Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2019
Ran by LEGION-Y520 (27-10-2019 19:24:38)
Running from C:\Users\cccccccccccccccccccc\Desktop
Windows 10 Pro Version 1809 17763.805 (X64) (2018-12-29 19:59:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2662234876-99792091-3662101863-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2662234876-99792091-3662101863-503 - Limited - Disabled)
Guest (S-1-5-21-2662234876-99792091-3662101863-501 - Limited - Disabled)
LEGION-Y520 (S-1-5-21-2662234876-99792091-3662101863-1001 - Administrator - Enabled) => C:\Users\cccccccccccccccccccc
WDAGUtilityAccount (S-1-5-21-2662234876-99792091-3662101863-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . (HKLM\...\{E24348A6-82E6-4FC7-BE14-189265418B30}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{0F58DF31-E2D8-45BE-AD43-D31D8707ACA1}) (Version: 3.7.0.8 - Intel) Hidden
4game (HKLM-x32\...\4game2.0) (Version: 1.0.0.135 - Innova Co. SARL)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.270 - Adobe)
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
AIMP (HKLM-x32\...\AIMP) (Version: v4.60.2146, 28.08.2019 - AIMP DevTeam)
Aktualizace NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.4 - Electronic Arts, Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
AVIcodec (remove only) (HKLM-x32\...\AVIcodec) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boom 3D (HKLM\...\{6E0CA788-5CD0-4366-A5BD-B67676B978C3}) (Version: 1.0.10 - Global Delight)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden
D-Link Connection Manager v3.0.3EU (HKLM-x32\...\Broad Mobi HSPA Modem Normal Version_is1) (Version:  - )
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
DS502 GAMING Headset (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006620}) (Version: 1.00.0019 - )
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - )
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.61.54442 - Electronic Arts)
Gameforge Login MS2 (HKLM-x32\...\{703bd6d7-79c0-4005-8cd7-89522a05a546}_is1) (Version: 1.3.39 - Gameforge)
GameRanger (HKU\S-1-5-21-2662234876-99792091-3662101863-1001\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.120 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
iCloud (HKLM\...\{E3597C85-5970-4166-BE96-ED1D18CD1088}) (Version: 7.14.0.29 - Apple Inc.)
Intel(R) Computing Improvement Program (HKLM\...\{93FE134F-7678-4D90-A849-6FF6EB28CCDF}) (Version: 2.4.04289 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{e03c7229-07fa-483d-a64f-55e545a2e21d}) (Version: 3.7.0.8 - Intel)
IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
iTunes (HKLM\...\{14943541-6C82-4EE1-9D16-99A8170DA62F}) (Version: 12.10.1.4 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Lineage II (HKLM-x32\...\{21040472-F8DF-48A9-A093-2986C1495670}) (Version: 170.0.0 - NCsoft)
LineageII Classic EU (HKLM-x32\...\4game2.0_cl-eu_live) (Version: cleu-P.180905.17.04.01 - Innova Co. SARL)
MediaInfo 19.04 (HKLM\...\MediaInfo) (Version: 19.04 - MediaArea.net)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{CFF44AE9-2908-4D7D-B48B-1CB5139015C7}) (Version: 1.0.0.0 - Mojang)
Mp3tag v2.95 (HKLM-x32\...\Mp3tag) (Version: 2.95 - Florian Heidenreich)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.94 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.43.28287 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.136.0.10 - Overwolf Ltd.)
Ovládací panel NVIDIA 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.86 - NVIDIA Corporation) Hidden
Peace (HKLM\...\Peace) (Version: 1.5.2.0 - P.E. Verbeek)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{33AABC60-A52F-41FF-B2B9-17321240CD5}) (Version: 1.215.243 - REALTEK Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2662234876-99792091-3662101863-1001\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-2662234876-99792091-3662101863-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
uTorrent Web (HKU\S-1-5-21-2662234876-99792091-3662101863-1001\...\utweb) (Version: 0.18.2 - BitTorrent, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-3) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-4) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-5) (Version: 1.0.54.1 - Intel Corporation Inc.)
WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version:  - Blizzard Entertainment)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1621.1.0_x86__kgqvnymyfvs32 [2019-10-23] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_6.0.0.3_x86__m9bz608c1b9ra [2019-10-09] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2058.0_x64__rz1tebttyb220 [2019-09-05] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-30] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-09] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-10-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-04-18] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-10-01] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-04-18] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-10-12] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-04-18] (Florian Heidenreich) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxDTCM.dll [2017-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\ShellEx.dll [2019-10-12] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ==================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\cccccccccccccccccccc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVIcodec\Website.lnk -> hxxp://avicodec.duby.info

==================== Loaded Modules (Whitelisted) ==============

2019-05-06 19:07 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2019-05-06 19:07 - 2016-10-08 16:03 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2019-06-10 12:21 - 2019-06-10 12:21 - 000668160 _____ () [File not signed] C:\Program Files\EqualizerAPO\EqualizerAPO.dll
2017-07-08 11:52 - 2017-07-08 11:52 - 002983917 _____ () [File not signed] C:\Program Files\EqualizerAPO\libfftw3f-3.dll
2015-11-22 21:05 - 2015-11-22 21:05 - 001530880 _____ () [File not signed] C:\Program Files\EqualizerAPO\libsndfile-1.dll
2019-05-06 19:07 - 2016-10-08 16:04 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

==================== Internet Explorer trusted/restricted ===============

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-10-15 19:35 - 2019-10-15 19:35 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

2019-06-20 19:30 - 2019-10-23 20:04 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2662234876-99792091-3662101863-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\cccccccccccccccccccc\Desktop\house_fairy_tale_art_light_night_101615_1920x1200.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "GameZone"
HKU\S-1-5-21-2662234876-99792091-3662101863-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{9AF918EA-D36A-4C13-B3BF-BACF12D456C7}C:\users\cccccccccccccccccccc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cccccccccccccccccccc\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{2C87C0E2-836D-4FE4-849D-B1131A2FE394}C:\users\cccccccccccccccccccc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cccccccccccccccccccc\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{94EBF72C-F8A1-46F7-945A-A2B2699A7BFB}C:\program files\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{611525B5-A929-4F60-8F63-7CDD10A37A14}C:\program files\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{9FAFA98F-675E-4637-8D01-89C39D179C7F}] => (Allow) C:\Program Files\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{A9BBF73E-808D-41F6-8E6B-99265DFD930F}] => (Allow) C:\Program Files\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{EA055E00-F067-49E1-8F8D-8E3DFE3D8761}] => (Allow) C:\Program Files\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{91DEC1A3-57C8-469E-81C3-D17A8760B479}] => (Allow) C:\Program Files\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{C4C9097A-C073-46E1-9BAF-6E5AEAF9EB2B}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C26A2706-1D5C-4976-A608-828075D5655F}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EA43BF56-2F81-4FDE-8366-F4658B1717FC}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{405B5EB4-2E0F-48FF-983B-841F2D5590BC}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{4AE83D8C-E998-454E-BE75-E2831544BC05}C:\program files\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{EDB3440E-2381-4439-91CD-0EF53161CC5F}C:\program files\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{05BF548F-68F5-4562-BA7C-FA19B6C7A216}] => (Allow) C:\Program Files\Steam\steamapps\common\Black Desert Online\Black Desert Online Steam Launcher.exe (Kakao Games Europe B.V. -> KakaoGames USA Inc.)
FirewallRules: [{935EB627-93BE-4D6B-86BF-ABCAA0C14DD9}] => (Allow) C:\Program Files\Steam\steamapps\common\Black Desert Online\Black Desert Online Steam Launcher.exe (Kakao Games Europe B.V. -> KakaoGames USA Inc.)
FirewallRules: [{E6D449A0-D484-442E-9507-7D42D06C130B}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{E57E3428-4B90-4EDA-9CAC-7DEE26F1E973}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{CFB81D8E-822B-4AB2-AE05-71689BF474D5}] => (Allow) C:\Program Files\Steam\steamapps\common\DiRT Rally\drt.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{1072B864-4154-437A-A934-0E57EFFFCAB7}] => (Allow) C:\Program Files\Steam\steamapps\common\DiRT Rally\drt.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{E726DF79-AD26-497D-942D-084CB66AED0F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7B546A1B-B88B-47F2-9093-93870177F91C}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{29A7029B-8774-4F1D-A59D-FFFCCD4CC4FE}] => (Allow) C:\Program Files\Steam\steamapps\common\MorphVOX Pro\MorphVOXPro.exe (Screaming Bee Inc -> Screaming Bee)
FirewallRules: [{976A5EA6-BBA3-465F-A53F-EB7C94A8716B}] => (Allow) C:\Program Files\Steam\steamapps\common\MorphVOX Pro\MorphVOXPro.exe (Screaming Bee Inc -> Screaming Bee)
FirewallRules: [{F49B0012-5314-4098-A620-F2C9B98C2943}] => (Allow) C:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe ( ) [File not signed]
FirewallRules: [{D75CD3F2-39DC-419A-AFD0-D8288C20F867}] => (Allow) C:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe ( ) [File not signed]
FirewallRules: [{99016630-C190-468A-8940-A4A8B62BB913}] => (Allow) C:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe ( ) [File not signed]
FirewallRules: [{B68CA340-1ACD-4345-8F5D-08978E8A330B}] => (Allow) C:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe ( ) [File not signed]
FirewallRules: [TCP Query User{EAC1013B-9D91-436E-95F4-4FC44CE502CF}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{A9090B92-BFC8-4B9B-B53E-33C3F6FD7A68}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1A793573-C6ED-4479-BF10-9C85ABEFE1F1}] => (Allow) C:\Program Files\Steam\steamapps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [{A055017E-F845-434C-8EF6-E2D8893CD734}] => (Allow) C:\Program Files\Steam\steamapps\common\Blackwake\Blackwake.exe () [File not signed]
FirewallRules: [{760FD1CC-A7E0-4D8E-9DA7-54A15263A47C}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{A6B5B62C-0409-4906-80D2-D70711AD9182}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{96C096F9-178A-450D-B034-439315E43E5D}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{27FFD357-49C1-4EA2-A609-36F86D00F600}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{49B104D1-ED3D-424E-80EF-17AB609CBDB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{75D40867-20F6-4CE6-BCC8-AE06209F193D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{EC85CCF3-7385-4D8D-9F08-862500D658B9}C:\users\cccccccccccccccccccc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cccccccccccccccccccc\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{5263811B-6FEB-4F4E-8A59-D802C7214D37}C:\users\cccccccccccccccccccc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\cccccccccccccccccccc\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5E2F78C3-07C4-4492-8232-D8556B2013EB}] => (Allow) C:\Program Files\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe () [File not signed]
FirewallRules: [{39EDA037-0F17-4012-BA75-16C518B3F814}] => (Allow) C:\Program Files\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe () [File not signed]
FirewallRules: [{F686C8C7-6431-45B0-BBEC-6C5527519481}] => (Allow) C:\Program Files\Steam\steamapps\common\WW1GameSeries\WW1 Game Series.exe () [File not signed]
FirewallRules: [{FF582CDA-053D-4818-82B8-D51C3742A9AF}] => (Allow) C:\Program Files\Steam\steamapps\common\WW1GameSeries\WW1 Game Series.exe () [File not signed]
FirewallRules: [{963C03F4-347A-4995-8E5A-5C3B48457D4F}] => (Allow) C:\Program Files\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{AC1C4C83-452C-4C5A-933F-73C98BEA9E59}] => (Allow) C:\Program Files\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{35DD70F2-0368-468E-AB24-755CBB64F5E8}] => (Allow) C:\Program Files\Steam\steamapps\common\Gothic 3\Gothic3.exe (Nordic Games GmbH) [File not signed]
FirewallRules: [{34F10866-71C4-4B9F-BC20-7649549B9842}] => (Allow) C:\Program Files\Steam\steamapps\common\Gothic 3\Gothic3.exe (Nordic Games GmbH) [File not signed]
FirewallRules: [{07E49EF1-7823-4D85-B561-1B3C5B29674D}] => (Allow) C:\Program Files\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{D995473E-EF0F-4327-A204-E89A1EFE9502}] => (Allow) C:\Program Files\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F28DF149-69B7-4088-AB76-E53681D3E748}] => (Allow) C:\Program Files\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{3CE837D5-C2BB-4A5D-8717-2E91EE522A22}] => (Allow) C:\Program Files\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{99A6E243-D4DB-43C3-AAE3-A827F56DC16E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4CAD471-CE30-4066-A8F9-8584E60F2932}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2C845B2F-1C26-495D-8C06-FD1C4A510A46}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8F088E87-C44A-4262-B22B-4CA161DD618A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0C44BCBA-94A9-4A78-9020-8FD2BC790978}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6FB9A4A3-DA5E-4C0B-ADD6-FA916FA6B701}] => (Allow) C:\Program Files\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{16834710-076B-4721-BBB5-393DE1DBAC21}] => (Allow) C:\Program Files\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E449504F-00DE-40BB-96E5-BDB7AB3A7449}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{93714885-CFD7-4AB3-9B8A-609B5A28513F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FC10610D-78E8-4511-9EFD-08299D23A918}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D42612C9-F0E3-484F-8877-A5347CAC89F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6037D7DB-AE89-43B2-9D52-23EFFA04E1D4}] => (Allow) C:\Program Files\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{EE4FA9EC-A9E8-4127-8E01-0CB8464153C1}] => (Allow) C:\Program Files\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [TCP Query User{40B5FAB8-0F28-41C0-9433-825A6A324349}C:\program files\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{842FCD2F-0F0B-4452-8C9D-70C0A4AB5472}C:\program files\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{891B59A6-2DE8-49AB-B224-F4B12D9EC7DA}] => (Allow) C:\Program Files\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{0736103C-FB21-4D29-BE65-C6AFE3DF383B}] => (Allow) C:\Program Files\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{80B9677A-4E2D-472A-B946-074A162563DA}] => (Allow) C:\Program Files\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{0D7D013F-A88B-4653-BFF2-84D541D4ECAF}] => (Allow) C:\Program Files\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{A497BBD4-D680-477D-B913-27D6A1D291CA}] => (Allow) C:\Program Files\Steam\steamapps\common\KillSquad\Game.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{596CBD4B-73EA-454B-9F86-9CB086E4BE3F}] => (Allow) C:\Program Files\Steam\steamapps\common\KillSquad\Game.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{06E7ECEE-BA5C-4E40-BF7E-173B47AAB6AD}C:\program files\steam\steamapps\common\killsquad\game\binaries\win64\game-win64-shipping.exe] => (Allow) C:\program files\steam\steamapps\common\killsquad\game\binaries\win64\game-win64-shipping.exe (Novarama Technology SL) [File not signed]
FirewallRules: [UDP Query User{89297B32-F6A6-41B8-9E54-33266B54A734}C:\program files\steam\steamapps\common\killsquad\game\binaries\win64\game-win64-shipping.exe] => (Allow) C:\program files\steam\steamapps\common\killsquad\game\binaries\win64\game-win64-shipping.exe (Novarama Technology SL) [File not signed]
FirewallRules: [TCP Query User{466BD755-46F8-4813-AC10-86573F295CD0}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{08E992CD-71A1-4AE0-BCF4-1CF3E5152783}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{CB98CE4E-2BA6-464F-AE1C-D822ACCF6F91}] => (Allow) C:\Program Files\Steam\steamapps\common\Colorcers\Colorcers.exe () [File not signed]
FirewallRules: [{9A39189A-F865-4335-A0BE-B60BA78D793B}] => (Allow) C:\Program Files\Steam\steamapps\common\Colorcers\Colorcers.exe () [File not signed]
FirewallRules: [{1D8BA426-786F-49A8-9387-97ED20074D50}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{949D1E17-E579-4409-992C-8ECF0992D163}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{B905AD76-31F1-42EF-9F7B-1ADE4FE05F2B}C:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Allow) C:\program files (x86)\origin games\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{5ECE9256-738B-4AFA-B964-A8D78971BEFD}C:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Allow) C:\program files (x86)\origin games\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{85CCD3B0-0DC4-465C-B4A5-D2A96AAC7384}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{D8B2B38A-6568-4994-9B1A-297CCDA23717}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{55F5D8F8-DED5-4607-AD4F-E9D077816974}] => (Allow) C:\Program Files\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [{5160B939-55D6-401B-8637-02E72D3C01A4}] => (Allow) C:\Program Files\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [{9889F4BD-7876-4CC6-B4A3-50BF334604D7}] => (Allow) C:\Program Files\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{7065EA47-179E-41F9-A4C6-2B349F82963F}] => (Allow) C:\Program Files\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [TCP Query User{98967620-C98D-4B87-B871-C2751CEBF623}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{EE4CAEDA-3661-4812-87AC-96A71FD8B627}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{B6438C1C-9FEC-462A-A8AA-E2B37ED90787}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{75A78B44-3A30-4E4E-B081-910404459102}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{54AB4FAA-EE25-45C6-81A5-3E7F9DCB436D}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{435177AC-44D1-4A65-B30C-47EEE549B28B}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CB65DE90-956B-4CC9-950D-E1BEF0216E41}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1059C45F-B935-4911-B472-C7B33B97ECC4}] => (Allow) C:\Program Files\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{BBB7E54A-5726-49DA-97A4-DAC74D1720F2}] => (Allow) C:\Program Files\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{591A141F-F1C6-4EA8-A176-DEEFACA42D1F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7EC0322A-76AF-48DF-AA6F-6B837021BC06}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{5A4835DF-FFF1-48E1-A6FD-4781400793E1}] => (Allow) %systemroot%\system32\alg.exe No File

==================== Restore Points =========================

22-10-2019 22:01:12 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/27/2019 07:12:53 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/27/2019 07:12:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (10/27/2019 06:55:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 3.1.0.1840, časové razítko: 0x5d5c15af
Název chybujícího modulu: Qt5Core.dll, verze: 5.11.1.0, časové razítko: 0x5cba0161
Kód výjimky: 0xc0000005
Posun chyby: 0x001a86be
ID chybujícího procesu: 0x169c
Čas spuštění chybující aplikace: 0x01d58cefad5710e5
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: 0f7c516e-9b9e-44bb-95e8-1acd57617bed
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/27/2019 06:26:48 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (10/27/2019 05:20:09 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkQuarantineRetry

Error: (10/27/2019 05:20:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (10/27/2019 05:19:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (10/27/2019 09:14:58 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkQuarantineRetry


System errors:
=============
Error: (10/27/2019 07:22:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4UJ58MB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 a APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 uživateli DESKTOP-4UJ58MB\LEGION-Y520 (SID: S-1-5-21-2662234876-99792091-3662101863-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/27/2019 07:18:06 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.

Error: (10/27/2019 07:16:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4UJ58MB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 a APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 uživateli DESKTOP-4UJ58MB\LEGION-Y520 (SID: S-1-5-21-2662234876-99792091-3662101863-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/27/2019 07:16:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (10/27/2019 07:14:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-4UJ58MB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 a APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 uživateli DESKTOP-4UJ58MB\LEGION-Y520 (SID: S-1-5-21-2662234876-99792091-3662101863-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/27/2019 07:10:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/27/2019 07:10:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/27/2019 07:10:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_650b8 byla ukončena s následující chybou: 
Zařízení není připraveno.


Windows Defender:
===================================
Date: 2018-12-30 13:28:46.461
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\cccccccccccccccccccc\Downloads\KMSAuto.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-4UJ58MB\cccccccccccccccccccc
Název procesu: C:\Users\cccccccccccccccccccc\AppData\Roaming\uTorrent\utorrent.exe
Verze podpisu: AV: 1.283.1833.0, AS: 1.283.1833.0, NIS: 1.283.1833.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2018-12-30 13:21:46.754
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\cccccccccccccccccccc\Downloads\KMSAuto.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-4UJ58MB\cccccccccccccccccccc
Název procesu: C:\Users\cccccccccccccccccccc\AppData\Roaming\uTorrent\utorrent.exe
Verze podpisu: AV: 1.283.1833.0, AS: 1.283.1833.0, NIS: 1.283.1833.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2018-12-29 23:21:35.877
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.199.1615.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.11701.0
Kód chyby: 0x80070643
Popis chyby :Při instalaci došlo k závažné chybě. 

Date: 2018-12-29 23:21:32.482
Description: 
Program Antivirová ochrana v programu Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.15500.2
Předchozí verze modulu: 1.1.11701.0
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80508007
Popis chyby: Zařízení nemá dostatek paměti. Ukončete některé programy a opakujte akci, nebo v nápovědě a podpoře vyhledejte informace, jak se vyhnout potížím s nedostatkem paměti. 

CodeIntegrity:
===================================

Date: 2019-10-27 19:13:24.302
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-27 19:13:24.299
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-27 19:11:53.908
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-27 19:11:53.904
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-27 19:11:27.052
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-27 19:11:26.996
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-27 19:11:26.992
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-27 19:11:26.854
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: LENOVO 4KCN23WW 01/12/2017
Motherboard: LENOVO Provence-5R1
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 30%
Total physical RAM: 12163.16 MB
Available physical RAM: 8426.88 MB
Total Virtual: 14579.16 MB
Available Virtual: 9823.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.08 GB) (Free:197.67 GB) NTFS

\\?\Volume{fd91d4c4-d294-4ee9-b0ff-53d8c8879f77}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{45e684c8-5b0b-46a2-bfd8-4c21afd3ed18}\ () (Fixed) (Total:0.88 GB) (Free:0.34 GB) NTFS
\\?\Volume{c344045f-e870-46be-87d5-ffdafc4e4c7e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================