Start::
CreateRestorePoint:
ProxyEnable: [S-1-5-21-2354758137-1344541848-85165862-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-2354758137-1344541848-85165862-1001] => http=127.0.0.1:8099;https=127.0.0.1:8099
Tcpip\..\Interfaces\{003c1d04-9cc0-425e-9ba9-77c7cd3a0ad7}: [NameServer] 185.132.176.153,185.132.176.153
Tcpip\..\Interfaces\{8ee17ebd-c1ba-48e6-9419-35e4c75e6521}: [NameServer] 185.132.176.153,185.132.176.153
Tcpip\..\Interfaces\{9339a756-15af-11e9-b045-806e6f6e6963}: [NameServer] 185.132.176.153,185.132.176.153
ManualProxies: 1http=127.0.0.1:8099;https=127.0.0.1:8099
CHR HKU\S-1-5-21-2354758137-1344541848-85165862-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gndelhfhcfbdhndfpcinebijfcjpmpec]
2020-01-26 13:19 - 2020-01-26 13:19 - 000000000 ____D C:\ProgramData\Orbit
AlternateDataStreams: C:\Users\Евгений\Application Data:77a575add9465d78c606d381e5f202fb [394]
AlternateDataStreams: C:\Users\Евгений\AppData\Roaming:77a575add9465d78c606d381e5f202fb [394]
HKU\S-1-5-21-2354758137-1344541848-85165862-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
EmptyTemp:
Reboot:
End::