my Micorosoft account got hacked/stolen/deleted

[Mai Brumec]

guys I dont know what to do personally but my microsoft account was hacked or something because when im trying to log into my Microsoft account it says that they werent able to found that accountsecond one is original but it is in Slovene so I pic translate it, I should sign up or use diffrent email address. I had minecraft on this account and I still have it on desktop launcher

, but when im trying to play it i need to choose account

and when I choose my account (my account its on the photo) there is some random gmail that verification code is gonna be send in english;like it looks like somebody was in my account. I dont recognize this email in fact that was first time seeing it and i assume its bussiness email cause it ends with .ru and not .com but ive tried to look up this gmail account and it says that they dont recognize it... he also tried to get into my facebook but he couldnt i think

in English:

cause facebook said that they didnt let it so I really dont know what to do, I dont want to lose my minecraft and microsoft account cause I dont know if that can damage my computer.

 

[veeg]

Hello

I will tag our expert for help.

@Malnutrition

 

[Mai Brumec]

thanks for help

I meant thanks for tagging expert

 

[Mai Brumec]

Hello

I will tag our expert for help.

@Malnutrition

do you know how long it may take to expert see this?
just asking out of curiosity

 

[veeg]

It may be late in the day here (U.S.) time.

 

[Mai Brumec]

It may be late in the day here (U.S.) time.

ok sure I have time I hope we can solve this problem

 

[veeg]

Ok, yeah he is good at what he does..

 

[Malnutrition]

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu"

If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.

1. Accept the default whitelist options,
2. If the additions.txt options box is not checked please select it.
3. Then select Scan

Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.

Please Copy and Paste the contents of these logs in your next post for review by our Security Team

 

[Malnutrition]

@Mai Brumec any update?

 

[Malnutrition]

@Mai Brumec any update?

If there is no response in 48 hours, the thread will be closed.

 

[Mai Brumec]

@Mai Brumec any update?

If there is no response in 48 hours, the thread will be closed.

I’m working on it cause it’s crashing idk what’s the reason maybe wifi cause I have bad wifi but I will keep trying

 

[Malnutrition]

You could transfer the logs via a thumb drive, or boot the machine into safemode with networking and send logs after running in normal mode.

[KB2268] Start Windows in Safe Mode or Safe Mode with Networking

support.eset.com

 

[Mai Brumec]

the problem is

You could transfer the logs via a thumb drive, or boot the machine into safemode with networking and send logs after running in normal mode.

[KB2268] Start Windows in Safe Mode or Safe Mode with Networking

support.eset.com

my computer doesnt let me run program because it could be a virus says

 

[Mai Brumec]

You could transfer the logs via a thumb drive, or boot the machine into safemode with networking and send logs after running in normal mode.

[KB2268] Start Windows in Safe Mode or Safe Mode with Networking

support.eset.com

it says it could damage my computer

 

[Malnutrition]

it says it could damage my computer

It most certainly will not damage your Computer, FRST is a program widely used on many forums. Ignore the message and scan the machine,.

 

[Mai Brumec]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022
Ran by Uporabnik (28-08-2022 15:38:29)
Running from C:\Users\Uporabnik\Downloads
Microsoft Windows 10 Pro Version 21H1 19043.1889 (X64) (2022-04-26 11:02:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3134029656-847882931-1988809457-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3134029656-847882931-1988809457-503 - Limited - Disabled)
Guest (S-1-5-21-3134029656-847882931-1988809457-501 - Limited - Disabled)
Uporabnik (S-1-5-21-3134029656-847882931-1988809457-1001 - Administrator - Enabled) => C:\Users\Uporabnik
WDAGUtilityAccount (S-1-5-21-3134029656-847882931-1988809457-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Total AV (Disabled - Out of date) {0567E33F-93C9-11B5-891D-90A37AEB2766}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.7.1.1 - Adobe Inc.)
blender (HKLM\...\{7CD438BB-E07C-4EF7-8DDD-FD083242FC11}) (Version: 3.1.2 - Blender Foundation)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.7.110.1003 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\BlueStacks X) (Version: 0.15.2.3 - BlueStack Systems, Inc.)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
CurseForge (HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.202.1.4890 - Overwolf app)
Discord (HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.2.1.53537 - Foxit Software Inc.)
Google Chrome (HKLM\...\{D209B3BE-785A-3C2F-B5DA-0EE3C6DF5C2E}) (Version: 104.0.5112.102 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Java 8 Update 333 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180333F0}) (Version: 8.0.3330.2 - Oracle Corporation)
Krita (x64) 5.0.6 (HKLM\...\Krita_x64) (Version: 5.0.6.0 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.70 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - sl-si (HKLM\...\ProPlus2019Volume - sl-si) (Version: 16.0.10389.20033 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\OneDriveSetup.exe) (Version: 22.161.0731.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movavi Video Editor Plus 2022 (HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Movavi Video Editor Plus 2022) (Version: 22.2.1 - Movavi)
NVIDIA Canvas 1.2.138 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Canvas) (Version: 1.2.138 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Grafični gonilnik 512.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.59 - NVIDIA Corporation)
NVIDIA HD avdio gonilnika 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Sistemske opreme PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10389.20033 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10389.20033 - Microsoft Corporation) Hidden
Opera GX Stable 89.0.4447.64 (HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Opera GX 89.0.4447.64) (Version: 89.0.4447.64 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.114.51455 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.204.0.1 - Overwolf Ltd.)
Preverjanje ustreznosti stanja računalnika Windows (HKLM\...\{1EE44D00-E6D1-4FBF-B32C-AB43A7F519DC}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 10.2.5.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0731.072516 - Razer Inc.)
Razer Virtual Ring Light (HKLM-x32\...\Razer Virtual Ring Light) (Version: 2.0.0.23 - Razer Inc.)
Roblox Player for Uporabnik (HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for Uporabnik (HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\roblox-studio) (Version: - Roblox Corporation)
SignalRgb (HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\VortxEngine) (Version: 2.2.22 - WhirlwindFX)
Skype različica 8.83 (HKLM-x32\...\Skype_is1) (Version: 8.83 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamer Companion App (HKLM-x32\...\Streamer Companion App) (Version: 2.0.1.3 - Razer Inc.)
The Crew 2 (HKLM-x32\...\Uplay Install 2855) (Version: - Ubisoft)
THX Spatial Audio (HKLM-x32\...\THX Spatial Audio) (Version: 2.0.1.11 - Razer Inc.)
TotalAV (HKLM-x32\...\TotalAV) (Version: 5.17.470 - TotalAV) <==== ATTENTION
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 131.0.10667 - Ubisoft)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.34.2.0 - Voicemod S.L.)
Zoom(64bit) (HKLM\...\{10F9C1AD-E615-47A6-B3E6-A66308D01F65}) (Version: 5.10.5035 - Zoom)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-07-01] (Adobe Systems Incorporated)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.17.0_x86__ffd303wmbhcjt [2022-08-28] (BreeZip)
Lively Wallpaper -> C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy [2022-08-18] (rocksdanister) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-07-31] (Microsoft Studios) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.28.0_x64__8wekyb3d8bbwe [2022-08-28] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-05-02] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-05-29] (Microsoft Corporation)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.541.422.0_x86__55nm5eh3cm0pr [2022-08-28] (ROBLOX Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0 [2022-08-28] (Spotify AB) [Startup Task]
WindowsAppRuntime.1.0 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.0_3.469.1654.0_x64__8wekyb3d8bbwe [2022-04-28] (Microsoft Corporation)
WindowsAppRuntime.1.0 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.0_3.469.1654.0_x86__8wekyb3d8bbwe [2022-04-28] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1001.524.1918.0_x86__8wekyb3d8bbwe [2022-06-16] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1003.565.600.0_x86__8wekyb3d8bbwe [2022-07-22] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1004.584.2120.0_x64__8wekyb3d8bbwe [2022-08-17] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1004.584.2120.0_x86__8wekyb3d8bbwe [2022-08-17] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3134029656-847882931-1988809457-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-906D8216F0F0} -> [Creative Cloud Files] => C:\Users\Uporabnik\Creative Cloud Files [2022-07-01 21:12]
CustomCLSID: HKU\S-1-5-21-3134029656-847882931-1988809457-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3134029656-847882931-1988809457-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
CustomCLSID: HKU\S-1-5-21-3134029656-847882931-1988809457-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-05-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-05-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-05-24] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-05-24] (Adobe Inc. -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\nvshext.dll [2022-04-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-05-24] (Adobe Inc. -> )

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-04-28 10:37 - 2022-04-28 10:38 - 000057344 _____ (Google) [File not signed] [File is in use] C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\GrpcDotNetNamedPipes.dll
2022-04-26 13:19 - 2021-12-26 16:00 - 000093696 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2022-04-28 10:37 - 2022-04-28 10:42 - 000056832 _____ (Linearstar) [File not signed] [File is in use] C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\RawInput.Sharp.dll
2022-08-17 20:31 - 2022-08-17 20:31 - 000446464 _____ (Lively) [File not signed] [File is in use] C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\Lively.dll
2022-08-17 20:31 - 2022-08-17 20:31 - 000115712 _____ (Lively.Common) [File not signed] [File is in use] C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\Lively.Common.dll
2022-08-17 20:31 - 2022-08-17 20:31 - 000152576 _____ (Lively.Grpc.Common) [File not signed] [File is in use] C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\Lively.Grpc.Common.dll
2022-08-17 20:31 - 2022-08-17 20:31 - 000052736 _____ (Lively.Models) [File not signed] [File is in use] C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\Lively.Models.dll
2022-04-28 10:37 - 2022-04-28 10:38 - 000005120 _____ (Matteo Pagani) [File not signed] [File is in use] C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\DesktopBridge.Helpers.dll
2022-08-17 20:31 - 2022-08-17 20:32 - 000831488 _____ (NLog) [File not signed] [File is in use] C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\NLog.dll
2022-04-28 10:37 - 2022-04-28 10:42 - 000032768 _____ (Soroush Falahati (falahati.net)) [File not signed] [File is in use] C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\UACHelper.dll
2022-08-10 10:36 - 2022-06-05 12:20 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Origin\LIBEAY32.dll
2022-08-10 10:36 - 2022-06-05 12:20 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] D:\Origin\ssleay32.dll
2022-08-10 10:36 - 2022-06-05 12:20 - 001611264 _____ (The Qt Company Ltd) [File not signed] D:\Origin\platforms\qwindows.dll
2022-08-10 10:36 - 2022-06-05 12:20 - 005487104 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Core.dll
2022-08-10 10:36 - 2022-06-05 12:20 - 005841920 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Gui.dll
2022-08-10 10:36 - 2022-06-05 12:20 - 001179136 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Network.dll
2022-08-10 10:36 - 2022-06-05 12:20 - 000146432 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5WebSockets.dll
2022-08-10 10:36 - 2022-06-05 12:20 - 005089792 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Widgets.dll
2022-08-10 10:36 - 2022-06-05 12:20 - 000184832 _____ (The Qt Company Ltd) [File not signed] D:\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5300]
AlternateDataStreams: C:\Users\Uporabnik\AppData\Local\Temp:$DATA [16]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-04-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\ssv.dll [2022-05-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\jp2ssv.dll [2022-05-03] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-29] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\StartupApproved\Run: => "SignalRgb"
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\StartupApproved\Run: => "Voicemod"
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\StartupApproved\Run: => "Overwolf"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{59C62C45-4C60-4AA6-B7A0-95097AAB65FF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E12D4DFD-D19C-4704-8B37-FF982F806B42}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0F32F8D6-4562-405B-9208-12EF1FBA2C22}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0C4112FC-3148-4730-95E0-9D8B3508B76E}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1B36D520-1A44-48AF-9D31-2425EFA23201}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B2098FCE-22AF-46CD-A2DF-41733211C890}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4C16443D-2555-48E3-8107-391DAFF896C9}] => (Allow) C:\Program Files\Razer\RzAppEngine\rzappengine.exe (Razer USA Ltd. -> Razer Inc.)
FirewallRules: [{257108BA-4744-42EF-B3EA-047FCB5FF9A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3BD93512-692B-4CC6-833D-3347285EEB0F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{54B8DCB9-3582-4E30-8D1E-2A56F4F2C48E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E07B637C-FE1B-47C8-A429-F7F66B8C1C25}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{32DFC5A2-41A3-4E61-8987-B9A599F6DC2A}] => (Allow) D:\SteamLibrary\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{2F8DC649-578A-4CD3-86FD-BE3FB26FA8A8}] => (Allow) D:\SteamLibrary\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{C9F7FBE5-A7E4-4279-8D03-72FF9214F5CB}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{6284C3D2-F8D6-46C3-B826-8C2EDE4296F4}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{A2D82924-C244-4D42-8B30-BF5888B88732}D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [UDP Query User{426833A4-506D-49F8-82CB-258E5CABEFD5}D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{9CC43541-E781-4A8D-BD3C-384EED7F80AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0A1AB5EF-E7B6-474A-9EF4-F91FC37DF7C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{97B5D372-F30F-40DA-8981-7830DAEE6FEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{18D0EC6B-0AD1-4A8D-85D8-D0D9073B6116}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E8EF60AE-36E8-4FA7-A421-5E505520A6B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{ED46CE8E-C95C-4BB8-A561-6454DC4D2D3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{212437BD-A1A6-455F-8E5C-00BCABB3660C}D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [UDP Query User{D3C80980-0027-4CF2-9A49-F68951214A17}D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [TCP Query User{7B7711FE-C51B-4FDC-85C9-38EC1E352599}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{1EB82CB4-FD57-4DD8-B6F9-C2F54EFE808A}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{F0959F85-FC0B-4802-8428-83A1B12FBE75}] => (Allow) D:\SteamLibrary\steamapps\common\ForzaHorizon5\ForzaHorizon5.exe (Microsoft Corporation -> )
FirewallRules: [{E04481B6-4488-4516-B824-8D4E25442118}] => (Allow) D:\SteamLibrary\steamapps\common\ForzaHorizon5\ForzaHorizon5.exe (Microsoft Corporation -> )
FirewallRules: [TCP Query User{3F12B428-7681-47EC-8FBD-A6F60E9229FB}C:\users\uporabnik\appdata\local\vortxengine\app-2.2.20\signal-x64\signalrgb.exe] => (Allow) C:\users\uporabnik\appdata\local\vortxengine\app-2.2.20\signal-x64\signalrgb.exe (WhirlwindFX) [File not signed]
FirewallRules: [UDP Query User{B49A8043-AC49-484F-A746-E842337A557F}C:\users\uporabnik\appdata\local\vortxengine\app-2.2.20\signal-x64\signalrgb.exe] => (Allow) C:\users\uporabnik\appdata\local\vortxengine\app-2.2.20\signal-x64\signalrgb.exe (WhirlwindFX) [File not signed]
FirewallRules: [TCP Query User{493579AF-5966-409B-9F89-D872FEF9220C}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{5F4C9523-D988-45CA-A34A-F5AB9375BABB}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{1245ABBD-A905-455F-9A3A-8FC6BFAF65DB}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C9E42966-A154-44C3-A7AD-D3F4C4B06543}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C2538D78-F05F-4361-9DC6-ABDCE5BEC668}D:\epic games\saintsrowthethird\srttr.exe] => (Allow) D:\epic games\saintsrowthethird\srttr.exe (Koch Media GmbH, Austria) [File not signed]
FirewallRules: [UDP Query User{047B7F76-BC82-40A3-8766-70B28A9FF0E1}D:\epic games\saintsrowthethird\srttr.exe] => (Allow) D:\epic games\saintsrowthethird\srttr.exe (Koch Media GmbH, Austria) [File not signed]
FirewallRules: [{7E9F7878-3389-4827-B228-8B3D9611A8AC}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [{ABCBB2BF-3A8B-46BF-BF87-F3C84D4142B3}] => (Allow) D:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [File not signed]
FirewallRules: [TCP Query User{898A9DEE-1A13-42A7-B668-68346FD228DF}D:\epic games\saintsrowthethird\srttr.exe] => (Allow) D:\epic games\saintsrowthethird\srttr.exe (Koch Media GmbH, Austria) [File not signed]
FirewallRules: [UDP Query User{4A4752F5-49E5-4124-B7C7-9BCD17FC9FBA}D:\epic games\saintsrowthethird\srttr.exe] => (Allow) D:\epic games\saintsrowthethird\srttr.exe (Koch Media GmbH, Austria) [File not signed]
FirewallRules: [TCP Query User{D2F34158-E6D8-4726-BE6C-13C6272524BF}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{E34D5037-8480-45CD-942C-072811CF11BF}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [TCP Query User{BAEE7156-22FF-4313-889B-DA47253753B9}C:\users\uporabnik\appdata\local\vortxengine\app-2.2.22\signal-x64\signalrgb.exe] => (Block) C:\users\uporabnik\appdata\local\vortxengine\app-2.2.22\signal-x64\signalrgb.exe (WhirlwindFX) [File not signed]
FirewallRules: [UDP Query User{51DA6823-FE76-4BAC-B6FB-9D48E3EB988F}C:\users\uporabnik\appdata\local\vortxengine\app-2.2.22\signal-x64\signalrgb.exe] => (Block) C:\users\uporabnik\appdata\local\vortxengine\app-2.2.22\signal-x64\signalrgb.exe (WhirlwindFX) [File not signed]
FirewallRules: [TCP Query User{0D70E0DF-7DB1-4982-953E-1277587DD495}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [UDP Query User{AF85B4E6-B827-4B2C-BFB5-C65A5EA1B65D}D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) D:\steamlibrary\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [File not signed]
FirewallRules: [{6928CB09-82C0-4B38-BB0D-8BA13F9FF8AB}] => (Allow) D:\SteamLibrary\steamapps\common\Yu-Gi-Oh! Master Duel\masterduel.exe () [File not signed]
FirewallRules: [{D285F4C2-7D98-4300-98AF-0F39D2A035E8}] => (Allow) D:\SteamLibrary\steamapps\common\Yu-Gi-Oh! Master Duel\masterduel.exe () [File not signed]
FirewallRules: [TCP Query User{CE89EA60-A66A-4ECA-8433-03785A6BCB40}C:\users\uporabnik\appdata\local\vortxengine\app-2.2.22\signal-x64\signalrgb.exe] => (Block) C:\users\uporabnik\appdata\local\vortxengine\app-2.2.22\signal-x64\signalrgb.exe (WhirlwindFX) [File not signed]
FirewallRules: [UDP Query User{12067AAA-2035-462B-8D24-766A60A1F121}C:\users\uporabnik\appdata\local\vortxengine\app-2.2.22\signal-x64\signalrgb.exe] => (Block) C:\users\uporabnik\appdata\local\vortxengine\app-2.2.22\signal-x64\signalrgb.exe (WhirlwindFX) [File not signed]
FirewallRules: [{4FD9F56F-5724-4FE4-B6CE-25506BC85798}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{50E307D7-DC83-4C2C-90E1-5FB09C79C43E}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [TCP Query User{821BF338-739F-47DF-A938-23057E0BA5C7}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [UDP Query User{A05545B3-4464-491A-ACA1-B5680AB306C6}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{A5F86BCE-B00B-49EA-ACD4-A671F3118F18}] => (Allow) D:\Nova mapa\The Crew 2\TheCrew2.exe (UBISOFT ENTERTAINMENT INC. -> UBISoft) [File not signed]
FirewallRules: [{070C772F-DDD7-4B94-8753-960C6BC33720}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{AE764BC6-E886-43B9-8059-446E480672D1}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{96CC84B6-A3D1-4D5E-86BA-EBC1F74FC0EA}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{287503B7-130A-44D1-946A-4439D18A023F}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{543CE8CC-5C3B-401F-8F9B-C90097C2B043}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{347D413A-8E26-47C8-9C82-6D25C8FF7348}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{69E78C47-B01D-4EA7-B4EF-A625D1537BEB}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{B31AFF5A-6B08-42C5-9A69-EF31899B244D}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{A886586C-D9A6-4F1F-A17D-8F3C4B3FD6EB}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{2AFCDFBD-1109-47A5-9DC1-6710D09F7F13}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{976C95F5-4F1A-4D14-BCC5-3BBCCF104396}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{B1FD0D12-CB28-4CCA-B092-9472C1E76F11}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{577077D4-A279-4E36-819E-68B4B4036A89}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{49B6595B-16D6-4003-8B41-885DF7C7DD22}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [TCP Query User{08909C38-DF68-4D3E-B162-0800173A044C}D:\epic games\justdiealready\jdgame\binaries\win64\jdgame-win64-shipping.exe] => (Allow) D:\epic games\justdiealready\jdgame\binaries\win64\jdgame-win64-shipping.exe (DoubleMoose) [File not signed]
FirewallRules: [UDP Query User{8E1C4A35-C2D7-4D48-A287-79106FB9AE65}D:\epic games\justdiealready\jdgame\binaries\win64\jdgame-win64-shipping.exe] => (Allow) D:\epic games\justdiealready\jdgame\binaries\win64\jdgame-win64-shipping.exe (DoubleMoose) [File not signed]
FirewallRules: [TCP Query User{F9B98F5B-8B4C-4945-B11E-FC85BED977FF}D:\epic games\fallguys\fallguys_client_game.exe] => (Allow) D:\epic games\fallguys\fallguys_client_game.exe () [File not signed]
FirewallRules: [UDP Query User{55CD3772-C288-459A-BEC8-D18928CC4E7F}D:\epic games\fallguys\fallguys_client_game.exe] => (Allow) D:\epic games\fallguys\fallguys_client_game.exe () [File not signed]
FirewallRules: [{C486A144-9C13-46A5-A3AF-C088A2E23AD2}] => (Allow) D:\SteamLibrary\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{66C4CFFF-0A47-4940-AB58-55EB9A1DB277}] => (Allow) D:\SteamLibrary\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{44F207CB-11C9-4B63-908D-53B23754B03A}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{7E65DE5A-ED99-4BE1-89B8-A97D8B14D93F}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{28EC568F-FBA9-4F0F-A856-19E6046EA200}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{A48AF286-FE77-4F9D-B803-197637DA88D4}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [TCP Query User{1CEFBD87-B357-4C63-A392-1FDACF40EDFE}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{0BEECCA2-EFEF-4927-84E3-C7BE0FF62F1C}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{DA5B9957-6ECD-40F7-8408-EBF463E78EFA}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{3A47B432-E9B8-4CF7-9D66-8C2D7F0FDADA}C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\uporabnik\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{408A7ADF-4334-4558-A4BD-AD1F125B33A9}C:\users\uporabnik\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\uporabnik\appdata\local\discord\app-1.0.9006\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{65040ECE-B849-468A-B651-31E0EB619C80}C:\users\uporabnik\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\uporabnik\appdata\local\discord\app-1.0.9006\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{FBD38859-2F3B-4AE3-A090-015025713552}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A6D81CA6-E04F-4CD9-A36D-45FEE7F9B53B}] => (Allow) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FC77A75F-F7F8-4D2D-B9B3-30BA500022FA}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{65CFE4A0-3FA6-4656-AE7F-708BAB7F7CD6}] => (Block) C:\Program Files (x86)\Overwolf\0.203.1.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A4400A20-6430-439D-B0F6-7AA4C8C49933}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DA7EED26-3C78-40FD-9E9D-94B01496076A}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{E6E2BB9D-3B1A-493A-BAD3-8FDBE74B4527}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61CD093B-79CE-491C-9B53-82F605822F29}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{76ACAFE8-474A-4FCE-8017-0B90C735841A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0895B6F9-CE63-493F-AED9-DAE726C46CCB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.87.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8CDC800A-E65D-4109-B65A-A283B37A35F7}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{537CDD6A-9104-425A-BCA3-800E0EAB5CC7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66043EBD-BA8E-45BA-BA31-04413B514A12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ECCCEA31-7748-4FF6-B4BC-D6AE7215A2A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{853CEA0D-729B-47CE-86D4-B7E55DD678D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BBB0CA93-061F-40F5-A2E8-559060094109}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B61D218-9B0B-4944-B720-12012E2BB967}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5B5E189B-5EDC-4D29-A85C-621430F40F50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2F597AC7-7CB8-4BEF-89D3-048B4E1D5BA9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{899F9126-DCB3-4F6B-93FF-B5F8A02F9084}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.192.647.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3E65F390-E7DC-4288-91DF-536006F85EE8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-08-2022 14:58:01 Windows Modules Installer
18-08-2022 14:41:26 TotalAV Install

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/18/2022 04:14:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ChromaVisualizer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 7943E83E

Error: (08/17/2022 01:24:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Napačno ime programa: RazerCortex.exe, različica: 10.1.3.0, časovni žig: 0x6283df13
Napačno ime modula: ucrtbase.dll, različica: 10.0.19041.789, časovni žig: 0x82dc99a2
Koda izjeme: 0xc0000409
Napačen odmik: 0x0009eddb
Napačen id procesa: 0x2d08
Napačen začetni čas programa: 0x01d8b22be050fdfa
Napačna programska pot: C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
Napačna pot modula: C:\Windows\System32\ucrtbase.dll
Id poročila: fba4841c-8845-4e35-b5d5-cc646372d037
Napačno polno ime paketa:
Napačen ID programa, sorodnega paketu:

Error: (08/17/2022 10:20:19 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ChromaVisualizer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 79EDE88D

Error: (08/16/2022 04:49:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ChromaVisualizer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 7C01E83E

Error: (08/15/2022 08:28:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Napačno ime programa: RazerCortex.exe, različica: 10.0.251.0, časovni žig: 0x62571150
Napačno ime modula: ucrtbase.dll, različica: 10.0.19041.789, časovni žig: 0x82dc99a2
Koda izjeme: 0xc0000409
Napačen odmik: 0x0009eddb
Napačen id procesa: 0x253c
Napačen začetni čas programa: 0x01d8b0d4c51ac2eb
Napačna programska pot: C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
Napačna pot modula: C:\Windows\System32\ucrtbase.dll
Id poročila: 5ab0fd51-c87e-43cf-ad0e-a128ad12fcc2
Napačno polno ime paketa:
Napačen ID programa, sorodnega paketu:

Error: (08/11/2022 10:47:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ChromaVisualizer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 7A9DE896

Error: (08/08/2022 02:50:05 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Mehanizem za optimiranje shrambe ne more dokončati znova obreži (\\?\Volume{19c0c6cf-4c0d-97a3-0d37-e79c8c13d025}\) zaradi naslednjega razloga: Strojna oprema, ki podpira nosilec, ne podpira zahtevanega postopka. (0x8900002A)

Error: (08/08/2022 02:50:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Mehanizem za optimiranje shrambe ne more dokončati znova obreži (Nov nosilec (D) zaradi naslednjega razloga: Strojna oprema, ki podpira nosilec, ne podpira zahtevanega postopka. (0x8900002A)


System errors:
=============
Error: (08/28/2022 03:27:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Napaka pri namestitvi: Windows ni namestil te posodobitve z napako 0x80248007: 9NBLGGGZM6WM-ROBLOXCORPORATION.ROBLOX.

Error: (08/28/2022 03:22:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:54:34 on ‎20. ‎08. ‎2022 was unexpected.

Error: (08/28/2022 03:22:36 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.

Error: (08/20/2022 11:25:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Storitev »Steam Client Service« se ni uspela zagnati zaradi te napake:
The service did not respond to the start or control request in a timely fashion.

Error: (08/20/2022 11:25:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Pri čakanju, da storitev Steam Client Service vzpostavi povezavo, je bila dosežena časovna omejitev (30000 milisekund).

Error: (08/17/2022 08:34:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Napaka pri namestitvi: Windows ni namestil te posodobitve z napako 0x80073d02: 9NTM2QC6QWS7-12030rocksdanister.LivelyWallpaper.

Error: (08/17/2022 03:00:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-E9TUOMA)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (08/17/2022 03:00:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-E9TUOMA)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2022-08-16 22:20:21
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/ClipBanker.DK!MTB&threatid=2147826401&enterprise=0

Name: Trojan:Win32/ClipBanker.DK!MTB
Severity: Resna
Category: Trojanec
Path: file:_C:\Users\Uporabnik\AppData\Local\Temp\svhost.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\UPORAB~1\AppData\Local\Temp\7zO01ADEDC3\Install.exe
Security intelligence Version: AV: 1.373.452.0, AS: 1.373.452.0, NIS: 1.373.452.0
Engine Version: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-08-16 22:20:20
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/CoinMiner!MSR&threatid=2147742993&enterprise=0

Name: Trojan:MSIL/CoinMiner!MSR
Severity: Resna
Category: Trojanec
Path: file:_C:\Users\Uporabnik\AppData\Local\Temp\conhost.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\UPORAB~1\AppData\Local\Temp\7zO01ADEDC3\Install.exe
Security intelligence Version: AV: 1.373.452.0, AS: 1.373.452.0, NIS: 1.373.452.0
Engine Version: AM: 1.1.19500.2, NIS: 1.1.19500.2

Date: 2022-08-08 20:18:52
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-08-08 15:38:12
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sabsik.FL.B!ml&threatid=2147780203&enterprise=0

Name: Trojan:Win32/Sabsik.FL.B!ml
Severity: Resna
Category: Trojanec
Path: file:_C:\Users\Uporabnik\AppData\Local\Temp\7zOCC6887DA\Setup 2.0.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\7-Zip\7zFM.exe
Security intelligence Version: AV: 1.371.1651.0, AS: 1.371.1651.0, NIS: 1.371.1651.0
Engine Version: AM: 1.1.19400.3, NIS: 1.1.19400.3

Date: 2022-07-23 09:20:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2022-08-28 15:24:35
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\TotalAV\wscf.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F5 05/30/2014
Motherboard: Gigabyte Technology Co., Ltd. Z97X-Gaming 5
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 38%
Total physical RAM: 16245.04 MB
Available physical RAM: 9998.05 MB
Total Virtual: 18677.04 MB
Available Virtual: 11266.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.27 GB) (Free:94.85 GB) (Model: Samsung SSD 870 EVO 250GB) NTFS
Drive d: (Nov nosilec) (Fixed) (Total:1863 GB) (Free:1186.09 GB) (Model: TOSHIBA HDWD220) NTFS

\\?\Volume{f4c4cfe3-535e-4f33-9379-ce2507cd3c69}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{3a67c860-4f4a-07bf-1000-5763d3e2c1e4}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{b28afe1d-e026-4917-a6de-d3722847cee8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.

==================== End of Addition.txt =======================

 

[Malnutrition]

That is the addition.txt I also need FRST.txt

 

[Mai Brumec]

It most certainly will not damage your Computer, FRST is a program widely used on many forums. Ignore the message and scan the machine,.

i have problem most of things are in slovene
google translate is probably translate well

 

[Mai Brumec]

That is the addition.txt I also need FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2022
Ran by Uporabnik (administrator) on DESKTOP-E9TUOMA (Gigabyte Technology Co., Ltd. Z97X-Gaming 5) (28-08-2022 15:37:15)
Running from C:\Users\Uporabnik\Downloads
Loaded Profiles: Uporabnik
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1889 (X64) Language: slovenščina (Slovenija)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\AudioVisualizer\ChromaVisualizer.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\Lively.exe ->) (rocksdanister) C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\Plugins\Mpv\mpv.exe
(C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\Lively.exe ->) (rocksdanister) C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\Plugins\Watchdog\Lively.Watchdog.exe
(Discord Inc. -> Discord Inc.) C:\Users\Uporabnik\AppData\Local\Discord\app-1.0.9006\Discord.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Razer USA Ltd. -> ) C:\Windows\System32\RZTHXHelper.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (rocksdanister) C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.125.0_x86__97hta09mmv6hy\Build\Lively.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) D:\Origin\OriginWebHelperService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
(services.exe ->) (Razer USA Ltd. -> Razer) C:\Windows\System32\RZTHXService.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2203.1037.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RZTHXHelper] => C:\Windows\system32\RZTHXHelper.exe [385264 2020-04-26] (Razer USA Ltd. -> )
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [82973864 2022-04-26] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543744 2022-08-15] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [850208 2022-07-01] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Run: [Discord] => C:\Users\Uporabnik\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3535416 2022-07-25] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234600 2022-08-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32706512 2022-08-19] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Run: [SignalRgb] => C:\Users\Uporabnik\AppData\Local\VortxEngine\SignalRgbLauncher.exe [498688 2022-05-05] () [File not signed]
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Run: [Opera GX Stable] => C:\Users\Uporabnik\AppData\Local\Programs\Opera GX\launcher.exe [2462712 2022-07-25] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\Uporabnik\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7395712 2022-07-15] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Run: [EADM] => D:\Origin\Origin.exe [3149648 2022-07-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-08-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Uporabnik\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Uporabnik\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3134029656-847882931-1988809457-1001\...\RunOnce: [Uninstall 22.151.0717.0001] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uporabnik\AppData\Local\Microsoft\OneDrive\22.151.0717.0001" (No File)
HKU\S-1-5-18\...\Run: [RzAppEngine] => C:\Program Files\Razer\RzAppEngine\rzappengine.exe [1641840 2021-10-06] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3535416 2022-07-25] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}] -> C:\Program Files\Razer\RzAppEngine\1.49.0.0\Installer\chrmstp.exe [2022-04-28] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-28] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E5987A3-FBDB-4FA4-A759-1F00B5732294} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {17C8A410-70BD-44D1-886D-DF9901C33988} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1EF03013-9E99-4684-B83C-A96B965C88C6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513776 2022-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {21C28809-BCC3-4A1A-832C-57BBD2F2E6CF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2513F7C9-9B9E-4620-BD3B-749934774125} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
Task: {26B41C0D-0189-401A-B26E-24875FCBADC2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2B8BAD8B-7B42-4E8E-8662-135AAC276EAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2DE346E4-6EC6-48D1-8104-8652381CB02F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513776 2022-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {43D22B3D-AD8F-4BBE-A055-4FF1387B99AF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4C09037D-4FD6-4808-A882-BAFE43089ADE} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543744 2022-08-15] (Razer USA Ltd. -> Razer Inc.)
Task: {4F586750-D36B-451E-ACD5-95CE4E7627ED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564752 2022-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {52CBFA30-9B2C-4C13-BAE5-E29096FFC425} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564752 2022-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A68F506-6CE1-466F-8BC7-3C30746546E9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {76339287-49A0-49BC-91CF-E9AC64F0CB8C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {829EA23F-D50F-48F8-9B95-0830F909A4FA} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-05-18] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {A044EE4E-7B6D-4B0E-8770-073B3A46D511} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A7DC645B-0E63-4300-B22A-3663BFD2B55E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ADBA2B60-6D09-4AF7-845A-FE1961B0A2F0} - System32\Tasks\GoogleUpdateTaskMachineUA{093A0E87-F1C2-4462-B37B-613FF1EA3761} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-26] (Google LLC -> Google LLC)
Task: {BA1FC9BA-DEE2-4231-906E-CB07827A55EA} - System32\Tasks\Opera GX scheduled Autoupdate 1652367108 => C:\Users\Uporabnik\AppData\Local\Programs\Opera GX\launcher.exe [2462712 2022-07-25] (Opera Norway AS -> Opera Software)
Task: {BB924F0D-F18F-4184-AE72-9329A94D5194} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [192000 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
Task: {C19DF3EC-8AE8-485C-83F6-C7B10E75A5C5} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1653319739 => C:\Users\Uporabnik\AppData\Local\Programs\Opera GX\launcher.exe [2462712 2022-07-25] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Uporabnik\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {D8E4E359-2281-47C5-817A-C6234936C87B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E1C3F226-AACE-485E-86BE-0998ACE9038A} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [192000 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
Task: {E4D8DB10-8FEF-4583-BF9D-37F404222EE3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209248 2022-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB6AAD5D-D1FD-4403-9FD6-7C081126355B} - System32\Tasks\GoogleUpdateTaskMachineCore{F6312DFC-7934-464A-8719-7EF69689C58C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-26] (Google LLC -> Google LLC)
Task: {F49BCA67-DF81-4D8C-A671-9DCB691A0FDF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209248 2022-08-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F56438EF-9337-4721-90F9-7758FCA4E306} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F61B777E-90B1-4194-8F40-A75BB4D4EA49} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4fe77cfd-8847-4e70-a22f-b911537c9348}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e08c3838-817f-4deb-a06b-04a8e4a8b1f1}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Uporabnik\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-01]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-07-01] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-05-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-04-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-07-01] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Uporabnik\AppData\Local\Google\Chrome\User Data\Default [2022-08-28]
CHR Notifications: Default -> hxxps://aternos.org; hxxps://pchelpforum.net
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (MetaMask) - C:\Users\Uporabnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-08-17]
CHR Extension: (Plačila v spletni trgovini Chrome) - C:\Users\Uporabnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-28]
CHR Profile: C:\Users\Uporabnik\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-08-28]
CHR Profile: C:\Users\Uporabnik\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-08-19]
CHR Extension: (Google Dokumenti brez povezave) - C:\Users\Uporabnik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-10]
CHR Extension: (Plačila v spletni trgovini Chrome) - C:\Users\Uporabnik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-19]
CHR Profile: C:\Users\Uporabnik\AppData\Local\Google\Chrome\User Data\System Profile [2022-08-28]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3134029656-847882931-1988809457-1001) Opera GXStable - "C:\Users\Uporabnik\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [919328 2022-07-01] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-06-23] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9484248 2022-08-05] (Microsoft Corporation -> Microsoft Corporation)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [588208 2022-08-15] (Razer USA Ltd. -> Razer Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-06-22] (Epic Games Inc. -> Epic Games, Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2359424 2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2578792 2022-07-27] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3497840 2022-07-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-08-04] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2030624 2022-05-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [464416 2022-05-17] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [361336 2022-05-31] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300600 2022-07-25] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Update Service; C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe [408912 2020-04-02] (Razer USA Ltd. -> Razer)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [534440 2022-04-28] (Razer USA Ltd. -> Razer Inc.)
R2 RzThxSrv; C:\Windows\system32\RZTHXService.exe [357104 2020-04-26] (Razer USA Ltd. -> Razer)
R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [267088 2022-06-23] (Protected Antivirus Limited -> TotalAV) <==== ATTENTION
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6255896 2022-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4d7400884d0d52e3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Uporabnik\AppData\Roaming\Zoom"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [208176 2022-06-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [197176 2022-06-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [46704 2022-06-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321784 2022-05-18] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S0 ProtectedELAM; C:\Windows\System32\drivers\protected_elam.sys [17864 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> TODO: <Company name>)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0067; C:\Windows\System32\drivers\RzDev_0067.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_021e; C:\Windows\System32\drivers\RzDev_021e.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R2 SignalRgbDriver; C:\Windows\System32\Drivers\SignalRgbDriver.sys [25832 2022-05-03] (WHIRLWIND VIRTUAL REALITIES INC. -> )
R3 sRZTHXSpatial; C:\Windows\System32\drivers\RZTHXSpatial.sys [172024 2020-04-26] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
R3 VOICEMOD_Driver; C:\Windows\system32\drivers\mvvad.sys [48144 2022-07-04] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R1 webshieldfilter; C:\Windows\System32\drivers\webshieldfilter.sys [96264 2022-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ATTENTION
R2 WinRing0x64; C:\Windows\System32\Drivers\WinRing0x64.sys [14544 2022-05-03] (Noriyuki MIYAZAKI -> OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-28 15:37 - 2022-08-28 15:37 - 000031126 _____ C:\Users\Uporabnik\Downloads\FRST.txt
2022-08-28 15:36 - 2022-08-28 15:37 - 000000000 ____D C:\FRST
2022-08-28 15:26 - 2022-08-28 15:27 - 002371072 _____ (Farbar) C:\Users\Uporabnik\Downloads\FRST64.exe
2022-08-19 22:26 - 2022-08-19 22:26 - 000000289 _____ C:\Users\Uporabnik\Desktop\fredboat bot.txt
2022-08-19 14:42 - 2022-06-23 15:03 - 000208176 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2022-08-19 14:42 - 2022-06-23 15:03 - 000197176 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2022-08-19 14:42 - 2022-06-23 15:03 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2022-08-18 22:51 - 2022-07-04 13:28 - 000048144 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\mvvad.sys
2022-08-18 20:45 - 2022-08-18 20:45 - 000000000 ____D C:\Users\Uporabnik\Documents\FeedbackHub
2022-08-18 14:44 - 2022-08-18 14:44 - 000000000 ____D C:\Users\Uporabnik\Documents\TotalAV
2022-08-18 14:44 - 2022-06-23 15:03 - 000096264 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\webshieldfilter.sys
2022-08-18 14:41 - 2022-08-28 15:23 - 000001146 _____ C:\Users\Uporabnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2022-08-18 14:41 - 2022-08-28 15:23 - 000000000 ____D C:\Program Files (x86)\TotalAV
2022-08-18 14:41 - 2022-08-18 14:41 - 000001060 _____ C:\Users\Public\Desktop\TotalAV.lnk
2022-08-18 14:41 - 2022-08-18 14:41 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\GUI
2022-08-18 14:41 - 2022-08-18 14:41 - 000000000 ____D C:\ProgramData\TotalAV
2022-08-18 14:41 - 2022-08-18 14:41 - 000000000 ____D C:\ProgramData\SecuritySuite
2022-08-18 14:41 - 2022-06-23 15:03 - 000017864 _____ (TODO: <Company name>) C:\Windows\system32\Drivers\protected_elam.sys
2022-08-18 14:40 - 2022-08-18 14:41 - 057816512 _____ C:\Users\Uporabnik\Downloads\TotalAV_Setup.exe
2022-08-17 21:02 - 2022-08-17 21:02 - 000304835 _____ C:\Users\Uporabnik\Downloads\video-1660762831.mp4
2022-08-16 22:20 - 2022-08-16 22:20 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\Yandex
2022-08-15 20:58 - 2022-08-15 20:58 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-08-15 20:28 - 2022-08-17 13:24 - 000001157 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2022-08-12 15:03 - 2022-08-12 15:03 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2022-08-12 15:03 - 2022-08-12 15:03 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2022-08-12 15:03 - 2022-08-12 15:03 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-08-12 15:03 - 2022-08-12 15:03 - 000162304 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-08-12 15:03 - 2022-08-12 15:03 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-12 15:03 - 2022-08-12 15:03 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-12 15:03 - 2022-08-12 15:03 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-08-12 15:03 - 2022-08-12 15:03 - 000011803 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-08-12 14:58 - 2022-08-12 14:58 - 000000000 ___HD C:\$WinREAgent
2022-08-08 21:59 - 2022-08-09 22:23 - 000000040 _____ C:\Users\Uporabnik\Desktop\gmails.txt
2022-08-08 12:54 - 2022-06-24 02:17 - 000172304 _____ (Razer Inc) C:\Windows\system32\RazerS2S3CoinstallerEx.dll
2022-08-08 12:54 - 2022-06-24 02:17 - 000172288 _____ (Razer Inc) C:\Windows\system32\RazerS3CoinstallerEx.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-28 15:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-28 15:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-08-28 15:32 - 2022-04-29 12:38 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-28 15:32 - 2022-04-26 13:19 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-28 15:32 - 2022-04-26 13:19 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-08-28 15:32 - 2022-04-26 13:18 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-28 15:30 - 2022-04-26 13:08 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3134029656-847882931-1988809457-1001
2022-08-28 15:30 - 2022-04-26 13:07 - 000003386 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3134029656-847882931-1988809457-1001
2022-08-28 15:30 - 2022-04-26 13:05 - 000002401 _____ C:\Users\Uporabnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-28 15:27 - 2022-04-26 13:11 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI
2022-08-28 15:27 - 2022-04-26 13:05 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-28 15:27 - 2022-04-26 13:05 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-08-28 15:27 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-08-28 15:25 - 2022-05-01 10:52 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-28 15:24 - 2022-04-26 13:19 - 000000000 ____D C:\Users\Uporabnik\AppData\Roaming\discord
2022-08-28 15:24 - 2022-04-26 13:19 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\Discord
2022-08-28 15:23 - 2022-06-18 19:42 - 000003984 _____ C:\Windows\system32\Tasks\RazerCortexScheduleClean
2022-08-28 15:23 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-28 15:23 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-08-28 15:22 - 2022-04-26 13:10 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-08-28 15:22 - 2022-04-26 13:10 - 000000000 __SHD C:\Users\Uporabnik\IntelGraphicsProfiles
2022-08-28 15:22 - 2022-04-26 12:50 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-28 15:22 - 2022-04-26 12:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-08-28 15:22 - 2022-04-26 12:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-08-19 16:18 - 2022-05-02 17:57 - 000001445 _____ C:\Users\Uporabnik\Desktop\Roblox Studio.lnk
2022-08-19 16:18 - 2022-05-02 17:57 - 000000255 _____ C:\Users\Uporabnik\AppData\LocalLow\rbxcsettings.rbx
2022-08-19 16:18 - 2022-05-02 17:57 - 000000000 ____D C:\Users\Uporabnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-08-19 15:26 - 2022-06-04 20:24 - 000000000 ____D C:\ProgramData\Voicemod
2022-08-19 15:09 - 2022-06-04 20:24 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\Voicemod
2022-08-19 11:08 - 2022-04-30 21:38 - 000000000 ____D C:\Users\Uporabnik\AppData\Roaming\.minecraft
2022-08-18 22:51 - 2022-06-04 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voicemod
2022-08-18 22:51 - 2022-06-04 20:24 - 000000000 ____D C:\Program Files\Voicemod Desktop
2022-08-18 14:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-08-17 21:58 - 2022-05-02 18:13 - 000001425 _____ C:\Users\Uporabnik\Desktop\Roblox Player.lnk
2022-08-17 13:24 - 2022-05-02 21:40 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\CrashDumps
2022-08-17 13:24 - 2022-04-28 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Cortex
2022-08-17 13:24 - 2022-04-28 11:04 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\Razer
2022-08-17 08:49 - 2022-04-26 13:04 - 000003678 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-17 08:49 - 2022-04-26 13:04 - 000003554 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-16 22:21 - 2022-04-26 13:07 - 000000000 ___RD C:\Users\Uporabnik\OneDrive
2022-08-15 20:58 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-08-15 20:57 - 2022-04-26 13:11 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-15 14:19 - 2022-06-28 10:18 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-08-15 14:04 - 2022-05-25 17:14 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\Ubisoft Game Launcher
2022-08-15 12:12 - 2022-04-28 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-08-15 12:11 - 2022-04-28 11:03 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-08-14 17:39 - 2022-04-26 13:05 - 000000000 ____D C:\ProgramData\Packages
2022-08-12 15:21 - 2022-04-26 12:50 - 000295120 _____ C:\Windows\system32\FNTCACHE.DAT
2022-08-12 15:21 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-08-12 15:20 - 2019-12-07 16:51 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-08-12 15:20 - 2019-12-07 16:51 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-12 15:20 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-08-12 15:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-08-12 15:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-08-12 15:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-08-12 15:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-08-12 15:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-08-12 15:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-08-12 15:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-08-12 15:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-08-12 15:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-08-12 15:05 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-08-12 15:03 - 2022-04-26 12:52 - 003011072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-08-12 14:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2022-08-12 14:57 - 2022-04-26 13:09 - 000000000 ____D C:\Windows\system32\MRT
2022-08-12 14:54 - 2022-04-26 13:09 - 144534560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-08-11 12:46 - 2022-04-26 13:05 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\D3DSCache
2022-08-11 10:07 - 2022-04-26 13:19 - 000002247 _____ C:\Users\Uporabnik\Desktop\Discord.lnk
2022-08-10 12:11 - 2022-06-07 18:46 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2022-08-10 10:41 - 2022-05-01 10:17 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\BattlEye
2022-08-10 10:36 - 2022-06-05 12:13 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\Origin
2022-08-10 10:36 - 2022-06-05 12:13 - 000000000 ____D C:\ProgramData\Origin
2022-08-08 20:33 - 2022-06-28 10:18 - 000002325 _____ C:\Users\Uporabnik\Desktop\CurseForge.lnk
2022-08-08 20:33 - 2022-06-28 10:14 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\Overwolf
2022-08-08 14:45 - 2022-06-25 22:29 - 000000000 ____D C:\Users\Uporabnik\AppData\Local\ElevatedDiagnostics
2022-08-02 15:30 - 2022-06-07 18:56 - 000001999 _____ C:\Users\Uporabnik\Desktop\7DS.lnk
2022-07-31 19:55 - 2022-04-30 21:23 - 002754000 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2022-07-31 19:55 - 2022-04-30 21:23 - 000234960 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2022-07-31 19:55 - 2022-04-30 21:23 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2022-07-31 19:54 - 2022-04-30 21:23 - 000402904 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2022-07-31 19:54 - 2022-04-30 21:23 - 000198096 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2022-07-31 19:54 - 2022-04-30 21:23 - 000144856 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2022-07-31 19:54 - 2022-04-30 21:23 - 000067032 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2022-07-29 19:18 - 2022-05-12 16:51 - 000004250 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1652367108
2022-07-29 19:18 - 2022-05-12 16:51 - 000001512 _____ C:\Users\Uporabnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera GX Browser.lnk

==================== Files in the root of some directories ========

2022-07-01 22:06 - 2022-07-01 22:06 - 000000360 _____ () C:\Users\Uporabnik\AppData\Local\karboncalligraphyrc
2022-06-25 17:41 - 2022-07-16 13:13 - 000005144 _____ () C:\Users\Uporabnik\AppData\Local\krita-sysinfo.log
2022-06-25 17:41 - 2022-07-16 13:13 - 000011094 _____ () C:\Users\Uporabnik\AppData\Local\krita.log
2022-07-16 13:13 - 2022-07-16 13:13 - 000000039 _____ () C:\Users\Uporabnik\AppData\Local\kritadisplayrc
2022-06-25 17:41 - 2022-07-16 13:13 - 000021066 _____ () C:\Users\Uporabnik\AppData\Local\kritarc
2022-07-02 08:31 - 2022-07-02 08:31 - 000000000 _____ () C:\Users\Uporabnik\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

[Malnutrition]

i have problem most of things are in slovene

Not a problem. I will use translation software