Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by John Doe (17-06-2020 09:52:24)
Running from C:\Users\John Doe\Desktop
Windows 10 Home Version 1903 18362.900 (X64) (2019-08-30 16:38:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4160441966-4125977450-1802336741-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4160441966-4125977450-1802336741-503 - Limited - Disabled)
Guest (S-1-5-21-4160441966-4125977450-1802336741-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4160441966-4125977450-1802336741-1003 - Limited - Enabled)
John Doe (S-1-5-21-4160441966-4125977450-1802336741-1000 - Administrator - Enabled) => C:\Users\John Doe
WDAGUtilityAccount (S-1-5-21-4160441966-4125977450-1802336741-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{0A394C41-FBA7-4930-85FC-3A973B34E6C6}) (Version: 13.5.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.9.9 - Atheros Communications Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version:  - ) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.2 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.2 - Lenovo)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.62.5209 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HL-2250DN (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.64.1 - JMicron Technology Corp.)
Kodi (HKU\S-1-5-21-4160441966-4125977450-1802336741-1000\...\Kodi) (Version:  - XBMC-Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.117 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3212 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3212 - CyberLink Corp.)
Live! Cam Chat HD VF0790 Driver (1.00.07.00) (HKLM\...\Creative VF0790) (Version:  - Creative Technology Ltd.)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Office Language Pack 2013  - Czech/čeština (HKLM-x32\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5249.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4160441966-4125977450-1802336741-1000\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.19.78 (HKU\S-1-5-21-4160441966-4125977450-1802336741-1000\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.19.78 - NVIDIA Corporation)
NVIDIA Graphics Driver 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA Install Application (HKU\S-1-5-21-4160441966-4125977450-1802336741-1000\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer) (Version: 2.1002.344.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5249.1001 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0405-0000-0000000FF1CE}_Office15.OMUI.cs-cz_{78A9943A-5DB1-4B90-8AEF-5CE30456FB6E}) (Version:  - Microsoft)
Simple Shutdown Timer (HKLM-x32\...\Simple Shutdown Timer1.1.2) (Version: 1.1.2 - PcWinTech.com)
Software Intel® PROSet/Wireless WiFi (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Spotify (HKU\S-1-5-21-4160441966-4125977450-1802336741-1000\...\Spotify) (Version: 1.1.34.694.gac68a2b3 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
univcredist (HKLM-x32\...\{2d9d4a60-1d22-46c1-84bb-1de04b4715d7}) (Version: 1.0.0.0 - Motiga)
Unreal Development Kit: 2015-01 (HKLM\...\UDK-55d19680-19a2-4285-9cd3-4930774d9989) (Version:  - Epic Games, Inc.)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.OMUI.cs-cz_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WD My Cloud (HKLM\...\{4B86F896-11DC-4711-BB60-81104832FA44}) (Version: 1.0.7.17 - Western Digital Technologies, Inc.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-18] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4160441966-4125977450-1802336741-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-13] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\John Doe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hangouts Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl

==================== Loaded Modules (Whitelisted) =============

2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-06-19 18:41 - 2011-12-05 02:11 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2019-01-18 17:16 - 2013-12-06 04:05 - 000179712 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\E_YLMBMEE.DLL

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\Users\John Doe\Application Data:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\John Doe\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-04-25 22:44 - 2020-06-14 19:00 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

2018-12-22 01:21 - 2020-04-14 21:06 - 000000569 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
168.137.1 JohnDoe-PC.mshome.net # 2025 4 0 13 18 53 22 473

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\1.5\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\1.5\bin\x64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4160441966-4125977450-1802336741-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\John Doe\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Wireless Network Connection: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol -> amppalp (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-4160441966-4125977450-1802336741-1000\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{E34EE13E-8AAF-4F9A-A654-77A390B3CE87}D:\games\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe] => (Allow) D:\games\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe => No File
FirewallRules: [TCP Query User{85510ACB-3B74-4D6E-9778-E78F0C10EFA9}D:\games\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe] => (Allow) D:\games\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe => No File
FirewallRules: [{814A8C13-CDF1-4527-94C6-52760C57BB78}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{F15A064A-F813-460D-B4BB-6A74EE7726B5}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Tools\Launcher.exe => No File
FirewallRules: [{8B345AA5-8DD9-43FD-B81A-979C60C3B61B}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{2D30B24C-509C-4D0E-BEC0-6600185E9371}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{0BF1910A-C20C-4AB5-AAC2-8C65E5E702F8}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{7F9B4431-5A09-4F13-8D50-566242ACC7BE}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Tools\Launcher.exe => No File
FirewallRules: [{A8CC1877-A0BA-467B-A73F-0F50D3999045}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{153BDEC7-6820-4237-B9D2-3F9D50DCD4BB}] => (Allow) D:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{17CAE254-06F2-42E7-855A-207F7D769C72}] => (Allow) D:\Games\Steam\steamapps\common\Black Squad\binaries\win64\BSLauncher.exe => No File
FirewallRules: [{5AFB0DEE-BB8F-4A8E-B63F-BA5769F9ED8D}] => (Allow) D:\Games\Steam\steamapps\common\Black Squad\binaries\win64\BSLauncher.exe => No File
FirewallRules: [UDP Query User{75A2EDC5-C62B-4104-8AEB-E5115E68B7D7}D:\games\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{65C6A35D-881F-4224-81D6-79946555E47F}D:\games\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe => No File
FirewallRules: [{308593F3-BB54-40E3-8D29-E4EAE2473309}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E48A975A-8706-4FE1-8705-E9863DA11281}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A494B13-E4FA-4A3D-A191-99654B44E38E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35EB5BB2-944A-416E-B998-4904285DEE44}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FD010C03-614B-4B83-B0F4-B359EA60DDFB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe => No File
FirewallRules: [{3612233C-905D-43A2-8D0A-165C8FE4A8FA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => No File
FirewallRules: [{60DC94B6-D54D-4AFF-921B-404CAC6A0070}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe => No File
FirewallRules: [{AD725F18-4CAA-487A-A143-E0F7634F96DE}] => (Allow) D:\Games\Steam\Steam.exe => No File
FirewallRules: [{6B425D6C-64A2-42C3-8D3C-11ADF5714141}] => (Allow) D:\Games\Steam\Steam.exe => No File
FirewallRules: [{7F0AC7CC-8CCE-4FB6-8E4A-3DDC1B1EA58D}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{CA99C0D4-AED2-40B9-BDDA-066625165479}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E195B2BA-422F-4FE1-99CF-F7170D450A7D}] => (Allow) D:\Games\Steam\steamapps\common\Hoard\win32\Reuben.exe => No File
FirewallRules: [{02B070B8-6D1E-42AD-B695-F0B015E1227A}] => (Allow) D:\Games\Steam\steamapps\common\Hoard\win32\Reuben.exe => No File
FirewallRules: [{D00B3E80-4673-4E8D-ADE3-B99CB0D9BAD3}] => (Allow) D:\Games\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe => No File
FirewallRules: [{5202FD95-AF9F-4600-87C4-53D7C4D0BD95}] => (Allow) D:\Games\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe => No File
FirewallRules: [{DEF86865-DA24-422D-91E6-FA3C7518AFB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{107148E3-2BA1-4A99-B1BD-AB992B17EE1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{CD755928-479C-4A99-8444-559A938044B8}D:\program files (x86)\utorrent\utorrent.exe] => (Allow) D:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{A737F441-8ADF-458B-BF89-5786E3E8383E}D:\program files (x86)\utorrent\utorrent.exe] => (Allow) D:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{068C15E9-D211-4C74-AE0F-C52020BC5F24}D:\games\battle.net\battle.net\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\battle.net\battle.net\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [UDP Query User{89C8AF02-2A0B-4E8B-8F46-7734E5E1D229}D:\games\battle.net\battle.net\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\battle.net\battle.net\diablo 3\diablo iii\x64\diablo iii64.exe => No File
FirewallRules: [TCP Query User{A1F04DFB-FF8E-4995-AD1C-8458ADCAEBA4}D:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) D:\program files (x86)\origin games\bfh\bfh.exe => No File
FirewallRules: [UDP Query User{B27CA318-F7EB-428E-B206-C83712B70B9C}D:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) D:\program files (x86)\origin games\bfh\bfh.exe => No File
FirewallRules: [{037C1FCC-8F71-47DF-AB21-799632FEF5DC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F626C83-FB50-4AEF-95B1-FAC68AF8E3F9}] => (Allow) D:\Games\Steam\steamapps\common\TOXIKK\Binaries\ToxikkLauncher.exe => No File
FirewallRules: [{B50BB626-D9F7-4422-9F24-FA335588D482}] => (Allow) D:\Games\Steam\steamapps\common\TOXIKK\Binaries\ToxikkLauncher.exe => No File
FirewallRules: [{7E545571-A9FE-43C9-882E-69F49ABA54FF}] => (Allow) D:\Games\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe => No File
FirewallRules: [{0559CF36-0701-4052-9B23-B8E4CB36796D}] => (Allow) D:\Games\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe => No File
FirewallRules: [TCP Query User{13141ED6-DF9B-4848-9635-0D199F850603}D:\games\battle.net\battle.net\starcraft\starcraft.exe] => (Allow) D:\games\battle.net\battle.net\starcraft\starcraft.exe => No File
FirewallRules: [UDP Query User{C0DA0EF2-1AE5-4E35-AC9B-F0EE21E056F4}D:\games\battle.net\battle.net\starcraft\starcraft.exe] => (Allow) D:\games\battle.net\battle.net\starcraft\starcraft.exe => No File
FirewallRules: [TCP Query User{C0A3D2AF-7AC5-421B-BED6-EB91ECCE59FA}D:\games\battle.net\battle.net\starcraft ii\versions\base65895\sc2_x64.exe] => (Block) D:\games\battle.net\battle.net\starcraft ii\versions\base65895\sc2_x64.exe => No File
FirewallRules: [UDP Query User{ABB89E59-1862-4120-943D-EA86467045BF}D:\games\battle.net\battle.net\starcraft ii\versions\base65895\sc2_x64.exe] => (Block) D:\games\battle.net\battle.net\starcraft ii\versions\base65895\sc2_x64.exe => No File
FirewallRules: [TCP Query User{0E147B3B-A98D-46FF-8C6C-267129A57FD6}D:\games\steam\steamapps\common\space\spacegame\binaries\win64\fractured space.exe] => (Allow) D:\games\steam\steamapps\common\space\spacegame\binaries\win64\fractured space.exe => No File
FirewallRules: [UDP Query User{C82E531D-78FD-41B6-AF21-C04D157E02DB}D:\games\steam\steamapps\common\space\spacegame\binaries\win64\fractured space.exe] => (Allow) D:\games\steam\steamapps\common\space\spacegame\binaries\win64\fractured space.exe => No File
FirewallRules: [TCP Query User{694D2B28-7FF9-4F77-8103-14A7D03AB562}D:\games\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) D:\games\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe => No File
FirewallRules: [UDP Query User{273A52DF-8D84-47BF-8669-88A3C8814167}D:\games\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => (Allow) D:\games\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe => No File
FirewallRules: [{0F27EF1E-2423-4FA4-B3DA-404981478447}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{4B3381AD-52EE-41D0-B2CC-E716259CC50C}D:\games\steam\steamapps\common\gigantic\binaries\win64\rxgame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\gigantic\binaries\win64\rxgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{8F5109EC-9445-494D-819E-906EA2009172}D:\games\steam\steamapps\common\gigantic\binaries\win64\rxgame-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\gigantic\binaries\win64\rxgame-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4AF7BCC2-E65D-465E-B1EF-5FEF9B909253}D:\games\battle.net\battle.net\overwatch\overwatch.exe] => (Block) D:\games\battle.net\battle.net\overwatch\overwatch.exe => No File
FirewallRules: [UDP Query User{4A63B281-0974-4A26-86A0-B3D2D0021C55}D:\games\battle.net\battle.net\overwatch\overwatch.exe] => (Block) D:\games\battle.net\battle.net\overwatch\overwatch.exe => No File
FirewallRules: [TCP Query User{9B910CE9-6CE2-4379-AFA2-BCE2996E6FD9}D:\games\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Block) D:\games\steam\steamapps\common\warface\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{24B0450D-B890-47B0-9168-B95427D6F021}D:\games\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Block) D:\games\steam\steamapps\common\warface\gamecenter\gamecenter.exe => No File
FirewallRules: [TCP Query User{E8B0E39F-F61E-4771-B2DE-1F054E7D2FA2}D:\games\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\games\steam\steamapps\common\warface\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{0D13FD3B-05B2-4F33-A11B-ECC0965C7D3B}D:\games\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\games\steam\steamapps\common\warface\gamecenter\gamecenter.exe => No File
FirewallRules: [{55CEEE88-69CB-4D16-9402-6AE312B58D36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ABE9EBCF-E4A4-45BD-99FA-0356E23CA4ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{50AB6987-FE80-439D-B329-1F13ACAA838A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77B6E8EE-4F92-45EC-8CBA-2FBA111479A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{7428A2F9-9FB2-4313-9F60-4233672EBE5B}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{A4D5B5EB-DCA1-4B16-A88A-88854D642E59}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{7B9B883F-F9BD-47C1-A061-0F1DFC633918}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{C3852E45-0A73-4BA6-B5A8-AC706C02EDFE}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{91D95A43-A847-4FDC-9908-113C6DE7A268}] => (Allow) D:\Games\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [{EF7D07AD-A605-4176-AB2E-8F6B4137A1B2}] => (Allow) D:\Games\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [TCP Query User{2E7D97EC-907C-4792-A6E3-D3289132D5EB}D:\games\origin\origin games\battlefield 4\bf4.exe] => (Block) D:\games\origin\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [UDP Query User{C6D930AC-ADE9-40C5-BCD4-ED15EA6DCBEE}D:\games\origin\origin games\battlefield 4\bf4.exe] => (Block) D:\games\origin\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [TCP Query User{7BC37CA9-7FE0-4052-981D-619BD4FD155F}D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe => No File
FirewallRules: [UDP Query User{11F5549E-24A5-4ACE-A6FB-0F492CC40AFD}D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe => No File
FirewallRules: [{47BD19E1-83C7-41FF-9678-F40D1622181F}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 2 Complete Collection\BF2.exe => No File
FirewallRules: [{53E1C6B5-00A0-4A9A-8AF5-EA965EA827D9}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 2 Complete Collection\BF2.exe => No File
FirewallRules: [TCP Query User{3F0FA4E9-BDB7-4809-A8B0-267626148F6D}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{8ACAD615-2415-4424-9A76-73606D31DA8A}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{13741808-6B20-464E-83C8-D005F574CA7B}D:\games\steam\steamapps\common\argo\argo_x64.exe] => (Block) D:\games\steam\steamapps\common\argo\argo_x64.exe => No File
FirewallRules: [UDP Query User{81215412-23AA-4104-865B-F18145D932FC}D:\games\steam\steamapps\common\argo\argo_x64.exe] => (Block) D:\games\steam\steamapps\common\argo\argo_x64.exe => No File
FirewallRules: [{39F114DF-5ACA-48B7-B405-B0D6B56BF145}] => (Allow) D:\Games\uPlay\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File
FirewallRules: [{AD9F62FD-09C2-485F-8EC0-E6633E7BFDD0}] => (Allow) D:\Games\uPlay\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File
FirewallRules: [{1AB9C3CE-BD32-4290-A38C-739CA9981FEF}] => (Allow) D:\Games\uPlay\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [{EF2236C9-BA78-4B37-9A70-47B7FF244E9F}] => (Allow) D:\Games\uPlay\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File
FirewallRules: [TCP Query User{6BE76623-6EB8-45D3-96BA-D388F74B4C18}D:\games\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) D:\games\steam\steamapps\common\insurgency2\insurgency_x64.exe => No File
FirewallRules: [UDP Query User{7220FCF9-A7E1-4717-8276-C88C2447CC0D}D:\games\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Block) D:\games\steam\steamapps\common\insurgency2\insurgency_x64.exe => No File
FirewallRules: [TCP Query User{05C658CD-3E00-438C-8162-45B754785D01}D:\games\steam\steamapps\common\arma 3\arma3_x64.exe] => (Block) D:\games\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [UDP Query User{ED97EED8-D712-4E15-BC8D-015BCBBFCD81}D:\games\steam\steamapps\common\arma 3\arma3_x64.exe] => (Block) D:\games\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [TCP Query User{D8F7C344-AF26-4D19-ADFC-79537E9679C2}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [UDP Query User{721BFA8F-C1F0-4500-927F-6DC6CDAF4ECD}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{F406D1AD-1577-4937-BE09-A308A3C304A1}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{454DF2CE-DAA3-4ABD-9469-C3FC721F3F48}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{6357580F-B5C5-47C2-999E-8469F822533D}D:\games\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\games\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{25BBC3CF-CBE4-4816-A17D-670C9476F535}D:\games\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\games\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{A305212E-6918-4E9B-BBBC-E356CBC123B4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{5F56595B-6FED-495B-9694-6D7CDA334E03}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{E78A09CA-180D-4E5E-8199-9BF88CF239C6}C:\users\john doe\appdata\local\temp\temp1_4569_ipcamerasearch.zip\4569_ipcamerasearch.exe] => (Allow) C:\users\john doe\appdata\local\temp\temp1_4569_ipcamerasearch.zip\4569_ipcamerasearch.exe => No File
FirewallRules: [UDP Query User{0641817C-EBF1-45F9-9601-F4704818DEFF}C:\users\john doe\appdata\local\temp\temp1_4569_ipcamerasearch.zip\4569_ipcamerasearch.exe] => (Allow) C:\users\john doe\appdata\local\temp\temp1_4569_ipcamerasearch.zip\4569_ipcamerasearch.exe => No File
FirewallRules: [TCP Query User{E281CEC5-2A14-4B6A-A9D1-DE7C2E43F440}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{D98796D7-CFEC-42E3-84CE-64635571FA1D}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{C5020521-4A9A-4D31-B11A-6DFA157DFA9B}D:\games\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File
FirewallRules: [UDP Query User{B1E97203-3BE6-4779-9B82-AE8F70BACC90}D:\games\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4BD5890A-DF3F-401C-BB66-09E2C7820891}D:\program files (x86)\utorrent\utorrent.exe] => (Block) D:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{EF4589F7-0448-4966-8AC0-672E9D8AB6AE}D:\program files (x86)\utorrent\utorrent.exe] => (Block) D:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{874602C0-8F49-4E26-BAC7-0EA72A587EFE}D:\games\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File
FirewallRules: [UDP Query User{B52E9004-93BF-40B8-B8CF-7F4126C076B9}D:\games\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe] => (Allow) D:\games\steam\steamapps\common\deep rock galactic\fsd\binaries\win64\fsd-win64-shipping.exe => No File
FirewallRules: [TCP Query User{A9AC147B-D276-43D1-B81B-13A1452DD627}D:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [UDP Query User{2DFC2F77-5006-4960-8D64-447E7DFBDBBA}D:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => No File
FirewallRules: [{484D2AF3-4415-418B-9A77-E60DF8EF1C12}] => (Allow) D:\Games\Steam\steamapps\common\Black Squad\binaries\win64\SteamLauncher.exe => No File
FirewallRules: [{49FABDC4-D352-4102-91B3-AF5A56927463}] => (Allow) D:\Games\Steam\steamapps\common\Black Squad\binaries\win64\SteamLauncher.exe => No File
FirewallRules: [TCP Query User{F67E768E-1425-415B-A24B-8E9F70C7CB91}C:\users\john doe\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\john doe\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{DF581741-D9D5-465F-A836-DA70FE8D5223}C:\users\john doe\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\john doe\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A85671FF-56BA-4644-9100-CB07606A78E7}] => (Allow) D:\Games\Steam\steamapps\common\Space\launcher\launcher.exe => No File
FirewallRules: [{BAEE1257-47DD-4C45-8C9C-F4812A7A8195}] => (Allow) D:\Games\Steam\steamapps\common\Space\launcher\launcher.exe => No File
FirewallRules: [TCP Query User{E970150C-5B57-4584-BA8C-890E57437135}C:\users\john doe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\john doe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{E160D07C-B781-4117-B3F7-1A66E8BBEF23}C:\users\john doe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\john doe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{D8969A44-7222-48E7-BD28-1632B7503B79}C:\users\john doe\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\john doe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{4DC8BEBC-5F9F-47F4-AD2A-4C6DA2B3997F}C:\users\john doe\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\john doe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A599A940-6BB2-4351-959C-53FDFE99A62C}] => (Allow) LPort=5354
FirewallRules: [{EE7E0E81-6F12-449E-A3B6-B045E442B307}] => (Allow) LPort=5354
FirewallRules: [{AF844774-2BD7-46C7-B213-9478AE07A72B}] => (Allow) LPort=5354
FirewallRules: [{C4C742FF-0B5A-4914-BBB8-1F9684FA3595}] => (Allow) LPort=5354
FirewallRules: [TCP Query User{089CFFF9-BACC-4F84-9C78-2C1D7CA8DB3A}D:\games\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe] => (Block) D:\games\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe => No File
FirewallRules: [UDP Query User{C6B0A792-B4F5-4333-80DA-9B479AE0DBDA}D:\games\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe] => (Block) D:\games\steam\steamapps\common\creativedestruction\ccmini\ccmini.exe => No File
FirewallRules: [TCP Query User{5DF9563E-6B91-4970-A3F0-FBFED264065B}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [UDP Query User{662FAA31-65E1-48CE-8612-0A69D15D16E2}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [{60F742AC-E79D-46F8-B0AF-A7E27A6F288B}] => (Allow) D:\Games\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe => No File
FirewallRules: [{3A4E3546-4065-44EA-8305-6269973C8C75}] => (Allow) D:\Games\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe => No File
FirewallRules: [TCP Query User{07A8B0F1-54D2-49FC-BA1E-B3BDE4B53419}C:\program files (x86)\my secure\mysecure.exe] => (Allow) C:\program files (x86)\my secure\mysecure.exe => No File
FirewallRules: [UDP Query User{AF0DE824-A436-4529-BE4E-B77772F422B1}C:\program files (x86)\my secure\mysecure.exe] => (Allow) C:\program files (x86)\my secure\mysecure.exe => No File
FirewallRules: [{758AAC17-9B3C-4E82-B60D-9E555AB5EBFB}] => (Block) C:\program files (x86)\my secure\mysecure.exe => No File
FirewallRules: [{E83D0114-2E08-472D-9CBE-1EBCD4A7F98B}] => (Block) C:\program files (x86)\my secure\mysecure.exe => No File
FirewallRules: [TCP Query User{6D4000DE-62BC-4A1F-95B1-575CDD8019F1}D:\games\cod modern warfare\call of duty modern warfare\iw3mp.exe] => (Allow) D:\games\cod modern warfare\call of duty modern warfare\iw3mp.exe => No File
FirewallRules: [UDP Query User{4EAE2089-D66A-4344-8FCF-A689DF175717}D:\games\cod modern warfare\call of duty modern warfare\iw3mp.exe] => (Allow) D:\games\cod modern warfare\call of duty modern warfare\iw3mp.exe => No File
FirewallRules: [{A67E09DE-C756-4C4B-9CD1-A14504F4E70E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{87A972D5-BF6F-41C2-8CBC-4398912944DF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{BE07F2F7-FD26-4A0B-8576-3A81511A88FA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{2E0638DC-F1FF-46F4-9BB2-735AEE9E1D66}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{657F8A6D-72C4-45C3-8716-6C805C57212A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe => No File
FirewallRules: [{5C62867F-90C6-41BD-9B5A-D3AC40D025B6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe => No File
FirewallRules: [TCP Query User{9E239265-4718-40F2-B977-C03C608CD658}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Block) D:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [UDP Query User{78EC7DDD-7D4A-42ED-96CB-0ACF09A10CB5}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Block) D:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [TCP Query User{21F6B090-ADE9-44F3-808F-689AFCC46B0D}D:\games\steam\steamapps\common\splitgate arena warfare\portalwars\binaries\win64\portalwars-win64-shipping.exe] => (Block) D:\games\steam\steamapps\common\splitgate arena warfare\portalwars\binaries\win64\portalwars-win64-shipping.exe => No File
FirewallRules: [UDP Query User{306A9E5F-ACFB-4009-9440-262C7CD6C91A}D:\games\steam\steamapps\common\splitgate arena warfare\portalwars\binaries\win64\portalwars-win64-shipping.exe] => (Block) D:\games\steam\steamapps\common\splitgate arena warfare\portalwars\binaries\win64\portalwars-win64-shipping.exe => No File
FirewallRules: [TCP Query User{DD34C067-62DC-4A97-9D34-4A71ECCED0DD}D:\games\gog.com\defcon\defcon.exe] => (Block) D:\games\gog.com\defcon\defcon.exe => No File
FirewallRules: [UDP Query User{F906AB90-E6DC-4280-8079-EF92A768BC44}D:\games\gog.com\defcon\defcon.exe] => (Block) D:\games\gog.com\defcon\defcon.exe => No File
FirewallRules: [{AB72AD8A-9415-4481-ABB2-37453494C80C}] => (Allow) D:\Games\Steam\steamapps\common\Black Squad\binaries\win64\BlackSquadGame.exe => No File
FirewallRules: [{9F87A264-EE78-4871-88D1-443E33AD312F}] => (Allow) D:\Games\Steam\steamapps\common\Black Squad\binaries\win64\BlackSquadGame.exe => No File
FirewallRules: [TCP Query User{1CB50A73-B980-42D0-A1F2-E59C4107B9DE}D:\program files (x86)\utorrent\utorrent\utorrent.exe] => (Block) D:\program files (x86)\utorrent\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{FE30EE21-8A4A-4057-90BD-91940BA7446B}D:\program files (x86)\utorrent\utorrent\utorrent.exe] => (Block) D:\program files (x86)\utorrent\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{9EFB0456-B41A-440B-BF63-D70690A45FB9}D:\games\battle.net\battle.net\battle.net.exe] => (Allow) D:\games\battle.net\battle.net\battle.net.exe => No File
FirewallRules: [UDP Query User{EA8E4D2F-4C25-4432-B2AD-F70D8FE28CBB}D:\games\battle.net\battle.net\battle.net.exe] => (Allow) D:\games\battle.net\battle.net\battle.net.exe => No File
FirewallRules: [{13EA8444-D086-47CD-8C83-38843EF76FB4}] => (Allow) C:\Program Files\Benzle\WiFiSendServer\WiFiSendServer.exe => No File
FirewallRules: [TCP Query User{F2D2274D-2876-4C76-B62B-D65D9BE0EED3}D:\games\pubg lite\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\games\pubg lite\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [UDP Query User{EEF3385E-9750-4CA9-919A-60798D682594}D:\games\pubg lite\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) D:\games\pubg lite\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [TCP Query User{FFF96B27-5ECB-4FF1-9C0D-C6DF2B980273}D:\program files (x86)\utorrent\utorrent\utorrent.exe] => (Allow) D:\program files (x86)\utorrent\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{D695075B-CBB6-494E-8DF8-C82FFFD4C20A}D:\program files (x86)\utorrent\utorrent\utorrent.exe] => (Allow) D:\program files (x86)\utorrent\utorrent\utorrent.exe => No File
FirewallRules: [{64A564AC-54AD-41CA-9AA6-A17A5265B97D}] => (Allow) D:\Games\Steam\steamapps\common\X-Morph Defense\bin\shooter_win64_release.exe => No File
FirewallRules: [{2EB6A324-71CA-44FB-93E2-CCF79904105A}] => (Allow) D:\Games\Steam\steamapps\common\X-Morph Defense\bin\shooter_win64_release.exe => No File
FirewallRules: [{B06EB90D-F1B3-420C-BCB6-BFECC0C93AF6}] => (Allow) D:\Games\Steam\steamapps\common\X-Morph Defense\bin\X-Morph_Launcher.exe => No File
FirewallRules: [{6E5647B8-F6C0-4231-A1C4-25639C4BD40F}] => (Allow) D:\Games\Steam\steamapps\common\X-Morph Defense\bin\X-Morph_Launcher.exe => No File
FirewallRules: [{3E389ADE-48AB-4DC1-B91D-07949AE69360}] => (Allow) D:\Games\Steam\steamapps\common\X-Morph Defense\tools\bin\level_editor_win64_release.exe => No File
FirewallRules: [{CB965D03-DDDD-42D2-B2F4-E58A100E85DD}] => (Allow) D:\Games\Steam\steamapps\common\X-Morph Defense\tools\bin\level_editor_win64_release.exe => No File
FirewallRules: [{26D98409-8CE3-4EFD-A3D5-FCA0D0F42612}] => (Allow) D:\Games\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{4A3F1D8D-0D61-4BCE-84FF-EAF9116C28D5}] => (Allow) D:\Games\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe => No File
FirewallRules: [{FBE690A1-73DC-435F-B163-E9539F05E2D8}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{E768735C-CD41-468C-AE4B-F6FE18AEA954}] => (Allow) D:\Games\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{4792D3D7-D121-4104-BC74-F1980A4664E8}] => (Allow) C:\Users\John Doe\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{449795EE-C69D-4A29-BA24-D53398DED65D}] => (Allow) C:\Users\John Doe\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{B5CA6130-5F55-4CB7-B0EB-9EB3820285D9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{910E9970-6438-4C4E-B0BC-AA99C7966EDB}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6762A10B-CF65-4330-BA8E-CA78892F8333}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{3F112304-CC81-43AD-B9E8-4F14B355B9AE}D:\games\battle.net\battle.net\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\battle.net\battle.net\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{FC190477-EDEA-4356-B139-AC105F0943FC}D:\games\battle.net\battle.net\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\battle.net\battle.net\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [{934D8C29-F27D-4616-A0CD-2D9E9FA73018}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A6B1E250-7362-4F8D-B343-A8CCD7C83F05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DF7B6C42-D0E1-474A-AC84-43369DAEE487}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{938F12FB-D9B8-4049-93B1-C2A5C8A10FD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{002CA3E7-C574-4F73-A5F9-21A08F48044A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:110.76 GB) (Free:21.61 GB) (20%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/17/2020 09:37:13 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13248,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/17/2020 09:27:31 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9384,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/17/2020 09:17:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4480,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/17/2020 09:09:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iCloudPhotos.exe, version: 159.0.0.21, time stamp: 0x5b2e1ace
Faulting module name: ntdll.dll, version: 10.0.18362.815, time stamp: 0x2995af02
Exception code: 0xc0000374
Fault offset: 0x000dfa1d
Faulting process id: 0x2fa8
Faulting application start time: 0x01d6447618ff5e80
Faulting application path: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 73264db3-f83f-4139-8d98-d7fc1c8ef5a4
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/16/2020 03:04:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1048,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/16/2020 01:57:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1208,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/16/2020 12:13:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4092,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/16/2020 10:08:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9564,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (06/17/2020 09:07:31 AM) (Source: APPHOSTSVC) (EventID: 9010) (User: )
Description: The Application Host Helper Service encountered an error trying to access the root history directory 'C:\inetpub\history'.  The directory either doesn't exist or the permissions on it don't allow the history service to access it. The config history feature is disabled for now and will be re-enabled after the issue is resolved. To resolve this issue, please ensure that the directory exists and that the Administrators group have read and write access to it.  The data field contains the error number.

Error: (06/16/2020 07:22:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Antivirus Network Inspection Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (06/16/2020 04:42:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading

Error: (06/16/2020 04:42:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\JOHNDO~1\AppData\Local\Temp\ehdrv.sys

Error: (06/16/2020 04:42:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading

Error: (06/16/2020 04:42:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\JOHNDO~1\AppData\Local\Temp\ehdrv.sys

Error: (06/16/2020 04:42:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading

Error: (06/16/2020 04:42:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\JOHNDO~1\AppData\Local\Temp\ehdrv.sys


Windows Defender:
===================================
Date: 2020-06-12 15:58:21.969
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A3B7BFF7-6F5A-4B8A-80A0-04729F54B4A4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-06-05 12:54:10.149
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {78658B59-F668-4AEF-AFCF-C464ED6B92BB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-06-01 16:23:14.823
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D058DE47-059B-4A36-96F3-798D8BB5B5C2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-05-18 08:50:06.635
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B113E0E8-BBFE-4693-B30D-1CDD58FBC3A1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-06-16 19:22:09.872
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x8007041d
Popis chyby: The service did not respond to the start or control request in a timely fashion. 
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení.

CodeIntegrity:
===================================

Date: 2020-06-17 09:34:04.765
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 09:34:04.741
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 09:34:04.710
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 09:34:04.391
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 09:34:04.384
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 09:34:04.371
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 09:34:03.141
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-17 09:34:02.727
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: LENOVO 5DCN40WW(V2.07) 10/10/2012
Motherboard: LENOVO Product Name
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 12187.27 MB
Available physical RAM: 8364.51 MB
Total Virtual: 12955.27 MB
Available Virtual: 8628.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.76 GB) (Free:21.61 GB) NTFS
Drive d: (Bay_HDD) (Fixed) (Total:698.63 GB) (Free:698.5 GB) NTFS
Drive e: (SYSTEM_DRV) (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (In_HDD) (Fixed) (Total:911.78 GB) (Free:106.44 GB) NTFS

\\?\Volume{4d32119f-9071-4f3a-bad0-41d1991b3485}\ () (Fixed) (Total:0.81 GB) (Free:0.28 GB) NTFS
\\?\Volume{4848365a-8f5a-4182-8762-a8e700a2654b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: F28F4C25)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: AC763D1E)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=911.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.5 GB) - (Type=12)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 5E967967)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================