07:49 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-08-13 07:49 - 2019-08-13 07:49 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-08-13 07:49 - 2019-08-13 07:49 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-08-13 07:49 - 2019-08-13 07:49 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-08-13 01:49 - 2019-08-20 18:22 - 000007650 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2019-08-13 00:55 - 2019-07-23 11:33 - 000110064 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2019-08-13 00:54 - 2019-08-13 00:54 - 000097176 ____H (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCMON24.SYS
2019-08-12 18:19 - 2019-08-20 05:09 - 000007660 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2019-08-12 02:39 - 2019-08-19 10:24 - 000008031 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2019-08-11 23:49 - 2019-08-11 23:49 - 000917486 _____ C:\Users\pirja\Downloads\4.3.1 (1).zip
2019-08-11 13:59 - 2019-08-19 02:35 - 000008039 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2019-08-10 23:41 - 2019-08-10 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tap'Touche Junior
2019-08-10 23:41 - 2019-08-10 23:41 - 000000000 ____D C:\Program Files (x86)\Tap'Touche Junior
2019-08-10 14:36 - 2019-08-11 13:59 - 000009831 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2019-08-10 03:52 - 2019-08-10 14:36 - 000008031 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2019-08-09 14:31 - 2019-08-17 04:05 - 000007673 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2019-08-09 13:53 - 2019-08-09 13:53 - 005762696 _____ (MediaArea.net) C:\Users\pirja\Downloads\MediaInfo_GUI_19.07_Windows.exe
2019-08-09 13:53 - 2019-08-09 13:53 - 000000885 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2019-08-09 13:53 - 2019-08-09 13:53 - 000000000 ____D C:\Program Files\MediaInfo
2019-08-09 13:45 - 2019-08-09 13:45 - 002094710 _____ C:\Users\pirja\Downloads\iNFekt-v1.0.1-64bit-Portable.rar
2019-08-09 13:45 - 2019-08-09 13:45 - 000000000 ____D C:\Users\pirja\Downloads\iNFekt-v1.0.1-64bit-Portable
2019-08-09 13:43 - 2019-08-09 13:44 - 002422143 _____ C:\Users\pirja\Downloads\NFOlux.zip
2019-08-09 13:39 - 2019-08-09 13:45 - 077766821 _____ C:\Users\pirja\Downloads\Killer-Ethernet-Wireless_INF_2019-08-02(1).zip
2019-08-09 13:38 - 2019-08-09 13:38 - 000000000 ____D C:\Users\pirja\Downloads\Killer-Ethernet-Wireless_INF_2019-08-02
2019-08-09 13:37 - 2019-08-09 13:37 - 000000000 ____D C:\Users\pirja\Downloads\Install_Win10_10036_07222019
2019-08-09 13:28 - 2019-08-09 13:28 - 001624440 _____ (Tous Les Drivers) C:\Users\pirja\Downloads\Mes_Drivers_3.0.4(2).exe
2019-08-09 12:51 - 2019-08-09 12:51 - 077766821 _____ C:\Users\pirja\Downloads\Killer-Ethernet-Wireless_INF_2019-08-02.zip
2019-08-09 12:51 - 2019-08-09 12:51 - 011069014 _____ C:\Users\pirja\Downloads\Install_Win10_10036_07222019.zip
2019-08-09 12:50 - 2019-08-09 12:50 - 001624440 _____ (Tous Les Drivers) C:\Users\pirja\Downloads\Mes_Drivers_3.0.4(1).exe
2019-08-08 07:04 - 2019-08-08 07:04 - 000000220 _____ C:\Users\pirja\Downloads\LinksParaDownload - Baixar Premium.txt
2019-08-07 14:48 - 2019-08-07 14:48 - 000000000 ____D C:\Program Files\BatteryBar
2019-08-07 14:44 - 2019-08-07 14:45 - 000001491 _____ C:\Users\pirja\Desktop\BatteryBar.exe - Shortcut.lnk
2019-08-07 14:14 - 2019-08-07 14:14 - 000000000 ____D C:\Users\pirja\Downloads\BatteryBar Pro
2019-08-07 14:13 - 2019-08-07 14:13 - 001576940 _____ C:\Users\pirja\Downloads\BatteryBar Pro.rar
2019-08-07 13:58 - 2019-08-07 14:49 - 000000000 ____D C:\Users\pirja\AppData\Roaming\BatteryBar
2019-08-07 13:14 - 2019-08-23 17:10 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2019-08-07 13:14 - 2019-08-23 17:10 - 000000000 ____D C:\Program Files\Firefox Developer Edition
2019-08-07 13:14 - 2019-08-07 13:14 - 000001065 _____ C:\Users\Public\Desktop\Firefox Developer Edition.lnk
2019-08-07 11:59 - 2019-08-07 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2019-08-07 11:59 - 2019-08-07 11:59 - 000000000 ____D C:\Program Files\qBittorrent
2019-08-06 12:39 - 2019-08-06 12:39 - 000318401 _____ C:\Users\pirja\Downloads\CV_2018_Guilla11ume11.pdf
2019-08-05 18:57 - 2019-08-05 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twitch Leecher
2019-08-05 18:57 - 2019-08-05 18:57 - 000000000 ____D C:\Program Files\Twitch Leecher
2019-08-05 18:55 - 2019-08-05 18:55 - 000772176 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000622832 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000433448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000087296 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000083768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000032816 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000029232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000017968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2019-08-05 18:55 - 2019-08-05 18:55 - 000017968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2019-08-05 18:53 - 2019-08-05 18:53 - 094388235 _____ (Franiac) C:\Users\pirja\Downloads\TwitchLeecher_1.7.exe
2019-08-05 16:11 - 2019-08-05 17:03 - 000000122 _____ C:\Users\pirja\Desktop\New Text Document.txt
2019-08-05 15:59 - 2019-08-05 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Desktop Manager
2019-08-05 15:59 - 2019-08-05 15:59 - 000000000 ____D C:\Program Files (x86)\Devolutions
2019-08-05 15:13 - 2019-08-05 15:25 - 669877316 _____ C:\Users\pirja\Downloads\LA CHIENNE.mp4
2019-08-05 15:12 - 2019-08-05 15:32 - 2557296291 _____ C:\Users\pirja\Downloads\20170426_GAME_OF_DEATH_FILM_ONLINE_23976_HD_PR4444_179_H264_STEREO_709.mp4
2019-08-05 15:11 - 2019-08-05 15:23 - 621069553 _____ C:\Users\pirja\Downloads\UN PARALLÈLE PLUS TARD.mov
2019-08-03 23:57 - 2019-08-04 01:57 - 000000000 ____D C:\Users\1\AppData\Local\Packages
2019-08-01 01:57 - 2019-07-31 20:01 - 211912436 _____ C:\Users\pirja\Downloads\2yxa_ru_djeiyrsfehgec_31037721149.mp4
2019-07-30 21:37 - 2019-07-30 21:37 - 025065784 _____ (Intel Corporation) C:\Windows\system32\mfxplugin64_hw.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 021083760 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 019988112 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 011911984 _____ (Intel Corporation) C:\Windows\SysWOW64\mfxplugin32_hw.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003196768 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_h265ve_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003189992 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_vp9ve_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003176944 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_h264ve_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 003007288 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_mjpgvd_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002972128 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_encrypt_64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002589184 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_h265ve_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002584504 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_vp9ve_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002575648 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_h264ve_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002439472 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_mjpgvd_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 002418832 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_encrypt_32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000212672 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000184352 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000183096 _____ C:\Windows\SysWOW64\libGLESv2.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000148272 _____ C:\Windows\SysWOW64\libGLESv1_CM.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000147256 _____ C:\Windows\SysWOW64\libEGL.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000121136 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000108344 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2019-07-30 21:37 - 2019-07-30 21:37 - 000072405 _____ C:\Windows\SysWOW64\h265e_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000071912 _____ C:\Windows\SysWOW64\vp9e_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000070745 _____ C:\Windows\SysWOW64\he_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000065793 _____ C:\Windows\SysWOW64\mj_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000057143 _____ C:\Windows\SysWOW64\dev_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000056359 _____ C:\Windows\system32\dev_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000014121 _____ C:\Windows\system32\h265e_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000013956 _____ C:\Windows\system32\vp9e_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000013545 _____ C:\Windows\system32\he_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000013281 _____ C:\Windows\system32\mj_64.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000001125 _____ C:\Windows\SysWOW64\cpa_32.vp
2019-07-30 21:37 - 2019-07-30 21:37 - 000001125 _____ C:\Windows\system32\cpa_64.vp
2019-07-27 22:42 - 2019-07-27 22:42 - 000113695 _____ C:\Users\pirja\Downloads\wittenberger-fraktur-mt.zip
2019-07-26 21:11 - 2019-07-26 21:11 - 000000000 ____D C:\Users\pirja\AppData\Roaming\bluray
2019-07-26 19:40 - 2019-07-26 19:40 - 000000000 ____D C:\Program Files\aacs
2019-07-26 19:36 - 2019-07-26 19:37 - 000000000 ____D C:\Users\pirja\AppData\Roaming\aacs

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-08-25 01:59 - 2019-02-15 19:07 - 000000000 ____D C:\Users\pirja\AppData\Local\Battle.net
2019-08-25 01:43 - 2019-06-03 00:39 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-08-25 00:49 - 2019-02-15 18:50 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Spotify
2019-08-24 23:31 - 2018-09-15 03:31 - 000000000 ____D C:\Windows\INF
2019-08-24 23:09 - 2019-02-14 22:46 - 000000000 ____D C:\Users\pirja\AppData\LocalLow\Mozilla
2019-08-24 21:06 - 2019-01-28 10:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-08-24 20:40 - 2019-02-23 05:47 - 000000526 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-08-24 15:46 - 2019-01-28 10:52 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2019-08-24 15:46 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\AppReadiness
2019-08-24 15:33 - 2019-01-28 10:51 - 000893674 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-24 15:31 - 2019-02-14 23:32 - 000000000 ____D C:\Users\pirja\AppData\Local\Packages
2019-08-24 15:31 - 2019-02-14 21:36 - 000000000 ____D C:\Users\pirja\AppData\Local\PlaceholderTileLogoFolder
2019-08-24 15:31 - 2019-01-28 10:50 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-24 15:31 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-24 15:29 - 2019-04-28 15:27 - 000102265 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2019-08-24 15:29 - 2019-04-28 15:27 - 000017429 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2019-08-24 15:29 - 2019-03-05 15:38 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Clipdiary
2019-08-24 15:29 - 2019-02-15 17:06 - 000000000 ____D C:\Users\pirja\AppData\Local\Pushbullet
2019-08-24 15:29 - 2019-02-14 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-08-24 15:29 - 2019-01-28 10:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-24 15:29 - 2018-09-15 02:09 - 000786432 _____ C:\Windows\system32\config\BBI
2019-08-24 15:28 - 2019-02-14 22:46 - 000000000 ____D C:\Program Files (x86)\Steam
2019-08-24 00:51 - 2019-02-16 15:11 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Discord
2019-08-23 23:46 - 2018-09-15 03:23 - 000000000 ____D C:\Windows\CbsTemp
2019-08-23 23:44 - 2019-03-07 17:56 - 000000000 ____D C:\Users\pirja\AppData\Local\ElevatedDiagnostics
2019-08-23 20:50 - 2019-05-23 14:25 - 000000000 ___HD C:\adobeTemp
2019-08-23 20:50 - 2019-05-09 06:33 - 000000000 ____D C:\Users\pirja\.android
2019-08-23 20:39 - 2019-02-15 17:00 - 000000000 ____D C:\Users\pirja\AppData\Local\D3DSCache
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-05-27 16:39 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:07 - 000001445 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-08-23 20:38 - 2019-04-13 17:01 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:01 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:01 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-04-13 17:01 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-01-28 10:50 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-01-28 10:50 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-23 20:38 - 2019-01-28 10:50 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-08-23 20:38 - 2019-01-28 10:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-08-23 20:38 - 2019-01-28 10:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-08-23 20:35 - 2019-02-15 18:51 - 000000000 ____D C:\Users\pirja\AppData\Local\Spotify
2019-08-23 17:22 - 2019-02-15 19:05 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-08-23 12:46 - 2019-04-28 15:27 - 000010168 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2019-08-23 00:39 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-08-23 00:02 - 2019-02-14 22:57 - 000000000 ____D C:\Users\pirja\AppData\Local\NVIDIA
2019-08-22 23:41 - 2019-02-18 12:53 - 000000000 ____D C:\Users\pirja\Documents\Overwatch
2019-08-22 22:28 - 2019-02-16 14:04 - 000002407 _____ C:\Users\pirja\Desktop\Jaxx Liberty.lnk
2019-08-22 20:37 - 2019-02-20 21:28 - 000000000 ____D C:\Users\pirja\AppData\Local\babl-0.1
2019-08-22 16:50 - 2019-02-20 21:30 - 000000000 ____D C:\Users\pirja\AppData\Local\gtk-2.0
2019-08-22 16:32 - 2019-02-24 02:22 - 000000000 ____D C:\Users\pirja\AppData\Roaming\Anvsoft
2019-08-22 07:10 - 2019-02-15 16:57 - 000000000 ____D C:\Users\pirja\AppData\Local\MEGAsync
2019-08-22 00:21 - 2019-04-29 15:40 - 000008575 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2019-08-21 18:08 - 2019-02-14 22:39 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-21 18:08 - 2019-02-14 22:39 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-21 16:29 - 2019-02-14 22:43 - 000000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-08-21 16:29 - 2019-02-14 22:43 - 000000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-08-21 16:29 - 2019-02-14 22:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-08-21 15:10 - 2019-05-01 00:03 - 000000918 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-08-21 04:41 - 2019-02-14 22:43 - 000003998 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2019-08-21 04:41 - 2019-02-14 22:43 - 000003766 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2019-08-21 00:59 - 2019-07-11 02:43 - 021473952 _____ C:\Windows\system32\Drivers\Netwfw08.dat
2019-08-21 00:59 - 2019-02-14 23:52 - 009237792 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw08.sys
2019-08-21 00:59 - 2019-02-14 23:52 - 001089312 _____ (Intel Corporation) C:\Windows\system32\IntelWifiIhv08.dll
2019-08-21 00:57 - 2019-01-28 10:51 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-08-21 00:57 - 2019-01-28 10:31 - 001158944 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2019-08-20 22:31 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-20 22:31 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-08-20 22:30 - 2019-02-14 22:20 - 000000000 ____D C:\Program Files\Microsoft Office
2019-08-20 22:28 - 2019-02-14 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2019-08-20 22:28 - 2019-02-14 22:41 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2019-08-20 17:58 - 2019-03-13 15:34 - 000000000 ____D C:\Windows\files
2019-08-20 04:36 - 2019-02-15 17:03 - 000000000 ____D C:\Users\pirja\AppData\Roaming\FileZilla
2019-08-20 02:59 - 2019-03-15 20:40 - 000000000 ____D C:\Users\pirja\AppData\Local\cache
2019-08-18 17:41 - 2019-03-06 21:08 - 000000000 ____D C:\Users\pirja\AppData\Roaming\VoiceAttack
2019-08-18 16:42 - 2019-03-07 02:19 - 000000000 ____D C:\Users\pirja\AppData\Roaming\qBittorrent
2019-08-18 15:26 - 2019-02-24 18:26 - 000000911 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Angry IP Scanner.lnk
2019-08-18 15:26 - 2019-02-24 18:26 - 000000000 ____D C:\Program Files\Angry IP Scanner
2019-08-18 14:43 - 2019-06-17 18:36 - 000004248 _____ C:\Windows\System32\Tasks\HMA! Pro VPN Update
2019-08-17 00:21 - 2019-02-14 22:06 - 000000000 ____D C:\Users\pirja\AppData\Local\CrashDumps
2019-08-16 23:07 - 2019-02-24 21:43 - 000000000 ____D C:\Users\pirja\AppData\Roaming\TIDAL
2019-08-15 21:59 - 2019-04-28 20:00 - 000007645 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2019-08-15 20:41 - 2019-02-24 17:47 - 000000000 ____D C:\Users\pirja\AppData\Local\Soundnode
2019-08-15 19:44 - 2019-02-14 22:41 - 000004550 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-08-15 19:44 - 2019-02-14 22:41 - 000004370 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-08-15 19:44 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-08-15 19:44 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\system32\Macromed
2019-08-15 19:43 - 2019-02-14 22:40 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-08-15 19:43 - 2019-02-14 22:40 - 000000995 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-08-15 18:30 - 2019-02-14 22:43 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-08-15 18:27 - 2019-02-14 22:46 - 000000000 ____D C:\Users\pirja\AppData\Local\Greenshot
2019-08-14 23:30 - 2019-06-17 18:36 - 000000000 ____D C:\Program Files (x86)\HMA! Pro VPN
2019-08-14 23:30 - 2019-02-14 23:32 - 000000000 ___RD C:\Users\pirja\3D Objects
2019-08-14 23:30 - 2019-01-28 10:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-14 23:30 - 2019-01-28 10:46 - 005285704 _____ C:\Windows\system32\FNTCACHE.DAT
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ___SD C:\Windows\system32\UNP
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\system32\oobe
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\Provisioning
2019-08-13 21:58 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\bcastdvr
2019-08-13 19:52 - 2019-02-21 18:03 - 000000000 ____D C:\Users\pirja\AppData\Local\Warframe
2019-08-13 17:51 - 2019-03-06 19:21 - 000000000 ____D C:\Users\pirja\Documents\3DMark
2019-08-13 01:23 - 2019-03-07 20:07 - 000000000 ____D C:\Users\pirja\AppData\Roaming\.minecraft
2019-08-13 01:07 - 2019-03-17 13:58 - 000000000 ____D C:\Users\pirja\AppData\Local\Ubisoft Game Launcher
2019-08-13 00:55 - 2019-02-15 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-08-13 00:52 - 2019-04-15 18:05 - 000000000 ____D C:\Program Files (x86)\Yubico
2019-08-13 00:52 - 2019-04-15 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yubico
2019-08-13 00:52 - 2019-02-24 18:03 - 000000000 ____D C:\Program Files (x86)\Gpg4win
2019-08-13 00:51 - 2019-06-18 14:16 - 000000000 ____D C:\Program Files (x86)\GnuPG
2019-08-13 00:50 - 2018-09-15 03:33 - 000000000 ____D C:\Windows\system32\NDF
2019-08-12 18:15 - 2019-07-22 23:57 - 000000000 ____D C:\Users\pirja\Downloads\111
2019-08-12 18:10 - 2019-01-28 11:08 - 000000000 ____D C:\ProgramData\Packages
2019-08-09 14:31 - 2019-05-09 14:19 - 000006586 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2019-08-09 13:57 - 2019-01-28 10:27 - 000000000 ____D C:\Windows\Panther
2019-08-09 13:31 - 2019-02-14 23:32 - 000000000 ____D C:\Users\pirja\AppData\Local\Publishers
2019-08-09 13:29 - 2019-01-28 10:49 - 000000000 ____D C:\ProgramData\Package Cache
2019-08-08 13:31 - 2019-04-28 21:56 - 000004514 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2019-08-08 13:23 - 2019-03-07 20:07 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2019-08-08 01:56 - 2019-02-24 21:43 - 000000000 ____D C:\Users\pirja\AppData\Local\TIDAL
2019-08-05 16:00 - 2019-02-14 22:43 - 000001421 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UpdateInstaller.lnk
2019-08-05 16:00 - 2019-02-14 22:43 - 000001316 _____ C:\Users\pirja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UpdateGenerator.lnk
2019-08-05 15:58 - 2019-02-14 22:39 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-05 15:58 - 2019-02-14 22:39 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-05 15:33 - 2019-02-25 12:06 - 000000000 ____D C:\Users\pirja\AppData\Roaming\vlc
2019-08-05 15:33 - 2019-02-15 21:05 - 000001020 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk
2019-08-04 01:57 - 2019-04-08 21:55 - 000000000 ____D C:\Users\1
2019-08-04 00:08 - 2019-03-15 20:39 - 000000000 ____D C:\Users\pirja\AppData\Roaming\steelseries-engine-3-client
2019-08-04 00:06 - 2019-03-04 17:46 - 000003648 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask

==================== Files in the root of some directories ================

2019-08-23 23:35 - 2019-08-23 23:35 - 000993280 _____ (Kculp) C:\ProgramData\VulkanInfo.exe
2019-06-01 17:51 - 2019-06-01 17:51 - 000000000 _____ () C:\Users\pirja\AppData\Local\oobelibMkey.log
2019-08-22 16:51 - 2019-08-22 16:51 - 000012376 _____ () C:\Users\pirja\AppData\Local\recently-used.xbel
2019-03-03 20:30 - 2019-03-03 20:30 - 000001464 _____ () C:\Users\pirja\AppData\Local\root72.cer
2019-03-03 20:30 - 2019-03-03 20:30 - 000001708 _____ () C:\Users\pirja\AppData\Local\root72.key
2019-03-03 20:30 - 2019-04-08 14:49 - 000000016 _____ () C:\Users\pirja\AppData\Local\root72.md5
2019-06-14 00:35 - 2019-06-14 00:58 - 000000071 _____ () C:\Users\pirja\AppData\Local\update_progress.txt

==================== FLock ================

2019-01-28 11:28 C:\Recovery

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-08-2019
Ran by reznov (25-08-2019 02:00:26)
Running from C:\Users\pirja\Downloads
Windows 10 Pro Version 1809 17763.678 (X64) (2019-02-15 03:27:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-408333896-3164079283-3827766986-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-408333896-3164079283-3827766986-503 - Limited - Disabled)
Guest (S-1-5-21-408333896-3164079283-3827766986-501 - Limited - Disabled)
reznov (S-1-5-21-408333896-3164079283-3827766986-1001 - Administrator - Enabled) => C:\Users\pirja
WDAGUtilityAccount (S-1-5-21-408333896-3164079283-3827766986-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

20XX (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\495310509382565890) (Version: - )
4K Stogram 2.7 (HKLM\...\{2AB82C7A-9389-40F5-B6BC-9EC7CC04B015}) (Version: 2.7.2.1795 - Open Media LLC)
4K Video Downloader 4.5 (HKLM\...\{180B9AE1-F87B-4107-8C68-4265E927D6A8}) (Version: 4.5.0.2482 - Open Media LLC)
4K YouTube to MP3 3.4 (HKLM\...\{93F13E7C-9562-494F-8762-FD13263812AD}) (Version: 3.4.0.1964 - Open Media LLC)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Acapela Synthèse de la Parole pour le WordQ 4 (français) (HKLM-x32\...\{F0ADA798-6CB1-49FB-A2D3-060FFA25D60E}) (Version: 9.1.1 - Quillsoft Ltd.)
Acapela Text to Speech for WordQ 4 (Core) (HKLM-x32\...\{EE2AA629-F3EC-412E-8A14-5DD9BAD490D2}) (Version: 9.1.1 - Quillsoft)
Acapela Text to Speech for WordQ 4(North America) (HKLM-x32\...\{1D08C682-F619-4E89-8291-1C13A346DAD9}) (Version: 9.1.1 - Quillsoft Ltd.)
Acapela Text-to-Speech for WordQ 4(Canadian French) (HKLM-x32\...\{98B997C5-8A5C-4EB2-B8DE-7CBAAAFAF2A0}) (Version: 9.1.1 - Quillsoft Ltd.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_1_0) (Version: 14.1.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\{73534489-BFE7-4E2D-9769-FDBA5C886DC2}) (Version: 32.0.0.238 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AE CC x64 (HKLM\...\{672FEEBA-F29C-4363-A8D0-8EBA61265B88}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.6.0 - Angry IP Scanner)
Antidote 9 (HKLM-x32\...\{D98F9F54-E310-4F57-93F5-0F42EFAA3847}) (Version: 9.5.3407 - Druide informatique inc.)
Any Video Converter Ultimate 5.9.3 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Apowersoft Screen Recorder Pro V2.3.8 (HKLM-x32\...\{dc9006db-6b05-4f0f-833b-79ef3f284c24}_is1) (Version: 2.3.8 - APOWERSOFT LIMITED)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assistant de téléchargement (HKLM-x32\...\{93154A3C-9BB7-49D7-A571-4EB6373FA600}) (Version: 6.1.0 - Druide informatique inc.)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
CDBurnerXP (64 bit) (HKLM\...\{1339087A-69AA-4A1E-8236-3B6DC9349C63}) (Version: 4.5.8.7042 - Canneverbe Limited)
Chromium (HKLM-x32\...\Chromium) (Version: 75.0.3770.142 - The Chromium Authors) <==== ATTENTION
Clipdiary 5.3 (HKLM-x32\...\Clipdiary) (Version: 5.3 - Tiushkov Nikolay)
CPUID CPU-Z 1.89 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.89 - CPUID, Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{A646748A-7A2A-495F-9EE5-90B3646FEB7E}) (Version: 4.0.15.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.1.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{806422F1-FC4E-4D7C-8855-05748AEFC031}) (Version: 3.2.2.119 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{03C35F56-A9AD-4B59-B061-B8CE41C4C22B}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{f4ee83d8-d901-4c1a-b5a2-288427598fe2}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{9BEF4D9A-592C-4073-B202-30234347B3DA}) (Version: 4.1.0.6830 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{286db51f-336c-4d5e-b1e2-3fbc3becd693}) (Version: 4.1.0.6830 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{70E9F8CC-A23E-4C25-B292-C86C1821587C}) (Version: 3.0.1 - Dell, Inc.)
Discord (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 79.4.143 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Dxtory version 2.0.142 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.142 - ExKode Co. Ltd.)
FileZilla Client 3.44.2 (HKLM-x32\...\FileZilla Client) (Version: 3.44.2 - Tim Kosse)
Firefox Developer Edition 69.0 (x64 en-US) (HKLM\...\Firefox Developer Edition 69.0 (x64 en-US)) (Version: 69.0 - Mozilla)
Futuremark SystemInfo (HKLM-x32\...\{60EF2ECF-1DFA-48D1-972E-FDE84D7E917A}) (Version: 5.20.720.0 - Futuremark)
GIMP 2.10.12 (HKLM\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
Google Chrome (HKLM\...\{86B1D736-F1F4-3367-9B39-C2E176B68239}) (Version: 76.0.3809.100 - Google LLC)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HCS Tools version 1.06 (HKLM-x32\...\{D3659B78-75B0-4571-A23D-899D23C6A2C9}_is1) (Version: 1.06 - HCS VoicePacks Ltd)
HCS VoicePacks Ltd VENUS version 1.6.5 (HKLM-x32\...\{56C400CA-0D41-4ACD-A5E3-B14C5F38CCBF}_is1) (Version: 1.6.5 - HCS VoicePacks Ltd)
HMA! Pro VPN (HKLM\...\{60A560F2-CB75-4C94-9C36-39AD2161DE73}_is1) (Version: 4.6.154 - Privax)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel Driver && Support Assistant (HKLM-x32\...\{CF18558A-3642-4C4D-A551-23275D1FCE16}) (Version: 19.7.30.2 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{85B6BF0F-EF1B-4F0F-892D-E68BD798950C}) (Version: 2.4.04669 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{0fdd3c9a-20e1-444d-8d00-8c413c83f824}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{d7a872bf-e69e-4300-8537-086dc6abbf23}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.20.0.4 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{12d2d1d9-5223-431d-96ac-6a82d3a1391c}) (Version: 19.7.30.2 - Intel)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{06b2cd73-b5f5-47a1-9f49-23d0ef75d568}) (Version: 20.50.0 - Intel Corporation)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Jaxx Liberty 2.2.5 (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\5947781c-9863-579f-b9db-91554a22cc65) (Version: 2.2.5 - decentral.ca)
Joggernauts (HKLM-x32\...\{51F2D354-61AD-4243-8404-D2FDC111FC4E}) (Version: - Graffiti Games)
Jumpstart Installation Program (HKLM-x32\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version: - Atheros)
Killer Drivers (HKLM\...\{EBB59744-F0A2-47F5-83F6-83A128A0E204}) (Version: 2.0.2373 - Rivet Networks)
King of the Hat (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\460940655984771072) (Version: - )
KingRoot version 3.5.0.1157 (HKLM-x32\...\{FA3B7324-9EB4-4ADC-84D0-5461BE113832}_is1) (Version: 3.5.0.1157 - KingRoot)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Little Nightmares - Fox mask (HKLM-x32\...\1828170949_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares - Hideaway (HKLM-x32\...\1675156362_is1) (Version: 1.0.43.1 - GOG.com)
Little Nightmares (HKLM-x32\...\1433377508_is1) (Version: 1.0.43.1 - GOG.com)
Macromedia Flash Player (HKLM-x32\...\{27579b3c-5470-4496-be6c-0c872674f19f}) (Version: 7.0.19.0 - Macromedia, Inc.)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{33B6A911-B0DC-4528-96C3-54A607EFFBDC}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MakeMKV v1.14.4 (HKLM-x32\...\MakeMKV) (Version: v1.14.4 - GuinpinSoft inc)
MediaInfo 19.07 (HKLM\...\MediaInfo) (Version: 19.07 - MediaArea.net)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\Proplus2019Retail - en-us) (Version: 16.0.12015.20004 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\Proplus2019Retail - fr-fr) (Version: 16.0.12015.20004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.20.27508 (HKLM-x32\...\{7b178cda-9740-4701-a92a-f168d213b343}) (Version: 14.20.27508.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
MKVToolNix 34.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 34.0.0 - Moritz Bunkus)
Mozilla Firefox 68.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 68.0.2 (x64 en-US)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
Mozilla Thunderbird 60.8.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 60.8.0 (x86 en-US)) (Version: 60.8.0 - Mozilla)
Music Maker (HKLM\...\{DC21CFD5-02AC-4C89-8D35-85506A9FEB55}) (Version: 28.0.0.12 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{DC21CFD5-02AC-4C89-8D35-85506A9FEB55}) (Version: 28.0.1.17 - MAGIX Software GmbH)
Music Maker Update (HKLM\...\{E678D5F8-10AE-4F7A-A29C-ECAA771ADCAD}) (Version: 28.0.1.17 - MAGIX Software GmbH) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.3.0.2 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Graphics Driver 436.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.02 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12015.20004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12015.20004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12015.20004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.12015.20004 - Microsoft Corporation) Hidden
OtohitsApp (HKLM-x32\...\{9B85C70F-D649-4290-8C1D-5356A5262066}_is1) (Version: 3.1.1.0 - Otohits Network)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PDF Annotator 6.1.0.605 (HKLM-x32\...\PDFAnnotator_is1) (Version: 6.1.0.605 - GRAHL software design)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.198.0 - Tracker Software Products Ltd)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.13.0 - )
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.19955 - Kakao Corp.)
Premiere Pro (HKLM\...\{3DF5A448-80E1-43C1-8428-984429451989}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Pushbullet version 338 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
PuTTY release 0.72 (64-bit) (HKLM\...\{8EFBA1C7-A8B8-4FB9-BEC0-6CEC6C7145DE}) (Version: 0.72.0.0 - Simon Tatham)
qBittorrent 4.1.7 (HKLM-x32\...\qBittorrent) (Version: 4.1.7 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.36.701.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8720.1 - Realtek Semiconductor Corp.)
Remote Desktop Connection Manager (HKLM-x32\...\{0240359E-6A4C-4884-9E94-B397A02D893C}) (Version: 2.7.14060 - Microsoft Corporation)
Remote Desktop Manager (HKLM-x32\...\{AFA06011-2357-4E9D-8DD8-9FFC7A8BF1C3}) (Version: 2019.1.41.0 - Devolutions inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SpeakQ 4 (HKLM-x32\...\{FBD8FBC5-EC77-4CA9-9B77-6AE6C36FE997}) (Version: 4.1.16 - Quillsoft Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Splinter Cell Conviction (HKLM-x32\...\Uplay Install 2) (Version: - Ubisoft)
Spotify (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\Spotify) (Version: 1.1.12.451.gdb77255f - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.15.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.15.1 - SteelSeries ApS)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales from the Borderlands (HKLM-x32\...\{B24F49F9-D7FE-40B6-8F4D-65B0C6BF6A6B}) (Version: - Telltale Games)
Tap'Touche Junior (HKLM-x32\...\Tap'Touche Junior) (Version: 3.0 - De Marque inc.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
The Evil Within (HKLM-x32\...\The Evil Within_is1) (Version: - )
TheBestSpinner3 (HKLM-x32\...\TheBestSpinner3) (Version: - )
TIDAL (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\TIDAL) (Version: 2.6.0 - TIDAL Music AS)
Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version: - Ubisoft)
Twitch (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Twitch Leecher 1.7 (HKLM\...\{66B757A2-0906-4DDE-BDF6-AD9EC73A7F91}) (Version: 1.7.0.0 - Franiac) Hidden
Twitch Leecher 1.7 (HKLM-x32\...\{d1c2c779-f1ef-41e0-926a-443b289eaefd}) (Version: 1.7.0.0 - Franiac)
Uplay (HKLM-x32\...\Uplay) (Version: 86.0 - Ubisoft)
VIP72 Socks Client 1.8.7.2 (HKLM-x32\...\{EBF089E1-4E2E-426A-916D-6DCBE5540774}_is1) (Version: 1.8.7.2 - VIP Technologies)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
Visuel intégré (HKLM-x32\...\{91257374-4FAA-4FF3-B3BC-C17521EBA169}) (Version: 1.0 - Druide informatique inc.)
Vita Concert Grand LE (HKLM\...\{78999604-A81E-4ACF-9799-74F52D07A367}) (Version: 2.4.0.96 - MAGIX Software GmbH) Hidden
Vita String Ensemble (HKLM\...\{96086C90-6320-416B-92B2-4ADC88169967}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
Vita World Flutes (HKLM\...\{04320A69-83CD-4223-9446-D62569D4B54D}) (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VPNetwork LLC - TorGuard - Online Privacy Protection Services (HKLM-x32\...\VPNetwork LLC TorGuard) (Version: "3.96.1" - "VPNetwork LLC")
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
VVVVVV (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\491427544134975498) (Version: - )
War Thunder Launcher 1.0.3.151 (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WickrMe (HKLM-x32\...\{7BBECFD4-2AF4-4C7B-ABE7-02054CF86274}) (Version: 5.28.9 - Wickr Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\WinDirStat) (Version: - )
Windows Driver Package - Intel (Netwtw04) net (06/05/2019 19.51.23.1) (HKLM\...\E19D1F69FB464FD73972CE1CFAF32241D038D705) (Version: 06/05/2019 19.51.23.1 - Intel)
Windows Driver Package - Intel (Netwtw06) net (06/29/2019 20.70.11.3) (HKLM\...\7759A35637AD2CF4ADDA097EDCF9F12092149989) (Version: 06/29/2019 20.70.11.3 - Intel)
Windows Driver Package - Intel (Netwtw08) net (07/07/2019 21.30.3.2) (HKLM\...\BC30F975C8061BDB7A6CCBBFF677DBB4B328AA06) (Version: 07/07/2019 21.30.3.2 - Intel)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WordQ 4 (HKLM-x32\...\{40042175-CB48-4D51-8BAF-D66BAE867676}) (Version: 4.1.16 - Quillsoft Ltd.)
WordQ Pro CF Templates (HKLM-x32\...\{9E88CEC9-9160-417C-8647-C98D261E803B}) (Version: 4.1.1 - Quillsoft Ltd.)
WordQ4 Pro CF Dictionary (HKLM-x32\...\{AFEF30D7-DA5D-4D57-A72C-B64E5F9CD26E}) (Version: 4.1.1 - Quillsoft Ltd.)
XSplit Broadcaster (HKLM-x32\...\{F0500E94-F6E6-4472-ACAF-F240F8362970}) (Version: 3.7.1902.0712 - SplitmediaLabs)
XSplit Gamecaster (HKLM-x32\...\{7F0DC866-BE32-4AE8-8242-A1F5753176B8}) (Version: 3.4.1812.0304 - SplitmediaLabs)
Yubico Authenticator (HKLM-x32\...\yubioath-desktop) (Version: 4.3.5 - Yubico AB)
YubiKey Manager (HKLM-x32\...\yubikey-manager) (Version: 1.1.1 - Yubico AB)
 
Packages:
=========
Dell SupportAssist for PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.2.5.0_x64__htrsf667h5kn2 [2019-06-11] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-08-23] (Dolby Laboratories)
Dolby Atmos for Headphones -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforHeadphones_2.3.303.0_x64__rz1tebttyb220 [2019-08-24] (Dolby Laboratories)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1682.0_x64__8j3eq9eme6ctt [2019-08-20] (INTEL CORP)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-08-09] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-30] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.955.0_x64__56jybvy8sckqj [2019-08-20] (NVIDIA Corp.)
Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_13.0.39.0_x64__n619g4d5j0fnw [2019-02-25] (Pandora Media Inc)
SoundCloud for Windows (Beta) -> C:\Program Files\WindowsApps\SoundcloudLtd.SoundCloudforWindowsBeta_1.1.36.0_x64__2xc63xn306dnw [2019-08-16] (Soundcloud Ltd.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\pirja\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\MoteurIntegration.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\pirja\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{7C90AB68-DA79-41D1-9A76-FCD780D4AC8D} -> [mega] => D:\mega [2019-02-15 16:58]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\pirja\AppData\Local\Microsoft\OneDrive\18.143.0717.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\AgentAntidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> "C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_ea0ec4bdf897f2a9\MaxxAudioPro.exe" => No File
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-408333896-3164079283-3827766986-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Dropbox] => D:\dropbox\Dropbox [2019-02-15 17:00]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\pirja\AppData\Local\MEGAsync\ShellExtX64.dll [2019-08-22] (Mega Limited -> )
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_ac9a22ebe27a13b0\nvshext.dll [2019-08-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\pirja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)

ShortcutWithArgument: C:\Users\pirja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> -incognito

==================== Loaded Modules (Whitelisted) ==============

2019-05-28 00:42 - 2016-05-11 16:25 - 049782784 _____ () [File not signed] C:\OtohitsNetwork\OtohitsApp\libcef.dll
2019-02-16 02:34 - 2018-07-18 16:39 - 042781710 _____ () [File not signed] C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\libffmpeg.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 085602816 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libcef.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000089600 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libEGL.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 003841536 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\libGLESv2.dll
2019-07-18 11:42 - 2019-07-16 11:46 - 000374784 _____ () [File not signed] C:\Program Files (x86)\Chromium\Application\75.0.3770.142\libegl.dll
2019-07-18 11:42 - 2019-07-16 11:46 - 005555200 _____ () [File not signed] C:\Program Files (x86)\Chromium\Application\75.0.3770.142\libglesv2.dll
2018-12-05 18:38 - 2018-12-05 18:38 - 000018432 _____ () [File not signed] c:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000040448 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\DSPDLL\boost_date_time-vc120-mt-1_55.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000016896 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\DSPDLL\boost_system-vc120-mt-1_55.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000440320 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\DSPDLL\MFL_rel_dynMFC_vc12_150225.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 010212352 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\DSPDLL\samsig61_00.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000028672 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\hhrashlp.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000015872 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\libEGL.DLL
2019-05-22 15:12 - 2019-05-22 15:12 - 002851328 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\libGLESv2.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000203264 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\libpng16.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000049152 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\mdll32.dll
2019-08-05 13:37 - 2019-08-05 13:37 - 000443904 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\MFL_rel_u_dynMFC_vc15.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000024576 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\MumaIpl.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000995328 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\MumaIplA6.DLL
2019-05-22 15:12 - 2019-05-22 15:12 - 000020480 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\samsig.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000204800 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\samsigW7.DLL
2019-08-05 13:37 - 2019-08-05 13:37 - 000062464 _____ () [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\TextToSpeech_rel_vc15.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000303616 _____ () [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MOG_Framework_2.2.17_vc10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 003567616 _____ () [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\mog_xqilla22.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000062976 _____ () [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_GenericContainer_MPEG_AVCUltra_1.4.18_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000079872 _____ () [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_GenericContainer_MPEG_XAVC_1.4.18_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000019968 _____ () [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_Metadata_AS11_1.4.18_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000295936 _____ () [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_MXFIO_AS11_1.4.18_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 003777536 _____ () [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\Common\OpenEXR.prm
2017-01-10 19:43 - 2017-01-10 19:43 - 004044800 _____ () [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Plug-ins\Common\Wraptor.prm
2017-01-10 19:43 - 2017-01-10 19:43 - 000048128 _____ () [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\pthreadVC.dll
2019-07-31 00:17 - 2019-07-31 00:17 - 024612352 _____ () [File not signed] C:\Program Files\DAUM\PotPlayer\ffcodec64.dll
2017-11-16 02:43 - 2017-11-16 02:43 - 014098432 _____ () [File not signed] C:\Program Files\DAUM\PotPlayer\Module\FFmpeg\FFmpeg64.dll
2016-10-27 05:38 - 2016-10-27 05:38 - 000294400 _____ () [File not signed] C:\Program Files\DAUM\PotPlayer\Module\FFmpeg\FFmpegMininum64.dll
2017-10-27 01:41 - 2017-10-27 01:41 - 005343744 _____ () [File not signed] C:\Program Files\DAUM\PotPlayer\Module\OpenCodec\OpenCodecUnity64.dll
2019-07-31 00:17 - 2019-07-31 00:17 - 000526336 _____ () [File not signed] C:\Program Files\DAUM\PotPlayer\Module\QuickSync64.dll
2019-08-22 22:28 - 2019-08-15 15:09 - 001830912 _____ () [File not signed] C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\ffmpeg.dll
2019-08-22 22:28 - 2019-08-15 15:09 - 000017408 _____ () [File not signed] C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\libegl.dll
2019-08-22 22:28 - 2019-08-15 15:09 - 003852288 _____ () [File not signed] C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\libglesv2.dll
1999-12-31 20:00 - 2019-05-23 00:21 - 000976677 _____ () [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\TorBrowser\Tor\libevent-2-1-6.dll
1999-12-31 20:00 - 2019-05-23 00:21 - 000328203 _____ () [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\TorBrowser\Tor\libssp-0.dll
1999-12-31 20:00 - 2019-05-23 00:21 - 000119296 _____ () [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\TorBrowser\Tor\zlib1.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 002482688 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\mog_xerces-c_3_0.dll
2017-01-10 19:42 - 2017-01-10 19:42 - 007510528 _____ (Avid Technology, Inc.) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\DNxHR.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000143360 _____ (CASH) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Dac32.dll
2017-01-10 19:42 - 2017-01-10 19:42 - 001485312 _____ (CineForm Inc.) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\CFHDDecoder64.dll
2017-01-10 19:42 - 2017-01-10 19:42 - 001778176 _____ (CineForm Inc.) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\CFHDEncoder64.dll
2019-07-31 00:16 - 2019-07-31 00:16 - 000131584 _____ (Daum Kakao) [File not signed] C:\Program Files\DAUM\PotPlayer\DaumCrashHandler64.dll
2017-01-10 19:54 - 2017-01-10 19:54 - 000212480 _____ (Diaquest Products LLC) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\Pro4OMFdll64.dll
2017-01-10 19:54 - 2017-01-10 19:54 - 000890880 _____ (Diaquest Products LLC.) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\DQomfToolkit64.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\fmod.dll
2019-08-22 08:36 - 2019-08-22 08:36 - 001936896 _____ (Greenshot) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\GreenshotPlugin\27c76356d3219d0035bcd426204f6bfa\GreenshotPlugin.ni.dll
2019-03-06 14:18 - 2019-03-06 14:18 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2019-03-06 14:18 - 2019-03-06 14:18 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2019-02-24 17:53 - 2019-02-21 12:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000049152 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\cpuinf32.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 002363904 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\DSPDLL\ijl20.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000137728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\ijl10.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 002809948 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\libmmd.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000303104 _____ (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\LTDIS14n.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000200704 _____ (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\ltfil14n.DLL
2019-05-22 15:12 - 2019-05-22 15:12 - 001167360 _____ (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\LTIMG14N.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000491520 _____ (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\LTKRN14N.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000022528 _____ (MAGIX AG) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\DSPDLL\VistaCooperation_rel_dynMFC_vc12_150225.dll
2019-08-05 13:37 - 2019-08-05 13:37 - 000037376 _____ (MAGIX AG) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\MXGesture_rel_u_dynMFC_vc15.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000498176 _____ (MAGIX AG) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\MxZip_u.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000094720 _____ (MAGIX AG) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\RegModule\mx_avistream_reader.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000061440 _____ (MAGIX AG) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\RegModule\mx_visuals_reader.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000923648 _____ (MAGIX AG) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\RegModule\mxqtm_en.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000368128 _____ (MAGIX AG) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\RegModule\MXVReader.dll
2019-06-18 10:28 - 2019-06-18 10:28 - 000112128 _____ (MAGIX AG) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\RegModule\mxwmsync.dll
2019-08-05 13:37 - 2019-08-05 13:37 - 000027648 _____ (MAGIX AG) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\VistaCooperation_rel_u_dynMFC_vc15.dll
2017-10-04 14:33 - 2017-10-04 14:33 - 024157696 _____ (MAGIX Software GmbH) [File not signed] C:\Program Files (x86)\Common Files\MAGIX Services\MxSynth\Concert Grand LE\Concert Grand LE.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 001726464 _____ (MAGIX Software GmbH) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\DSPDLL\DSP_DLL_24_vc12.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 001841664 _____ (MAGIX Software GmbH) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\DSPDLL\DSP_DLL_33_vc12.dll
2019-08-05 13:37 - 2019-08-05 13:37 - 000245760 _____ (MAGIX Software GmbH) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\gahelper_rel_u_dynMFC_vc15.dll
2019-08-05 13:37 - 2019-08-05 13:37 - 002795520 _____ (MAGIX Software GmbH) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\language\MusicMaker_EN.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000378368 _____ (MAGIX Software GmbH) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Online\MagixOFA-de.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000367104 _____ (MAGIX Software GmbH) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Online\MagixOFA-en.dll
2019-06-25 17:15 - 2019-06-25 17:15 - 000356864 _____ (MAGIX Software GmbH) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\RegModule\mxavireader.dll
2017-02-13 14:37 - 2017-02-13 14:37 - 024255488 _____ (MAGIX Software GmbH) [File not signed] C:\ProgramData\MAGIX\Music Maker\28\MxSynth\Vita Arp\Vita Arp.dll
2019-08-23 20:16 - 2019-08-23 20:16 - 000769536 _____ (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220\x64\DolbyHrtfEnc.dll
1999-12-31 20:00 - 2019-05-23 00:21 - 000590631 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\TorBrowser\Tor\libwinpthread-1.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 002289664 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_4.5.13_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000039936 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_GenericContainer_AES3_4.5.13_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000041472 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_GenericContainer_Binary_1.4.18_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000118272 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_GenericContainer_DV_4.5.13_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000070656 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_GenericContainer_JPEG2000_4.5.13_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000133120 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_GenericContainer_MPEG_AVC_1.4.18_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000042496 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_GenericContainer_MPEG_ESAudio_4.5.13_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000067584 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_GenericContainer_MPEG_MPEG2Video_4.5.13_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000083968 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_GenericContainer_VC3_1.4.18_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000091648 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_GenericContainer_Wave_4.5.13_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000099328 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_MetaMetadata_BinaryLoader_4.5.13_vs10.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000073728 _____ (MOG Solutions) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\MXF_SDK_XMLUtils_4.5.13_vs10.dll
1999-12-31 20:00 - 2019-07-10 16:17 - 000463872 _____ (Mozilla Foundation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\freebl3.dll
1999-12-31 20:00 - 2019-07-10 16:17 - 000248320 _____ (Mozilla Foundation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\lgpllibs.dll
1999-12-31 20:00 - 2019-07-10 16:17 - 001922560 _____ (Mozilla Foundation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\mozavcodec.dll
1999-12-31 20:00 - 2019-07-10 16:17 - 000310272 _____ (Mozilla Foundation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\mozavutil.dll
1999-12-31 20:00 - 2019-07-10 16:17 - 000996352 _____ (Mozilla Foundation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\mozglue.dll
1999-12-31 20:00 - 2019-07-10 16:17 - 001951744 _____ (Mozilla Foundation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\nss3.dll
1999-12-31 20:00 - 2019-07-10 16:17 - 000430080 _____ (Mozilla Foundation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\nssckbi.dll
1999-12-31 20:00 - 2019-07-10 16:17 - 000225280 _____ (Mozilla Foundation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\softokn3.dll
1999-12-31 20:00 - 2019-07-10 16:17 - 092567061 _____ (Mozilla Foundation) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\xul.dll
2019-08-22 08:34 - 2019-08-22 08:34 - 003833344 _____ (Newtonsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\543351ec503706800afb6ff792a98556\Newtonsoft.Json.ni.dll
2019-08-22 22:28 - 2019-08-15 15:09 - 018573824 _____ (Node.js) [File not signed] C:\Users\pirja\AppData\Local\Programs\com.liberty.jaxx\node.dll
2017-01-11 02:13 - 2019-05-26 00:48 - 000070144 _____ (painter) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\amtlib.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 000954880 _____ (Panasonic Co.,Ltd) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\AVCIntraEncoder.dll
2019-05-15 20:01 - 2019-05-15 20:01 - 001635840 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2017-01-10 19:43 - 2017-01-10 19:43 - 001001472 _____ (Sony B&P Research Labs) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\mp4decoder_dll.dll
2019-05-15 20:01 - 2019-05-15 20:01 - 001878528 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\sqlite3.DLL
2019-05-15 20:01 - 2019-05-15 20:01 - 001878528 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2019-08-22 08:36 - 2019-08-22 08:36 - 000740352 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\ff857dd78336b4d8b0621bc0699e20ca\log4net.ni.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000596992 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\chrome_elf.dll
2019-07-18 11:42 - 2019-07-16 11:46 - 063067648 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\75.0.3770.142\chrome.dll
2019-07-18 11:42 - 2019-07-16 11:46 - 095941120 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\75.0.3770.142\chrome_child.dll
2019-07-18 11:42 - 2019-07-16 11:46 - 000758784 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Chromium\Application\75.0.3770.142\chrome_elf.dll
2019-05-28 00:42 - 2017-09-29 10:49 - 000687104 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\OtohitsNetwork\OtohitsApp\libcurl.dll
2019-06-17 18:36 - 2018-09-05 22:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\HMA! Pro VPN\libcrypto-1_1.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 001241088 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\LIBEAY32.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000282112 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\ssleay32.dll
1999-12-31 20:00 - 2019-07-10 16:17 - 003008269 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\TorBrowser\Tor\LIBEAY32.dll
1999-12-31 20:00 - 2019-07-10 16:17 - 000817559 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\pirja\Desktop\Tor Browser\Browser\TorBrowser\Tor\SSLEAY32.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\pirja\AppData\Local\MEGAsync\platforms\qwindows.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\audio\qtaudio_windows.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qgif.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qico.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qjpeg.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qmng.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qsvg.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\imageformats\qtiff.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\platforms\qwindows.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQml\Models.2\modelsplugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick.2\qtquick2plugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\qml\QtQuick\Window.2\windowplugin.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Core.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Gui.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Multimedia.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Network.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Qml.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Quick.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5QuickControls2.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5QuickTemplates2.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Svg.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Widgets.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5WinExtras.dll
2019-08-22 23:38 - 2019-08-22 23:38 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11378\Qt5Xml.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000038400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\bearer\qgenericbearer.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000029184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\iconengines\qsvgicon.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\imageformats\qgif.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000034816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\imageformats\qicns.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\imageformats\qico.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000365056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\imageformats\qjpeg.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\imageformats\qsvg.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000020480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\imageformats\qtga.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\imageformats\qtiff.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\imageformats\qwbmp.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000417792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\imageformats\qwebp.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\platforms\qwindows.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000046080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\QtQml\Models.2\modelsplugin.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\QtQuick.2\qtquick2plugin.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000274944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000072704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000261120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\QtQuick\Window.2\windowplugin.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000071168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\QtWebEngine\qtwebengineplugin.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000895488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\sqldrivers\qsqlite.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000122880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\styles\qwindowsvistastyle.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000023040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt\Qt_x86\webview\qtwebview_webengine.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 005074944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5Core.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 005310976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5Gui.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 001066496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5Network.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5Positioning.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000268288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5PrintSupport.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 003354624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5Qml.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 003215360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5Quick.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000142336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5QuickControls2.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000862208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5QuickTemplates2.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000059904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5QuickWidgets.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000158720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5Sql.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000268288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5Svg.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000090624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5WebChannel.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000299008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5WebEngine.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 060492288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5WebEngineCore.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5WebEngineWidgets.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5WebView.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 004564992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5Widgets.dll
2019-05-22 15:12 - 2019-05-22 15:12 - 000445440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\MAGIX\Music Maker\28\Qt5WinExtras.dll
2017-01-10 19:42 - 2017-01-10 19:42 - 000803840 _____ (The University of New South Wales) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\kdu_v75R.dll
2017-01-10 19:45 - 2017-01-10 19:45 - 001412096 _____ (WinSoft S.A.) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro CC 2017\WRServices.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\pirja\Local Settings:4tPCoG1RIl7lWVuwdeG [2426]
AlternateDataStreams: C:\Users\pirja\AppData\Local:4tPCoG1RIl7lWVuwdeG [2426]
AlternateDataStreams: C:\Users\pirja\AppData\Local\Application Data:4tPCoG1RIl7lWVuwdeG [2426]
AlternateDataStreams: C:\Users\pirja\AppData\Local\Temporary Internet Files:v5dywXspbU8AMWBsjgI2w [2302]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 03:31 - 2018-09-15 03:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


2019-02-23 05:47 - 2019-08-24 20:40 - 000000526 _____ C:\Windows\system32\drivers\etc\hosts.ics

192.168.137.1 DESKTOP-4F34DJR.mshome.net # 2024 8 5 23 0 40 30 995
192.168.137.13 G7-ThinQ.mshome.net # 2019 9 0 1 0 40 30 995
3 21 32 146

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\ProgramData\chocolatey\bin;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin64\;C:\Program Files (x86)\Druide\Antidote 9\Application\Bin32\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\PuTTY\
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pirja\Downloads\InShot_20190722_105520615.jpg
DNS Servers: 192.168.2.1 - 207.164.234.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: jswpbapi => 2
MSCONFIG\Services: jswpsapi => 3
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\Services: VMwareHostd => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "jswtrayutil"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\StartupFolder: => "ProtonMail Bridge.lnk"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "4K Stogram"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "WallpaperEngine"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-408333896-3164079283-3827766986-1001\...\StartupApproved\Run: => "ShowBatteryBar"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ACCBDA2C-D058-4B53-ABD3-A27C68CA49D2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{B62A6817-C7B3-4D23-937F-04166E9F90C2}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{169789FC-918E-4DD9-BC77-55745678DAF4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [TCP Query User{04E01B97-48E9-4702-A828-C64C84DC6F55}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe No File
FirewallRules: [UDP Query User{706207A0-2D27-4E11-B3CB-A936D24D4D62}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1811.exe No File
FirewallRules: [TCP Query User{83A1F158-9916-4A76-A80D-ABB59BD98203}C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe] => (Allow) C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{AA0CA70C-CC03-411D-A40F-1CFFA851EC2C}C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe] => (Allow) C:\users\pirja\downloads\programs\office 2013-2019 c2r install v6.4.1\files\bin\kmss.exe No File
FirewallRules: [{F8E4C584-78ED-4681-9396-CC4519086F1F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BD819DBE-35F4-4804-AE4F-C298BFDF1E61}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F28A409F-663F-4C35-B0E5-D2CAF1EDD070}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6A5049AF-7A83-440F-BA91-84EA0FE3C151}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{901CD39B-0330-4F2D-AAEE-00511754BC5C}C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe] => (Allow) C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe (UNIC-UK LTD -> )
FirewallRules: [UDP Query User{33A79DE7-707D-4559-97C4-758965EB4A4C}C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe] => (Allow) C:\users\pirja\appdata\roaming\vip72 socks client\vip72socks.exe (UNIC-UK LTD -> )
FirewallRules: [TCP Query User{BA755CE2-CD8C-4C55-8625-DAAB00EDA031}C:\users\pirja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pirja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E31E98A4-6739-4A4F-AAF3-27C885A0E73A}C:\users\pirja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pirja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A8059B3-ED0F-4B1B-86D7-B150F1321349}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7AD81FD3-73A3-46E5-8F6B-C1BF37CD25B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{D9515F72-9B5D-4987-8FAA-2FB376171B95}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{0EEC25F5-7A68-40E9-B7FA-3CA2B00FDE08}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{57330337-B909-4584-8FF5-3134227A6E2D}] => (Allow) D:\SteamLibrary\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{DE60556A-BBDC-4F8B-8FE6-6649648FC23F}] => (Allow) D:\SteamLibrary\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{FA59E7C3-0768-414B-8570-7D906F68C074}] => (Allow) D:\SteamLibrary\steamapps\common\Crawl\Crawl.exe () [File not signed]
FirewallRules: [{6167F3AA-1C50-41E7-87A0-A6ED9C85DB31}] => (Allow) D:\SteamLibrary\steamapps\common\Crawl\Crawl.exe () [File not signed]
FirewallRules: [{A1A6A1CE-D411-4522-9563-FA2EC49E36BC}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{3C6002D6-948E-4FFF-8E78-2902F7373D4C}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{8DCCFBD8-570E-4768-8C0F-A63FA7CB1FE6}] => (Allow) D:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [{55F405C2-C8A1-4105-8EB9-AD514663CFFE}] => (Allow) D:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [{139FBF50-DD6A-4CA3-A170-29B27C958D45}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C515B0F3-DA47-41D8-AD62-B065F908DA9D}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{24F3A831-F643-44DC-87CC-C20F6BBAA6F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DeathRoadToCanada\prog.exe () [File not signed]
FirewallRules: [{6DA40F82-632C-4356-92C7-D0CC18FE515F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DeathRoadToCanada\prog.exe () [File not signed]
FirewallRules: [{38F223EA-B8B1-4754-A14F-1B6CD74483FC}] => (Allow) D:\SteamLibrary\steamapps\common\TxP\TormentorXPunisher.exe ( ) [File not signed]
FirewallRules: [{129F6564-ABC9-49BC-A07D-17E124066065}] => (Allow) D:\SteamLibrary\steamapps\common\TxP\TormentorXPunisher.exe ( ) [File not signed]
FirewallRules: [{EA2E40BF-6BEE-4184-9FD4-882695EB6E4A}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{D30A2F1C-1423-4438-A84E-1AB7DC28EBE1}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{F22095E1-FF84-4587-A69B-48FF5284BFD0}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [{3ED6D662-1870-442B-860B-B37BE175E9C5}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]
FirewallRules: [{AF01CF92-8E54-4CA3-8F23-AB8F5BAD8CB1}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{8BAF7A45-7CBC-4973-AAB7-56789B5F0C47}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6FFECF07-2AC9-4D35-843B-E560C4D1FE3B}] => (Allow) D:\SteamLibrary\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe () [File not signed]
FirewallRules: [{91BE860B-4D2C-4236-9D98-101A1507E1FE}] => (Allow) D:\SteamLibrary\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe () [File not signed]
FirewallRules: [{EFC2C4E2-E11D-47DA-B91D-C6D53F9E2288}] => (Allow) D:\SteamLibrary\steamapps\common\Geometry Dash\GeometryDash.exe () [File not signed]
FirewallRules: [{774ADB8F-E733-4736-8373-6E0BD3E314CD}] => (Allow) D:\SteamLibrary\steamapps\common\Geometry Dash\GeometryDash.exe () [File not signed]
FirewallRules: [{1C175D2C-F62C-48BC-867F-D9B1A38D66F3}] => (Allow) D:\SteamLibrary\steamapps\common\Nyan Cat Lost In Space\bin_x86\NyanCat.exe () [File not signed]
FirewallRules: [{110CA274-F49D-4269-8D7E-D6CF6483F52E}] => (Allow) D:\SteamLibrary\steamapps\common\Nyan Cat Lost In Space\bin_x86\NyanCat.exe () [File not signed]
FirewallRules: [{8E990BEF-7C69-4C6F-AF6E-30A6900C2AFA}] => (Allow) D:\SteamLibrary\steamapps\common\BEEP\BEEP.exe () [File not signed]
FirewallRules: [{8F0C9E12-885D-4D9C-9E31-CDD31B802093}] => (Allow) D:\SteamLibrary\steamapps\common\BEEP\BEEP.exe () [File not signed]
FirewallRules: [{2A66D313-C024-46DE-9581-E6AA12ED6925}] => (Allow) D:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe () [File not signed]
FirewallRules: [{4F03EEEA-7F25-4F37-B309-C6BEA668BAC0}] => (Allow) D:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe () [File not signed]
FirewallRules: [{05F04537-28A0-401D-A21F-5FB413E56768}] => (Allow) D:\SteamLibrary\steamapps\common\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.) [File not signed]
FirewallRules: [{389DFBE9-1814-4B19-BEF6-54EF809E67F3}] => (Allow) D:\SteamLibrary\steamapps\common\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.) [File not signed]
FirewallRules: [{B6FB65D5-168D-426B-AE98-D108D67CA36F}] => (Allow) D:\SteamLibrary\steamapps\common\Kingdom New Lands\Kingdom.exe () [File not signed]
FirewallRules: [{9C2E1DD4-4565-4A08-A1C1-2E5C75B6A083}] => (Allow) D:\SteamLibrary\steamapps\common\Kingdom New Lands\Kingdom.exe () [File not signed]
FirewallRules: [{596E7EAC-8E28-4CEC-B4E0-DBB33D7761FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed]
FirewallRules: [{7C2DBB87-208D-4BF8-A3BF-9BF559E877AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed]
FirewallRules: [{A83468A0-DC18-4CA2-8348-62E36D1D604F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rivals of Aether\RivalsofAether.exe (Dan Fornace) [File not signed]
FirewallRules: [{E1501154-C387-4300-8EEA-FA79488C1A22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rivals of Aether\RivalsofAether.exe (Dan Fornace) [File not signed]
FirewallRules: [{B95B9D92-D0BE-4DD5-995A-74F53F751745}] => (Allow) D:\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe () [File not signed]
FirewallRules: [{CB36AFCD-ADE8-4050-8D24-D80557440AED}] => (Allow) D:\SteamLibrary\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe () [File not signed]
FirewallRules: [{CBD2F6FF-F8B0-486A-A216-CA10950DCDB2}] => (Allow) D:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{DB43A504-EF12-4AF9-A572-08689EE44068}] => (Allow) D:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{2328EA0B-7D77-4F9D-915C-C5165ECEE01D}] => (Allow) D:\SteamLibrary\steamapps\common\DrinkBox_Game4\Game.exe () [File not signed]
FirewallRules: [{43CE1BF9-776F-4533-AA48-7901C51EB116}] => (Allow) D:\SteamLibrary\steamapps\common\DrinkBox_Game4\Game.exe () [File not signed]
FirewallRules: [{6F359836-4041-4420-B4D4-63C653E3EFE6}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP Renegade\Game_x64.exe () [File not signed]
FirewallRules: [{CA858D55-D8A1-41DF-AA46-CCADFF88E04B}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP Renegade\Game_x64.exe () [File not signed]
FirewallRules: [{BF5A927C-FEA5-47C9-9205-C1452248ED3A}] => (Allow) D:\SteamLibrary\steamapps\common\Besiege\Besiege.exe () [File not signed]
FirewallRules: [{61A02397-FC48-4451-8465-E37406D687A4}] => (Allow) D:\SteamLibrary\steamapps\common\Besiege\Besiege.exe () [File not signed]
FirewallRules: [{513038E7-EC36-4A3D-89A7-58D934BE6022}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP2\GameWin32RetailSteam.exe () [File not signed]
FirewallRules: [{6082EF92-BC73-4FCD-A3A3-82DDFB1D90DC}] => (Allow) D:\SteamLibrary\steamapps\common\Riptide GP2\GameWin32RetailSteam.exe () [File not signed]
FirewallRules: [{BE75CC63-5B6D-4208-96F3-C005D719D35E}] => (Allow) D:\SteamLibrary\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [File not signed]
FirewallRules: [{3122E88C-F65A-4C7E-953D-34840F7E7D9C}] => (Allow) D:\SteamLibrary\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [File not signed]
FirewallRules: [{E27D7E98-F278-4C01-A0C4-6A5790751B85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{D21DD10B-B904-463F-9FEF-4EA37F3F0202}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [TCP Query User{0EBFFFFD-D6F5-4097-834F-AFEC1FFF9253}D:\batlenet\overwatch\overwatch.exe] => (Allow) D:\batlenet\overwatch\overwatch.exe No File
FirewallRules: [UDP Query User{50E82EE0-96D1-4E39-8472-9F087F0FDFF1}D:\batlenet\overwatch\overwatch.exe] => (Allow) D:\batlenet\overwatch\overwatch.exe No File
FirewallRules: [{2DA1FD8F-05A0-4347-B38E-3D3C1480AB3C}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{B7FCC5B8-E476-493E-8FBA-F89B399F0CA1}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{ACA19936-B962-4210-8983-1421A35F89B6}] => (Allow) D:\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7DB37DE9-DE73-4C44-9002-3596DB4DDB36}] => (Allow) D:\SteamLibrary\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{33825233-E6EC-4DC0-94C3-7B87C02E1BB4}] => (Allow) D:\SteamLibrary\steamapps\common\FLUID\PCE2.exe () [File not signed]
FirewallRules: [{1050367B-86C6-4B7A-83C6-A16B4070D077}] => (Allow) D:\SteamLibrary\steamapps\common\FLUID\PCE2.exe () [File not signed]
FirewallRules: [{00DB4113-4737-4D33-AD9C-D0CAB1B85867}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1B39848A-CC4B-40B4-BB48-81CCC4BE3ECF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8A755849-5A1C-49D0-ADC7-D435A02E8414}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{3C26C8B9-D08B-4F42-88A0-6D00049E6E33}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{C613C4F9-5903-42C7-97DC-E557E633C705}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{F58488BF-B1D4-4F7C-BE80-5CF0CA17107F}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{818604B8-84E1-4893-992E-25ACCE25166A}] => (Allow) D:\xplit\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{46EDCAE2-AEC9-4210-B42A-C7B429A101D5}] => (Allow) D:\xplit\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{E3A0D16D-5E1D-49C6-8871-729CA90F90AD}] => (Allow) D:\xplit\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{A9AA093D-46AE-4492-93E0-92745BF5E82A}] => (Allow) D:\xplit\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{381D90B7-F192-4006-B292-D633FF834550}] => (Allow) D:\SteamLibrary\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited) [File not signed]
FirewallRules: [{8F97F399-6341-4D17-8014-6F24753E6622}] => (Allow) D:\SteamLibrary\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D13FB200-7A72-45C2-A4C4-C28944BEF70A}] => (Allow) D:\SteamLibrary\steamapps\common\Renegade Ops\RenegadeOps.exe (Sega Europe Limited -> Avalanche Studios)
FirewallRules: [{F9F4D00C-92EC-4B21-950C-DAA33DEC9836}] => (Allow) D:\SteamLibrary\steamapps\common\Renegade Ops\RenegadeOps.exe (Sega Europe Limited -> Avalanche Studios)
FirewallRules: [{8F957A60-B0EE-4A75-96A6-8F18AD237698}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{F4CD9387-0757-413F-B351-BED71CDB3DB5}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{ABE40D3C-3311-4219-9F7C-D1D41A89A09B}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\Hurtworld.exe (EasyAntiCheat Ltd) [File not signed]
FirewallRules: [{109BDA20-AE69-4ECF-8E46-3CEBD4DEB8B5}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\Hurtworld.exe (EasyAntiCheat Ltd) [File not signed]
FirewallRules: [TCP Query User{6BA36E39-1772-456C-90AB-6F73D990F30F}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [UDP Query User{2BF12D27-A76B-48C2-A0EA-3AE83FD8D71B}D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\steamlibrary\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [{D0F84A5F-1318-4659-98A4-72EA461CED35}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{616A5073-15FB-4115-93F9-3F885463A991}] => (Allow) D:\SteamLibrary\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe (SQUARE ENIX LIMITED) [File not signed]
FirewallRules: [{08915965-A19C-4E96-B14E-2C4C09694ACD}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{A7E6BD3D-4054-4AA5-B064-92089B5171EA}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{8EF23CA7-BB6A-4A25-8A65-417EE4082A62}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{628E55C4-6D11-4A44-BB6E-B5030ACEEA82}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{8E89F074-F179-4B0F-B2EA-D82EDD5E6570}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{D90345AE-1951-43B9-BE96-5E605D7F3F42}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{4D2295E6-E573-49D2-AC9F-C1A9F5D16F8F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{E51AD6DB-AD2F-44A5-A8C9-96986E89B22D}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{C4B76D08-E5CA-46F0-964D-F507D8A39566}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{61A83B27-38CB-4B56-AF9F-D10258FCE8B2}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{D2EA1B40-47BE-4275-BB43-B6FFDA433ED8}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{974F800E-3BC6-48F3-BB0D-B7C30B97F89F}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [TCP Query User{5336F8D1-1DA7-4825-A3AF-3DA37C18E7BC}D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{F35DDE18-F341-48E5-A4D0-BF199E18D929}D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\lol\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe No File
FirewallRules: [{D9FD0790-2404-4853-AA69-F71B20450A01}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{498D126B-C87B-4086-A2EA-FDB6BD7BEF76}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{C0FC25EB-18FD-4A2D-B006-CE26F5FE69CB}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [{E1A086D9-1DE7-49DA-8809-FC2B45F13E1F}] => (Allow) D:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [{BD10748A-3280-4961-A359-F18B45F4B08E}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{3909A23A-69D4-4C5B-A12C-2A3800580B16}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [TCP Query User{16908574-27CE-4860-AC78-40527C9AA9CA}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{7C1582DE-47B2-4C25-B037-16B206019CB3}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{999EF6AA-E386-4213-AE4C-28CEA1D58CB0}D:\program\gta\gta5.exe] => (Allow) D:\program\gta\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{7C5F1D30-F9B3-44C6-AE93-745CA2909532}D:\program\gta\gta5.exe] => (Allow) D:\program\gta\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{7874B3DD-9C2C-4CAA-AE7E-1197088DA157}C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe] => (Allow) C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe No File
FirewallRules: [UDP Query User{04B835EB-7C0F-499B-A343-64B3860A3E49}C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe] => (Allow) C:\program files\proton technologies ag\protonmail bridge\desktop-bridge.exe No File
FirewallRules: [TCP Query User{B910C083-253E-4BAB-960E-EB243355AFFB}C:\users\pirja\pictures\sdi_r1904\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\pictures\sdi_r1904\sdi_x64_r1904.exe No File
FirewallRules: [UDP Query User{75FDD433-8C15-4210-AA32-72D922FDC4C5}C:\users\pirja\pictures\sdi_r1904\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\pictures\sdi_r1904\sdi_x64_r1904.exe No File
FirewallRules: [{2D2AD2CE-35A8-481B-B33F-0022967CFCDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B0C52E86-813D-4FA4-B07F-7A514D5C6B7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{7CD3B898-F379-4D31-B360-232BE092B72B}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe No File
FirewallRules: [UDP Query User{87E26DF4-34EB-4E56-BE4B-E44DD31917C9}D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe No File
FirewallRules: [TCP Query User{9FD3AA32-F7BF-4302-805B-5FC31778380A}D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe No File
FirewallRules: [UDP Query User{DFDD5A91-88CC-437B-AEBF-415064866235}D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\abzu\abzugame\binaries\win64\abzugame-win64-shipping.exe No File
FirewallRules: [TCP Query User{DB9456A3-F950-4DD1-AFC4-25314D5EB81D}C:\program files\daum\potplayer\potplayermini64.exe] => (Allow) C:\program files\daum\potplayer\potplayermini64.exe (Kakao corp. -> Kakao)
FirewallRules: [UDP Query User{71D3D973-CEE4-4F32-AF02-A0F5DB301686}C:\program files\daum\potplayer\potplayermini64.exe] => (Allow) C:\program files\daum\potplayer\potplayermini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{7E12B850-6B29-4646-BC1F-902DC93125D3}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.Core.exe (SplitmediaLabs Limited -> SplitMediaLabs)
FirewallRules: [{7260AD63-6CA3-4701-AAE6-981C725CD517}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
 
86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.Core.exe (SplitmediaLabs Limited -> SplitMediaLabs)
FirewallRules: [{09534C07-D5C6-4ED8-873E-30EE4110E1D2}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Broadcaster\x64\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [TCP Query User{C7E7C54A-4C72-4A3D-A4B2-3E3E807DFD2A}C:\users\pirja\pictures\sdio_1.4.0.671\sdio_1.4.0.671\sdio_x64_r671.exe] => (Allow) C:\users\pirja\pictures\sdio_1.4.0.671\sdio_1.4.0.671\sdio_x64_r671.exe No File
FirewallRules: [UDP Query User{98A0CEFA-11AD-45DA-82DB-3385905478C5}C:\users\pirja\pictures\sdio_1.4.0.671\sdio_1.4.0.671\sdio_x64_r671.exe] => (Allow) C:\users\pirja\pictures\sdio_1.4.0.671\sdio_1.4.0.671\sdio_x64_r671.exe No File
FirewallRules: [{4FD57777-5AC8-4606-9994-82A54BE8DE3B}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{F26A5825-8A77-4136-8E9A-03D98A6CB5FA}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [TCP Query User{7D0E2790-10DE-4332-9ED9-DD1FDFEB34F7}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe No File
FirewallRules: [UDP Query User{CE99D30F-6258-4E1F-9728-3E0B5DE5FF66}C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1811\sdi_x64_r1904.exe No File
FirewallRules: [{FF7FA594-9225-4FFD-91F1-7948D44B1972}] => (Allow) C:\Users\pirja\AppData\Local\Temp\DriverPack-20190506193824\tools\aria2c.exe No File
FirewallRules: [TCP Query User{96EE2FC0-5034-4BA2-B257-64FCA247AE5D}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{42B6D126-D9AA-4C45-A93B-4385E74752C9}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{91FFE6BA-6FA1-4F11-B3F5-838E807BB2E5}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe No File
FirewallRules: [{2CE819E9-28FE-4129-8C05-A56624C576A4}] => (Allow) D:\SteamLibrary\steamapps\common\Northern Lights\Northern Lights.exe () [File not signed]
FirewallRules: [{DF088491-F0FF-4BEE-A8EB-831D6ABA059D}] => (Allow) D:\SteamLibrary\steamapps\common\Northern Lights\Northern Lights.exe () [File not signed]
FirewallRules: [{19452999-4C49-426F-812E-B301D5165197}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]
FirewallRules: [{AEBDE48B-03E3-4474-827D-33778729670C}] => (Allow) D:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]
FirewallRules: [{1330D366-A6F9-4BBB-95E6-D3C6F540A903}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lakeview Cabin Collection\Lakeview Cabin Collection.exe () [File not signed]
FirewallRules: [{F33A1005-921E-4E8B-A790-671FCA99A4F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lakeview Cabin Collection\Lakeview Cabin Collection.exe () [File not signed]
FirewallRules: [TCP Query User{15950D11-6F8E-4D9B-8696-35D6EB93D43C}C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe No File
FirewallRules: [UDP Query User{4DA24A6C-48EC-4363-9D24-722991E28259}C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe] => (Allow) C:\users\pirja\downloads\sdi_r1904\sdi_x64_r1904.exe No File
FirewallRules: [{1B4063DD-84D4-4CCF-82B3-640D71E5B6FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CPUCores\cpucores.exe (Tim Sullivan -> )
FirewallRules: [{5459044C-F861-4020-8E04-9B8B183F555E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CPUCores\cpucores.exe (Tim Sullivan -> )
FirewallRules: [{F826CEA8-778E-4747-9E29-00100A49AAD8}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{7DB6C556-D3B9-4AA5-8FD9-435886F9682C}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{9198F1ED-5D20-40A7-8107-81327A1F070F}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{5EBF6119-C0B2-4B56-95C6-E79B6B0B34F1}] => (Allow) D:\program\ubi\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [TCP Query User{30C80BA1-3846-41A1-9086-C265A23ED4B1}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{D42EAFC1-7A27-4F76-B333-5C6D7E99E302}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{763C73BF-D6E7-401D-A415-67256C1B63AF}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{41C4AC78-CE7F-4FD4-9674-C3E136EDE661}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{AAEB2F30-F481-444A-AA79-785250EF27E7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{5EC6EC71-0D92-4512-8B89-19449A43082D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{93279646-FB2B-498D-B782-DB2A55E617DA}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\28\MusicMaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{D51C6A45-0150-4DE8-B461-9CD9D8D0EFEB}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{A66EC505-ED5C-4336-A180-3FA3A80B2C59}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [TCP Query User{76E0F8D6-FCBC-48F1-AF4C-BB54E6759995}D:\batlenet\overwatch\_retail_\overwatch.exe] => (Allow) D:\batlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{483BAA28-BC59-493E-84E4-3375CEAAD6CA}D:\batlenet\overwatch\_retail_\overwatch.exe] => (Allow) D:\batlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{6D12FFDD-5EE0-45BE-BF4E-97542B358513}] => (Allow) C:\Program Files (x86)\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [{E975E324-3CC4-4C83-BDFC-7FDE37BB32B2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{65436467-8BB1-40B7-8DB4-BC3C01CBF797}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E7A382BF-EE5B-482D-94D6-9023DDC0EBF9}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{2BFB9EBB-3CBF-42CF-9260-BFB473A24C30}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5A3C631B-960A-4616-B857-2F222F7EA698}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{26B7BCCB-48F7-4846-82A9-75F0BC2703AA}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{3CF3A2C7-A562-4ABE-A083-B62788B2D709}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{9E4EF5C2-619F-49AD-B41F-7DAB06035E51}] => (Allow) D:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{AAFE464D-911F-4D37-8C4E-8D2ABE20AF73}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{9C07A49A-F54A-4986-B19C-012B0243754A}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\experimental\Hurtworld.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{09A6C8D3-ECE2-42BF-B048-1726A1FC432E}] => (Allow) D:\SteamLibrary\steamapps\common\Hurtworld\experimental\Hurtworld.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{F5D35F11-1800-471C-9EDB-7EBA50CEE251}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5DE07C15-12CC-4407-A48E-B97313224443}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C4F4CC7B-35EA-47C3-870B-1B9345BE0F14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4750F3DB-1889-482A-BC60-98F0EBD7C31C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42A6F39F-8EFB-4EA7-95C1-21074153FAC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3E2DDE44-D199-4F18-8D0E-F21EF4377A93}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FB56004D-7286-46C9-B1EE-6058B3DF1684}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E41B3CD0-1E55-4A89-A6FE-84B1494650C8}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9E90FC22-490B-4F5D-A68F-ADD7D9C2F87D}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/24/2019 03:33:27 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/24/2019 03:31:27 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe".Error in manifest or policy file "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe.Config" on line 12.
Invalid Xml syntax.

Error: (08/23/2019 05:06:39 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/22/2019 07:12:39 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/21/2019 04:33:39 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/21/2019 04:31:33 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe".Error in manifest or policy file "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe.Config" on line 12.
Invalid Xml syntax.

Error: (08/21/2019 04:20:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TheBestSpinner.exe, version: 3.0.0.0, time stamp: 0x525ef469
Faulting module name: KERNELBASE.dll, version: 6.2.17763.652, time stamp: 0x598c4711
Exception code: 0xc0020001
Fault offset: 0x0000000000039129
Faulting process id: 0x%9
Faulting application start time: 0xTheBestSpinner.exe0
Faulting application path: TheBestSpinner.exe1
Faulting module path: TheBestSpinner.exe2
Report Id: TheBestSpinner.exe3
Faulting package full name: TheBestSpinner.exe4
Faulting package-relative application ID: TheBestSpinner.exe5

Error: (08/20/2019 10:28:27 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
System errors:
=============
Error: (08/25/2019 01:40:43 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/25/2019 01:37:22 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/25/2019 12:52:34 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/25/2019 12:51:57 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/25/2019 12:51:57 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/24/2019 11:46:02 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/24/2019 11:09:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/24/2019 11:09:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4F34DJR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-4F34DJR\reznov SID (S-1-5-21-408333896-3164079283-3827766986-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================

Date: 2019-07-11 10:57:38.659
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Installer\MSI60F0.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-07-11 10:57:01.002
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Installer\MSICDDC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-07-11 10:42:00.424
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Installer\MSI76B.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-08 12:18:15.351
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\ExKode\Dxtory2.0\DxtoryHK64.dll that did not meet the Store signing level requirements.

Date: 2019-04-08 12:18:11.353
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\ExKode\Dxtory2.0\DxtoryHK64.dll that did not meet the Store signing level requirements.

Date: 2019-04-08 12:17:53.774
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\ExKode\Dxtory2.0\DxtoryHK64.dll that did not meet the Store signing level requirements.

Date: 2019-03-26 20:46:46.542
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\ExKode\Dxtory2.0\DxtoryHK64.dll that did not meet the Store signing level requirements.

Date: 2019-03-26 20:31:33.555
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\ExKode\Dxtory2.0\DxtoryHK64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.10.0 05/23/2019
Motherboard: Dell Inc. 03TF0Y
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 71%
Total physical RAM: 16228.23 MB
Available physical RAM: 4671.41 MB
Total Virtual: 29286.07 MB
Available Virtual: 9402.27 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.64 GB) (Free:13.08 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:69.67 GB) NTFS

\\?\Volume{f166cb81-c9a3-47e8-93c0-23d8a612fe54}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.54 GB) NTFS
\\?\Volume{dd347ca0-6d92-4465-b4c9-e2d13ccfff5d}\ (Image) (Fixed) (Total:12.95 GB) (Free:0.18 GB) NTFS
\\?\Volume{6cfdf4f0-11f1-4e67-9d90-d8df36629996}\ (DELLSUPPORT) (Fixed) (Total:1.14 GB) (Free:0.48 GB) NTFS
\\?\Volume{8f901f1e-474e-4236-8e9c-a27419479e4f}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 37E2FF25)

Partition: GPT.

========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 37E2F790)

Partition: GPT.

==================== End of Addition.txt ============================
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

========================================

redtarget.gif
Please uninstall following unwanted program:

Chromium

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
*
* Avast Scan Report
* This file is generated automatically
*
* Scan name: Full Virus Scan
* Started on: Sunday, August 25, 2019 2:54:59 PM
* VPS: 190824-4, 2019-08-24
*

C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\IconCache.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x00000000000000a1.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000007a.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000028.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x00000000000000fe.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9A19ADAD9D098E039450ABBEDD5616EB_2DA77A8BEA2E3071A01500D1068FB7FD [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\LocalLow\Microsoft\CryptnetUrlCache\Content\9A19ADAD9D098E039450ABBEDD5616EB_2DA77A8BEA2E3071A01500D1068FB7FD [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BatteryBar.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\TIDAL\app-2.6.0\TIDAL.exe [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000023.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000078.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000088.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000039.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000007f.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\DellInc.DellSupportAssistforPCs_htrsf667h5kn2\LocalCache\Local\Microsoft\Windows\Caches\cversions.1.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\DellInc.DellSupportAssistforPCs_htrsf667h5kn2\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000084.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000035.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000031.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000109.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000010c.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x00000000000000f8.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x00000000000000bc.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000062.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000074.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\4K Stogram.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\MEGAsync\ShellExtX64.dll [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000014.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000003f.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat\Help (ENG).lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat\Uninstall WinDirStat.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat\WinDirStat.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Discord\app-0.0.305\Discord.exe [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Turbo\19.3.1947.0\TurboPlay.exe [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\LocalLow\Microsoft\CryptnetUrlCache\Content\7D266D9E1E69FA1EEFB9699B009B34C8_0A9BFDD75B598C2110CBF610C078E6E6 [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\LocalLow\Microsoft\CryptnetUrlCache\Content\9A19ADAD9D098E039450ABBEDD5616EB_C4753E70B0D639C80CB575487E8A02AC [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\cversions.1.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000005.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGA Website.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGAsync.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\Uninstall.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Programs\Opera\launcher.exe [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\UpdateGenerator.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\UpdateInstaller.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x00000000000000bd.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000008c.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Pushbullet\bin\pushbullet_client.exe [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Spotify\Spotify.exe [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\MEGAsync\MEGAsync.exe [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000006.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000013.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Jaxx Liberty.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2\Uninstall.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2\VirusTotal Uploader 2.2.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{22691FC9-B905-4D30-88C9-B63C603DA134}.3.ver0x0000000000000001.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E7EC0C85688F4738F3BE49B104BA67 [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x00000000000000ad.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000089.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\LocalLow\Microsoft\CryptnetUrlCache\Content\A89DFCC31C360BA5CBD616749B1B1C5D [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000007b.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000027.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000000d.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\4K YouTube to MP3.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV\MakeMKV Website.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV\MakeMKV.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV\Uninstall.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\TIDAL\TIDAL.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Logs and errors.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Replays.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Screenshots.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Uninstall War Thunder.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\TIDAL\app-2.4.0\TIDAL.exe [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\desktop.ini [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\SendTo\Desktop.ini [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000002a.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\LocalCache\Local\Microsoft\Windows\Caches\cversions.1.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x000000000000010b.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ProtonMail Bridge.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000061.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\TheBestSpinner3\TheBestSpinner.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\TheBestSpinner3\Uninstall.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x00000000000000a0.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\LocalLow\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x00000000000000cd.db [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\AppData\Local\Packages\NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj\LocalCache\Local\Microsoft\Windows\Fonts\WittenbergerFrakturMT-Bd.otf [E] The file cannot be accessed by the system (1920)
C:\Users\pirja\Music\Somiibo.Win.Installer\Somiibo.Win.Installer\Somiibo Setup 0.2.36.exe|>$INSTDIR\Uninstall Somiibo.exe|>$PLUGINSDIR\nsProcess.dll [E] The file is a decompression bomb. (42110)
C:\Users\pirja\Music\Somiibo.Win.Installer\Somiibo.Win.Installer\Somiibo Setup 0.2.36.exe|>$INSTDIR\Uninstall Somiibo.exe|>$PLUGINSDIR\WinShell.dll [E] The file is a decompression bomb. (42110)
C:\Users\pirja\AppData\Roaming\Somiibo\__installer.exe|>$INSTDIR\Uninstall Somiibo.exe|>$PLUGINSDIR\nsProcess.dll [E] The file is a decompression bomb. (42110)
C:\Users\pirja\AppData\Roaming\Somiibo\__installer.exe|>$INSTDIR\Uninstall Somiibo.exe|>$PLUGINSDIR\WinShell.dll [E] The file is a decompression bomb. (42110)
Infected files: 0
Total files: 1432330
Total folders: 110436
Total size: 1.2 TB

*
* Scan stopped: August 25, 2019 3:42:59 PM
* Run-time was 48 minute(s), 0 second(s)
*
 
RogueKiller Anti-Malware V13.4.3.0 (x64) [Aug 20 2019] (Premium) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17763) 64 bits
Started in : Normal mode
User : reznov [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20190820_153203, Driver : Loaded
Mode : Custom Scan, Scan -- Date : 2019/08/25 16:03:12 (Duration : 00:40:29)
Switches : -refid 3

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Software
[PUP.DriverPack (Potentially Malicious)] (X86) HKEY_LOCAL_MACHINE\Software\drpsu -- N/A -> Found
[PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-408333896-3164079283-3827766986-1001\Software\csastats -- N/A -> Found
[PUP.DriverPack (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-408333896-3164079283-3827766986-1001\Software\drpsu -- N/A -> Found
>>>>>> R5 - Proxy
[PUM.Proxy (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-408333896-3164079283-3827766986-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer -- N/A -> Found
>>>>>> O87 - Firewall
[Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{B910C083-253E-4BAB-960E-EB243355AFFB}C:\users\pirja\pictures\sdi_r1904\sdi_x64_r1904.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\pirja\pictures\sdi_r1904\sdi_x64_r1904.exe|Name=sdi_x64_r1904.exe|Desc=sdi_x64_r1904.exe|Defer=User| (C:\users\pirja\pictures\sdi_r1904\sdi_x64_r1904.exe) (missing) -> Found
[Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{75FDD433-8C15-4210-AA32-72D922FDC4C5}C:\users\pirja\pictures\sdi_r1904\sdi_x64_r1904.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\pirja\pictures\sdi_r1904\sdi_x64_r1904.exe|Name=sdi_x64_r1904.exe|Desc=sdi_x64_r1904.exe|Defer=User| (C:\users\pirja\pictures\sdi_r1904\sdi_x64_r1904.exe) (missing) -> Found
[Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{C7E7C54A-4C72-4A3D-A4B2-3E3E807DFD2A}C:\users\pirja\pictures\sdio_1.4.0.671\sdio_1.4.0.671\sdio_x64_r671.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\pirja\pictures\sdio_1.4.0.671\sdio_1.4.0.671\sdio_x64_r671.exe|Name=sdio_x64_r671.exe|Desc=sdio_x64_r671.exe|Defer=User| (C:\users\pirja\pictures\sdio_1.4.0.671\sdio_1.4.0.671\sdio_x64_r671.exe) (missing) -> Found
[Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{98A0CEFA-11AD-45DA-82DB-3385905478C5}C:\users\pirja\pictures\sdio_1.4.0.671\sdio_1.4.0.671\sdio_x64_r671.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\pirja\pictures\sdio_1.4.0.671\sdio_1.4.0.671\sdio_x64_r671.exe|Name=sdio_x64_r671.exe|Desc=sdio_x64_r671.exe|Defer=User| (C:\users\pirja\pictures\sdio_1.4.0.671\sdio_1.4.0.671\sdio_x64_r671.exe) (missing) -> Found
[Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FF7FA594-9225-4FFD-91F1-7948D44B1972} -- v2.29|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\pirja\AppData\Local\Temp\DriverPack-20190506193824\tools\aria2c.exe|Name=DriverPack aria2c.exe| (C:\Users\pirja\AppData\Local\Temp\DriverPack-20190506193824\tools\aria2c.exe) (missing) -> Found
>>>>>> XX - System Policies
[PUM.Policies (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.DriverPack (Potentially Malicious)] (folder) DRPSu -- C:\Users\pirja\AppData\Roaming\DRPSu -> Found
[PUP.Gen1 (Potentially Malicious)] (folder) Tencent -- C:\Users\pirja\AppData\Roaming\Tencent -> Found
[BitMiner.Gen0 (Malicious)] (folder) minergate -- C:\Users\pirja\AppData\Local\minergate -> Found
[PUP.Gen1 (Potentially Malicious)] (folder) simplitec -- C:\ProgramData\simplitec -> Found
[PUP.Gen1 (Potentially Malicious)] (folder) simplitec -- C:\ProgramData\simplitec -> Found
[BitMiner.Gen0 (Malicious)] (folder) minergate -- C:\Users\pirja\AppData\Local\minergate -> Found
[PUP.DriverPack (Potentially Malicious)] (folder) DRPSu -- C:\Users\pirja\AppData\Roaming\DRPSu -> Found
[PUP.Gen1 (Potentially Malicious)] (folder) Tencent -- C:\Users\pirja\AppData\Roaming\Tencent -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> Firefox Addon
[PUP.Gen2 (Potentially Malicious)] Honey (C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\2e3397mj.default\extensions\jid1-93CWPmRbVPjRQA@jetpack) -- jid1-93CWPmRbVPjRQA@jetpack -> Found
[PUP.Gen2 (Potentially Malicious)] Honey (C:\Users\pirja\AppData\Roaming\Mozilla\Firefox\Profiles\ayiflckg.Default User11\extensions\jid1-93CWPmRbVPjRQA@jetpack) -- jid1-93CWPmRbVPjRQA@jetpack -> Found
>>>>>> Chrome Addon
[PUP.Gen0 (Potentially Malicious)] Honey (C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\BMNLCJ~1) -- bmnlcjabgnpnenekpadlanbbkooimhnj -> Found
[PUP.Gen0 (Potentially Malicious)] Chameleon (C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\DMPOJJ~1) -- dmpojjilddefgnhiicjcmhbkjgbbclob -> Found
 
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/25/19
Scan Time: 5:43 PM
Log File: 713d83e4-c781-11e9-a979-3c2c30e834db.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.12179
License: Premium

-System Information-
OS: Windows 10 (Build 17763.678)
CPU: x64
File System: NTFS
User: DESKTOP-4F34DJR\reznov

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 952078
Threats Detected: 395
Threats Quarantined: 393
Time Elapsed: 1 hr, 55 min, 29 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 4
Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C226C3D1-020B-4DE8-859A-D0143D752CC2}, Delete-on-Reboot, [3864], [400550],1.0.12179
Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{C226C3D1-020B-4DE8-859A-D0143D752CC2}, Delete-on-Reboot, [3864], [400550],1.0.12179
Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OInstall, Delete-on-Reboot, [3864], [400550],1.0.12179
PUP.Optional.DriverPack, HKU\S-1-5-21-408333896-3164079283-3827766986-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\drp.su, Delete-on-Reboot, [562], [472299],1.0.12179

Registry Value: 4
PUM.Optional.DisableMRT, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU, Delete-on-Reboot, [7020], [676880],1.0.12179
Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C226C3D1-020B-4DE8-859A-D0143D752CC2}|PATH, Delete-on-Reboot, [3864], [400549],1.0.12179
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU, Delete-on-Reboot, [7020], [676880],1.0.12179
PUP.Optional.RussAd, HKU\S-1-5-21-408333896-3164079283-3827766986-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|coahpcpgfnnaddeelpphpifmgfobflog, Delete-on-Reboot, [325], [480148],1.0.12179

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 31
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\zh_CN, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\ar, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\bg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\bn, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\da, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\de, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\en, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\es, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\fi, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\fr, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\he, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\it, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\jp, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\nl, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\no, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\pl, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\ru, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\ta, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\uk, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\vi, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_metadata, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\libs, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\css, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\USERS\PIRJA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\coahpcpgfnnaddeelpphpifmgfobflog, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog, Delete-on-Reboot, [325], [480148],1.0.12179

File: 356
Trojan.Agent.CK, C:\WINDOWS\SYSTEM32\TASKS\OINSTALL, Delete-on-Reboot, [3864], [400550],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\css\all.css, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\css\all.css.map, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\css\all.scss, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\css\page.css, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\css\page.css.map, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\css\page.scss, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\css\_vars.css, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\css\_vars.css.map, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\css\_vars.scss, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts\GothamPro-Bold.ttf, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts\GothamPro-Light.ttf, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts\GothamPro-Medium.ttf, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts\GothamPro-Regular.ttf, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts\icomoon.eot, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts\icomoon.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts\icomoon.ttf, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts\icomoon.woff, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts\OpenSans-Bold.ttf, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts\OpenSans-Light.ttf, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\fonts\OpenSans-Regular.ttf, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AD.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AF.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AI.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AL.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ALA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
 
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AS.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AT.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AU.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AW.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\AZ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BB.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\bbc.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BD.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BF.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BH.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BI.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BJ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BL.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BQ-BO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BQ-SA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BS.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\LI.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\LK.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\LR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\LS.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\LT.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\LU.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\LV.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\LY.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MC.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MD.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ME.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MF.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MH.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MK.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ML.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MP.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MQ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MS.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MT.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MU.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MV.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MW.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MX.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MY.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\MZ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NC.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\EG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\EH.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ER.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ES-CN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ES-IB.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ES-PV.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ES.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ET.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\FI.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\FJ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\FK.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\FM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\FO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\FR-H.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\FR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GB-ORK.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GB-SCT.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GB.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GD.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GH.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GI.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GL.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GQ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GT.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GU.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GW.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\GY.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\hbo.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\HK.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SB.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SC.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SD.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SI.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SK.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SL.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ST.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SV.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SX.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SY.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\SZ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TC.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TD.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TH.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TIB.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TJ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TK.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TL.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\holo.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\HR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\HT.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\HU.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ID.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\IE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\IL.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\IM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\IN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\IO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\IQ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\IR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\IS.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\IT.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\JE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\JM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\JO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\JP.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\KE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\KG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\KH.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\KI.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\KM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\KN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\KP.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\KR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\KW.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\KY.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\KZ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\LA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\LB.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BW.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BY.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BZ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CA-BC.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CC.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CD.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CF.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CH.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CI.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CK.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CL.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CU.svg, Delete-on-Reboot, [325], [480148],1.0.12179
 
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CV.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CW.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CX.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CY.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\CZ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\DE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\DJ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\DK.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\DM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\DO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\DZ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\EC-W.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\EC.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\netflix.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NF.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NI.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NL.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NP.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NU.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NZ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\OM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PF.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PH.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PK.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PL.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PSE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PT-20.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PT-30.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PT.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PW.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\PY.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\QA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\RO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\RS.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\RU.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\BT.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\EE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\HN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\LC.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\NE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\RW.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TO.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TR.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TT.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TV.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TW.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\TZ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\UA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\UG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\US-HI.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\US.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\UY.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\UZ.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\VA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\VC.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\VE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\VG.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\VI.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\VN.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\VU.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\WLS.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\WS.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\XS.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\YE.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ZA.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ZM.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\flags\ZW.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_key.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\128.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\32.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\64.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\auth_body_bg.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\bg.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\check-icon.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\form-email-icon.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\form-key-icon.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\form-user-icon.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\handshake-icon.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_arrow_down.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_arrow_left.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_arrow_right.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_cross.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_dots.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_menu.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_search.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_security.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_settings.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_star.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_triangle.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\icon_user.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\loader.gif, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\loading.gif, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\logo-txt.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\logo.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\logo.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\logo_light_2.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\main_body_bg.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\map.png, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\img\thumbsUp.svg, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\libs\analytics.js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\libs\bundle.min.js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\libs\jquery.min.js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\app.js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\chrome.js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\message.js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\popup.js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\register.js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\stat.js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\storage.js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\js\x-select.js, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\ar\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\bg\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\bn\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\da\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\de\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\en\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\es\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\fi\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\fr\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\he\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\it\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\jp\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\nl\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\no\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\pl\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\ru\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\ta\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\uk\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\vi\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_locales\zh_CN\messages.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_metadata\computed_hashes.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\_metadata\verified_contents.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\config.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\manifest.json, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\popup.html, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\register.html, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog\5.5.23847_0\thankyou.html, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\coahpcpgfnnaddeelpphpifmgfobflog\000003.log, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\coahpcpgfnnaddeelpphpifmgfobflog\CURRENT, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\coahpcpgfnnaddeelpphpifmgfobflog\LOCK, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\coahpcpgfnnaddeelpphpifmgfobflog\LOG, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\coahpcpgfnnaddeelpphpifmgfobflog\LOG.old, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\Users\pirja\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\coahpcpgfnnaddeelpphpifmgfobflog\MANIFEST-000001, Delete-on-Reboot, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\USERS\PIRJA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [325], [480148],1.0.12179
PUP.Optional.RussAd, C:\USERS\PIRJA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [325], [480148],1.0.12179
Adware.InstallCore, C:\USERS\PIRJA\APPDATA\LOCAL\TEMP\DD36.TMP, Delete-on-Reboot, [449], [722650],1.0.12179
Adware.InstallCore, C:\USERS\PIRJA\APPDATA\LOCAL\TEMP\BE70.TMP, Delete-on-Reboot, [449], [722650],1.0.12179
RiskWare.GameHack, D:\GAMES\THE EVIL WITHIN\NODVD\PROPHET\STEAM_API64.DLL, No Action By User, [7480], [305544],1.0.12179
Trojan.Agent.MSIL, D:\MEGA\NANOCORE.ZIP, No Action By User, [3648], [59060],1.0.12179

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-25-2019
# Duration: 00:00:11
# OS: Windows 10 Pro
# Scanned: 35493
# Detected: 27


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.DriverBooster C:\ProgramData\IOBIT\Driver Booster
PUP.Optional.DriverBooster C:\Users\pirja\AppData\Roaming\IOBIT\Driver Booster

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.DriverBooster HKLM\Software\Wow6432Node\IObit\Driver Booster
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|AndroidServer.exe

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy Chameleon

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.DellCommand|PowerManager
Preinstalled.DellSupportAssistAgent
Preinstalled.DellUpdateforWindows10


AdwCleaner_Debug.log - [7937 octets] - [25/08/2019 19:50:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
 
Back