Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-09-2019 01
Ran by jenko (21-09-2019 12:04:52)
Running from C:\Users\jenko\Desktop
Windows 10 Home Version 1803 17134.885 (X64) (2019-04-06 08:51:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-878642183-179417398-4255577951-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-878642183-179417398-4255577951-503 - Limited - Disabled)
Guest (S-1-5-21-878642183-179417398-4255577951-501 - Limited - Disabled)
jenko (S-1-5-21-878642183-179417398-4255577951-1001 - Administrator - Enabled) => C:\Users\jenko
WDAGUtilityAccount (S-1-5-21-878642183-179417398-4255577951-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.8.2 - Advanced Micro Devices, Inc.)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\Uplay Install 4) (Version:  - Ubisoft)
Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version:  - Ubisoft)
Assassin's Creed Syndicate (HKLM-x32\...\Uplay Install 1875) (Version: 1.51 - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Care Center Service (HKLM\...\{7409ED35-2013-4F8D-9C06-61B70E807660}) (Version: 3.00.3007 - Acer Incorporated)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{4A02DCED-C2B0-4DD3-87BD-7D8E68D6AF3C}) (Version: 0.8.6.75 - Dolby Laboratories, Inc.)
Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{1CE8E9F0-4D99-4C80-B3CB-4A19C083B2B5}) (Version: 12.2.29.0 - ESET, spol. s r.o.)
FastShare.cz verze 2.4.0 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.4.0 - )
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.61.54442 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Kingdom Come Deliverance Band of Bastards (HKLM-x32\...\Kingdom Come Deliverance Band of Bastards_is1) (Version:  - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.24 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Excel 2019 - cs-cz (HKLM\...\Excel2019Retail - cs-cz) (Version: 16.0.11929.20300 - Microsoft Corporation)
Microsoft PowerPoint 2019 - cs-cz (HKLM\...\PowerPoint2019Retail - cs-cz) (Version: 16.0.11929.20300 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Word 2019 - cs-cz (HKLM\...\Word2019Retail - cs-cz) (Version: 16.0.11929.20300 - Microsoft Corporation)
MTG Arena (HKLM-x32\...\{72DBDCDA-AFF1-4F79-A64B-1DCB92FA00BE}) (Version: 0.1.1615 - Wizards of the Coast)
NitroSense Service (HKLM-x32\...\{6FC78E80-6385-43D6-8A43-FA80094F1A2E}) (Version: 3.01.3000 - Acer Incorporated)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{60499BF0-C3D1-40CC-8600-8A7246534466}) (Version: 1.00.0000 - Název společnosti:)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.47.29954 - Electronic Arts, Inc.)
Pro Evolution Soccer 2019 (HKLM-x32\...\{879B9B7F-6AAF-4686-A7FC-E937EE6BE37B}_is1) (Version:  - KONAMI)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10477 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.455 - Qualcomm Atheros)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3002 - Acer Incorporated)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.21304 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8351 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.4.116 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.2.5 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
User Experience Improvement Program Service (HKLM\...\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}) (Version: 4.00.3004 - Acer Incorporated)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{1B52322C-EEDB-42CE-BF10-DC577E89DDB6}) (Version: 3.1.1708.2943 - SplitmediaLabs)

Packages:
=========
Acer Collection S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollectionS_1.0.3004.0_x64__48frkmn4z8aw4 [2019-04-05] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3010.0_x64__48frkmn4z8aw4 [2019-04-27] (Acer Incorporated)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.15.15.0_x86__kgqvnymyfvs32 [2019-08-11] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1550.4.0_x86__kgqvnymyfvs32 [2019-07-15] (king.com)
Care Center -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenter_3.0.3007.0_x64__48frkmn4z8aw4 [2019-07-14] (Acer Incorporated)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_5.0.0.3_x86__m9bz608c1b9ra [2019-06-10] (Nordcurrent)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-19] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-05] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-11] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1098.1000_x86__8wekyb3d8bbwe [2019-05-23] (Microsoft Corporation)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
NitroSense_V31 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseV31_3.1.2000.0_x64__48frkmn4z8aw4 [2018-12-12] (Acer Incorporated)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2019-06-12] (CYBERLINK COM CORP)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2018-12-12] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3002.0_x64__48frkmn4z8aw4 [2018-12-12] (Acer Incorporated)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3004.0_x64__48frkmn4z8aw4 [2018-12-12] (Acer Incorporated)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-878642183-179417398-4255577951-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\jenko\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-878642183-179417398-4255577951-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\jenko\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-878642183-179417398-4255577951-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\jenko\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-09-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-09-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-08-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-09-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-09-19 13:40 - 2019-09-19 13:40 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-09-19 13:40 - 2019-09-19 13:40 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-09-19 13:40 - 2019-09-19 13:40 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-09-19 13:40 - 2019-09-19 13:40 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-08-23 13:38 - 2019-08-23 13:38 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 13:00 - 2019-01-08 13:00 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-878642183-179417398-4255577951-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-878642183-179417398-4255577951-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3C03E776-C71E-41C8-85D5-0D25CE1F498B}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{8BDCE903-A12A-4059-8D37-A43ED079D4FD}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{F148E474-B503-4A0A-8CF7-CA7215050A87}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{63C3AB28-254A-41BB-B56B-18DA99963DE6}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe (SplitmediaLabs Limited -> SplitmediaLabs Limited)
FirewallRules: [{08ABA323-FECC-431F-81A3-B32516DFE9E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11425.20202.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4FB0DB3-432F-4BD2-A563-E910F0CF8F25}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe No File
FirewallRules: [{FDF14B7B-7A4A-4688-9D1D-B10CA57DA1B6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe No File
FirewallRules: [TCP Query User{89FC9FA9-7D51-444A-B8DF-AC2F5E4DB1DA}C:\program files (x86)\fifa19\fifa19.exe] => (Allow) C:\program files (x86)\fifa19\fifa19.exe No File
FirewallRules: [UDP Query User{50348C5E-61F0-4C98-AAE9-772E4240BA71}C:\program files (x86)\fifa19\fifa19.exe] => (Allow) C:\program files (x86)\fifa19\fifa19.exe No File
FirewallRules: [TCP Query User{56352730-34A5-4BE9-99AA-47E95AC9A4E7}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{735EBC96-3EBC-4EEF-834D-4D5FF79770A7}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{1A30A941-7658-434B-8870-9D1E608521B9}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{39121CDE-1FAD-422E-BB14-FCD725BB9BF7}C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance band of bastards\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{D6A01EDC-6722-42D3-812B-BB3F4F1F7DB3}C:\program files (x86)\fifa19\fifa19.exe] => (Allow) C:\program files (x86)\fifa19\fifa19.exe No File
FirewallRules: [UDP Query User{A7ABA3E3-BA5A-4042-B85C-D1C022F946B7}C:\program files (x86)\fifa19\fifa19.exe] => (Allow) C:\program files (x86)\fifa19\fifa19.exe No File
FirewallRules: [{AF7C5384-E52C-4306-9330-26CEA1D7E6C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3EA9D186-5C84-4039-ABCA-8E51C35A8BDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B4270167-8395-4925-8633-D9606E83504C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{CA5A5CA7-3230-4A13-9E48-13453A43E738}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{03D12932-6FE5-4C88-B775-16D5C21C6CDD}C:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Allow) C:\program files (x86)\origin games\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{B708DF7D-D03D-41C1-9FE8-FAE8DDF780AA}C:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Allow) C:\program files (x86)\origin games\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9E7F1561-4EA1-4709-AE17-FC130A2F0F01}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{6472B83D-70C9-41CF-8236-157465BE7F97}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{A8A2B8AD-9F00-477F-9243-999A01AC145A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{8C4ABF96-A27C-40C3-BB9D-ED24B28F5E82}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{389D58E3-63A0-491B-B36A-5513F8FC1FB2}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Block) C:\program files (x86)\origin games\battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{CD469F9B-C1E0-47D6-8AEF-1BDEF707B3A0}C:\program files (x86)\origin games\battlefield 1\bf1.exe] => (Block) C:\program files (x86)\origin games\battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{75BF2415-DADF-4708-AEAC-DA1B567AD376}C:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Block) C:\program files (x86)\origin games\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{E1ECA016-A9AA-4540-A5DA-E4AE9F3F5004}C:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Block) C:\program files (x86)\origin games\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{211E7894-49AB-4093-B067-9747DFD5F2A0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6D1E74FF-77DD-4E13-B012-59191C10EC02}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8084C916-8241-47E1-B01B-8BAD78CE67D0}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{D029DDD4-6FF9-464A-95B5-BC49B6330A05}] => (Allow) C:\Program Files\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{6DB7E9C0-254A-4628-8F29-A26463D2BFA4}] => (Allow) C:\Program Files\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{1A6A0D24-D71B-473E-82E9-A97583B0F3B6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Syndicate\ACS.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{C25EA4C6-38B7-43C0-894C-671E0A25BDEB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Origins\ACOrigins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{6E905350-45B5-40AC-8F04-7E50110F48B1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Origins\ACOrigins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{65EC9581-6BA5-4DD7-A724-03E7FE4FE8E8}C:\program files\assassin's creed unity\acu.exe] => (Allow) C:\program files\assassin's creed unity\acu.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [UDP Query User{31D4968A-BDDB-45F3-B600-C269F1965822}C:\program files\assassin's creed unity\acu.exe] => (Allow) C:\program files\assassin's creed unity\acu.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{11794B7A-7B32-4787-A594-E5139577BDDB}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{F74EFEE0-FF82-4667-87EE-596C448132DF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{4FEF9B4E-30CA-4E09-A5DB-520FD68254FC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{B0B32701-5088-4A4E-B27A-9FE9F84563CC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{B746100E-68FB-4B9A-BB4D-B937C0C41617}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{61156DAD-ECAD-47D0-B813-9CD358245AD9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{18A790EC-1222-403F-AF0B-A53FBDDAE36A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{4D976782-370D-488F-B176-F08061646457}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{92BB5948-0CC2-43F5-818B-35C1133A3918}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [{3D10021E-87B4-46AE-BCE4-E3ADC2A34DA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe (Fatalist Development -> )
FirewallRules: [{171C7BF6-2549-4B62-8126-9CBACFD6E973}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{C25EBCA9-F25F-46DA-AFD4-C160DCAAB923}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe (WARNER BROS. ENTERTAINMENT INC. -> Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [{8C37B44C-52CB-4B35-A3EE-CBE46BAB11FB}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{3D0AE1B9-1BC5-42DF-BB59-50846F7EA1EA}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{891ED943-B571-4809-8A24-CEC1AEBAD3B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{5545A4E2-74CA-4CF1-BB22-D1A785436541}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{669684CC-E875-4E6A-868D-F1359344A4FB}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe No File
FirewallRules: [{5E7A4F03-9FDD-4062-A29E-73B4D577729B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe No File
FirewallRules: [{09477369-571D-42CA-B047-27F61B79B8D5}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe No File
FirewallRules: [{39F7D605-7B2D-45D3-8183-DBCF5EA3F0A2}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe No File
FirewallRules: [{758CE3EC-65E4-4CD0-B804-76E95EB74082}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{9675EF72-625B-4457-88F5-0304C9FCECE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [TCP Query User{584D90AF-1451-4F8E-A000-A846391C00F8}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{B492A4E9-8516-4EEF-93D1-0827F657FA8E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{B47FA071-58F6-407E-AC54-A62F43C1BBBB}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{2DA09A93-2CFE-4500-9158-709CFB738DD7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{47F260B3-F06E-4CC6-A755-B2436C99DC00}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{90BDD7DC-F7E3-413C-A2A3-44AF4E5FA1D8}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [TCP Query User{886AB9E3-C4D5-488F-98FD-BB9DF582555A}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe No File
FirewallRules: [UDP Query User{720D3C35-7ACF-4E84-BE0C-8C3683E91DBF}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe No File
FirewallRules: [TCP Query User{38F42131-498E-4B12-B5B3-DAA7064572B0}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{E7787784-C13F-4F17-AFA0-7FC4C3E61967}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [TCP Query User{229BEC48-8E37-4CCD-8296-945877CF4BC7}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{08308754-745D-4965-A86E-ABF7F9938981}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [TCP Query User{AF2A5F78-6D34-4D43-8446-521B5592DD42}C:\program files (x86)\valve\portal 2\portal2.exe] => (Block) C:\program files (x86)\valve\portal 2\portal2.exe No File
FirewallRules: [UDP Query User{4B10CF1D-4880-4497-9279-812F01416E7D}C:\program files (x86)\valve\portal 2\portal2.exe] => (Block) C:\program files (x86)\valve\portal 2\portal2.exe No File
FirewallRules: [{1B5CD090-26E6-429E-8C54-A78827626E03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{51A20950-F92F-477D-9B65-CEF4196F54D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6C9F835D-349C-4216-9136-5FE7ABFC2DA5}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{465F3E7B-A7B4-4FDE-A603-A0B747AFA596}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8AC21405-AE75-4714-B6A6-5A8EF8F3EABF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [{84686E0B-9C89-4A8F-943E-3E2BF637AED3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [{3EED45A0-18D6-4B4C-A4B8-E930E0545530}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{28EA0181-E8F5-4B34-9593-B4934B969698}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [TCP Query User{91C3CE77-48EB-47DE-8CB1-71FD8DFCC637}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe () [File not signed]
FirewallRules: [UDP Query User{A51AA2CB-F9E6-457D-BE53-F2D1DFDEAB25}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe () [File not signed]
FirewallRules: [{E504B008-A29C-477F-B2D5-7BBCA3635E56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe (Warner Bros. Interactive Entertainment) [File not signed]
FirewallRules: [{1CDFA1A8-ABE4-4A3D-B2A6-C6A01D10D0D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe (Warner Bros. Interactive Entertainment) [File not signed]
FirewallRules: [{5C56EADD-1651-4D59-9CD8-843DC471C8F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{85D1BCBF-ADCE-4D64-B59B-87B19B511A5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\L.A.Noire\LANLauncher.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{04B4FA53-B9CF-4288-B19F-360C0FDB159D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{95CA2188-FA39-41BB-AEBA-4F3AE1E87B1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\eFootball PES 2020 DEMO\PES2020.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{DB741E70-3A83-4440-9C9B-E7D70402513C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\eFootball PES 2020 DEMO\PES2020.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{72A3F96E-7A5A-41B4-AB87-32999250D6D9}C:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe No File
FirewallRules: [UDP Query User{40437ABB-C9EF-44C2-8600-BADADA3A7D90}C:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 20 demo\fifa20_demo.exe No File
FirewallRules: [{EB8B32B3-A9B8-40A3-B038-165A4141DCEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{70D7A412-C6F7-47EF-8CB5-5B9B0172F9EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)

==================== Restore Points =========================

19-09-2019 13:00:40 Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2019 11:19:33 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
   Spouštění asynchronní operace

Kontext:
   Aktuální stav: DoSnapshotSet

Error: (09/21/2019 11:18:19 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
   Shromažďování dat modulu pro zápis

Kontext:
   ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
   Název modulu pro zápis: System Writer
   ID instance modulu pro zápis: {0e030aec-66e0-489b-9bd5-283473aada81}

Error: (09/21/2019 10:40:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 76.0.3809.132 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1f30

Čas spuštění: 01d5705607ab37e0

Čas ukončení: 60000

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 6404839b-15ba-4dc7-8d49-c497d85ea057

Úplný název balíčku s chybou: 

ID aplikace související s balíčkem s chybou:

Error: (09/21/2019 10:28:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Encrypt.exe, verze: 4.0.3004.0, časové razítko: 0x5b339394
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.885, časové razítko: 0x59816e73
Kód výjimky: 0xe0434352
Posun chyby: 0x00112cf2
ID chybujícího procesu: 0x25d8
Čas spuštění chybující aplikace: 0x01d57056850a0362
Cesta k chybující aplikaci: C:\Program Files\Acer\User Experience Improvement Program Service\Plugin\AppMonitor\Encrypt.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 9ee3a3d1-d88e-428f-a351-e39ae251950a
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (09/21/2019 10:28:18 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Encrypt.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Security.Cryptography.CryptographicException
   na System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[], Int32, Int32)
   na System.Security.Cryptography.CryptoStream.FlushFinalBlock()
   na Encryption.AES.DecryptFile(System.String, System.String)
   na UBTService.Program.Main(System.String[])

Error: (09/21/2019 10:27:23 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (09/20/2019 03:42:03 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\Windows\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (09/20/2019 03:42:00 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.


System errors:
=============
Error: (09/21/2019 11:50:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/21/2019 11:50:10 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RGDL3MG9)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli LAPTOP-RGDL3MG9\jenko (SID: S-1-5-21-878642183-179417398-4255577951-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/21/2019 11:29:31 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (09/21/2019 11:27:14 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RGDL3MG9)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli LAPTOP-RGDL3MG9\jenko (SID: S-1-5-21-878642183-179417398-4255577951-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/21/2019 11:24:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/21/2019 11:24:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (09/21/2019 11:24:53 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/21/2019 11:24:53 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info =========================== 

BIOS: Insyde Corp. V1.11 10/30/2018
Motherboard: RR Freed_RRS
Processor: AMD Ryzen 5 2500U with Radeon Vega Mobile Gfx 
Percentage of memory in use: 37%
Total physical RAM: 7068.39 MB
Available physical RAM: 4430.04 MB
Total Virtual: 13468.39 MB
Available Virtual: 8938.24 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:150.43 GB) NTFS

\\?\Volume{e46129f0-06c6-4373-96b5-1b11c0153b8c}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.62 GB) NTFS
\\?\Volume{7c8c1c29-eb86-4035-a4ae-1a3eef7cdd71}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================