poslední dobou mě trápí velice časté zamrzávaní notebooku a od dnešního dne také neustále vyskakující okénko: userinit.exe přestal pracovat.
Byl bych tedy velice rád kdyby jsme na to společně koukli a něco s tím udělali.
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Aiko Kasumi (administrator) on AIKOKASUMI (02-04-2019 11:20:22)
Running from C:\Users\Aiko Kasumi\Downloads
Loaded Profiles: Aiko Kasumi (Available Profiles: Aiko Kasumi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Razer USA Ltd. -> Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
() [File not signed] C:\Users\Aiko Kasumi\AppData\Local\Temp\userinit.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-2708306715-2691450848-3124592038-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-12-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2708306715-2691450848-3124592038-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-2708306715-2691450848-3124592038-1000\...\MountPoints2: G - G:\Lenovo_Suite.exe
HKU\S-1-5-21-2708306715-2691450848-3124592038-1000\...\MountPoints2: {02f9e162-d347-11e6-bdf3-742f68367682} - H:\GHMenu.exe
HKU\S-1-5-21-2708306715-2691450848-3124592038-1000\...\MountPoints2: {02f9e165-d347-11e6-bdf3-742f68367682} - J:\setup.exe
HKU\S-1-5-21-2708306715-2691450848-3124592038-1000\...\MountPoints2: {fa21ab07-ddbb-11e6-9499-d9ebe34b1068} - H:\Lenovo_Suite.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-21] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{29DDBF8A-FA66-418F-A64D-3BD79C55C75F}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{29DDBF8A-FA66-418F-A64D-3BD79C55C75F}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7901EDEB-EEDB-4277-9805-AFB2BD5DC7A7}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\S-1-5-21-2708306715-2691450848-3124592038-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-07] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Aiko Kasumi\AppData\Roaming\AMozilla\AFirefox\Profiles\la5u1vej.default [2019-01-21] <==== ATTENTION
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default [2019-04-02]
CHR Extension: (Prezentace) - C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (BetterTTV) - C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-12-14]
CHR Extension: (Dokumenty) - C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-02]
CHR Extension: (YouTube) - C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-02]
CHR Extension: (Tabulky) - C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (AdBlock) - C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-02]
CHR Extension: (Chrome Media Router) - C:\Users\Aiko Kasumi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-29]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2017-12-10] (BattlEye Innovations e.K. -> )
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd -> Disc Soft Ltd)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-10-26] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
S4 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1733408 2018-06-18] (O&O Software GmbH -> O&O Software GmbH)
S4 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [342776 2018-12-21] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] (Razer USA Ltd. -> )
S4 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer USA Ltd. -> Razer Inc.)
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer USA Ltd. -> Razer Inc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S4 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S4 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aow_drv; C:\Program Files\TxGameAssistant\UI\aow_drv_x64.sys [858672 2018-12-23] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-01-05] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-01-05] (Disc Soft Ltd -> Disc Soft Ltd)
R3 FLxHCIc; C:\Windows\System32\DRIVERS\FLxHCIc.sys [302592 2011-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Fresco Logic)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [81920 2011-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Fresco Logic)
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [14136 2014-08-06] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2016-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R2 LdBoxDrv; C:\Program Files\dnplayerext2\LdBoxDrv.sys [281760 2018-09-09] (上海畅指网络科技有限公司 -> Oracle Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [58816 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer Inc. -> Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer Inc. -> Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
S3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [27064 2017-01-30] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-02 11:20 - 2019-04-02 11:22 - 000015137 _____ C:\Users\Aiko Kasumi\Downloads\FRST.txt
2019-04-02 11:19 - 2019-04-02 11:20 - 000000000 ____D C:\FRST
2019-04-02 11:11 - 2019-04-02 11:11 - 001222144 _____ C:\Users\Aiko Kasumi\Downloads\RSITx64.exe
2019-04-02 11:10 - 2019-04-02 11:10 - 002434048 _____ (Farbar) C:\Users\Aiko Kasumi\Downloads\FRST64.exe
2019-04-02 11:10 - 2019-04-02 11:10 - 002434048 _____ (Farbar) C:\Users\Aiko Kasumi\Downloads\FRST64 (1).exe
2019-04-02 11:04 - 2019-04-02 11:12 - 000000000 ____D C:\Users\Aiko Kasumi\AppData\Roaming\WinThruster
2019-04-02 11:02 - 2019-04-02 11:03 - 003136888 _____ (Solvusoft ) C:\Users\Aiko Kasumi\Downloads\Setup_WinThruster_2019.exe
2019-04-02 10:57 - 2019-04-02 10:57 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-02 10:57 - 2019-04-02 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-02 10:57 - 2019-04-02 10:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-02 10:57 - 2019-04-02 10:57 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-02 10:57 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-04-02 10:56 - 2019-04-02 10:57 - 062550776 _____ (Malwarebytes ) C:\Users\Aiko Kasumi\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.9950.exe
2019-04-02 10:26 - 2019-04-02 10:26 - 000000000 ____D C:\Users\Aiko Kasumi\AppData\LocalLow\ERStudios
2019-04-02 09:44 - 2019-04-02 09:44 - 000003508 _____ C:\Windows\System32\Tasks\mkQvoOcyxnbrTjJ
2019-03-31 22:35 - 2019-03-31 22:35 - 000015844 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Forgiveness_2019_.torrent
2019-03-31 19:31 - 2019-03-31 19:31 - 000036009 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]St_Agatha_2018_EN_1080pLQ_.torrent
2019-03-29 23:37 - 2019-03-29 23:37 - 000005412 _____ C:\Users\Aiko Kasumi\Desktop\clickerHeroSave.txt
2019-03-29 15:15 - 2019-03-29 15:15 - 000001868 _____ C:\Users\Public\Desktop\Outlast 2.lnk
2019-03-25 19:04 - 2019-03-25 19:04 - 000013086 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]1406_2019_.torrent
2019-03-25 19:02 - 2019-03-25 19:02 - 000007006 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]RollerCoaster_Tycoon_Adventures_2019_.torrent
2019-03-22 23:44 - 2019-03-22 23:44 - 000029198 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Outlast_2_2017_.torrent
2019-03-22 23:43 - 2019-03-22 23:43 - 000015418 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Outlast_DLC_Whistleblower_2013_2014_CZ_.torrent
2019-03-22 16:11 - 2019-03-22 16:11 - 000050112 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Ctihodny_obcan_Law_Abiding_Citizen_2009_CZ_EN_1080pHD_.torrent
2019-03-19 19:36 - 2019-03-19 19:36 - 000022447 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Bumblebee_2018_EN_WebRip_720pHD_.torrent
2019-03-17 11:58 - 2019-03-23 14:46 - 000000000 ____D C:\Program Files (x86)\OutlastOutlast
2019-03-17 11:57 - 2019-03-17 11:57 - 000001783 _____ C:\Users\Aiko Kasumi\Desktop\Slender - The Arrival v1.0.lnk
2019-03-17 11:48 - 2019-03-17 11:49 - 000000000 ____D C:\Users\Aiko Kasumi\Desktop\recepty
2019-03-16 21:53 - 2019-03-16 21:53 - 000041328 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Pouta_valky_Taegeugki_hwinalrimyeo_2004_KOR_720pHD_.torrent
2019-03-16 17:01 - 2019-03-16 17:01 - 000017674 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Phantasmagoria_1995_.torrent
2019-03-16 16:59 - 2019-03-16 16:59 - 000014623 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Layers_of_Fear_2016_CZ_.torrent
2019-03-16 16:58 - 2019-03-16 16:58 - 000014823 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Slenderman_The_Arrival_2013_.torrent
2019-03-16 16:52 - 2019-03-16 16:52 - 000015332 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Outlast_2013_.torrent
2019-03-16 16:15 - 2019-03-16 16:15 - 000000000 ____D C:\Users\Aiko Kasumi\AppData\LocalLow\JessDocBeau
2019-03-16 15:51 - 2019-03-16 15:51 - 000000000 ____D C:\Users\Aiko Kasumi\AppData\LocalLow\BTF
2019-03-16 12:52 - 2019-03-16 12:52 - 000002628 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Paratopic_2018_.torrent
2019-03-16 12:50 - 2019-03-16 12:50 - 000013856 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Truberbrook_v_1_10_2019_CZ_.torrent
2019-03-15 15:26 - 2019-03-15 15:27 - 005169561 _____ C:\Users\Aiko Kasumi\Downloads\Terrorist attack on Muslims at a Mosque in New zealand.mp4
2019-03-14 18:10 - 2019-03-14 18:10 - 017214081 _____ C:\Users\Aiko Kasumi\Desktop\LoL Logs.zip
2019-03-14 18:05 - 2019-03-14 18:05 - 069902336 _____ C:\Users\Aiko Kasumi\Downloads\Hextech Repair Tool.msi
2019-03-14 11:33 - 2019-03-14 11:33 - 000034274 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Aquaman_2018_EN_720pHD_.torrent
2019-03-10 19:28 - 2019-03-10 19:28 - 000000000 ____D C:\Users\Aiko Kasumi\AppData\LocalLow\2 Zombie Games
2019-03-10 19:27 - 2019-03-10 19:27 - 000001019 _____ C:\Users\Aiko Kasumi\Desktop\Quest Hunter.lnk
2019-03-10 19:27 - 2019-03-10 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quest Hunter
2019-03-10 19:26 - 2019-03-10 19:27 - 000000000 ____D C:\Program Files (x86)\Quest Hunter
2019-03-10 18:47 - 2019-03-10 18:47 - 000005155 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Quest_Hunter_2019_.torrent
2019-03-10 14:47 - 2019-03-10 14:47 - 000041776 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Fantasticka_zvirata_a_kde_je_najit_Fantastic_Beasts_and_Where_to_Find_Them_2016_CZ_EN_SK_HEVC_1080pHD_.torrent
2019-03-05 15:07 - 2019-03-05 15:07 - 000028448 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Insidious_3_Pocatek_Insidious_3_2015_CZ_EN_720pHD_.torrent
2019-03-05 15:07 - 2019-03-05 15:07 - 000028275 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Insidious_Posledni_klic_Insidious_The_Last_Key_2018_CZ_EN_720pHD_.torrent
2019-03-05 15:07 - 2019-03-05 15:07 - 000020213 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Insidious_2010_CZ_EN_720pHD_.torrent
2019-03-05 15:07 - 2019-03-05 15:07 - 000012053 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Insidious_2_Insidious_Chapter_2_2013_720pHD_.torrent
2019-03-05 02:55 - 2019-03-05 02:55 - 000014066 _____ C:\Users\Aiko Kasumi\Downloads\[CzT]Ghost_Stories_2017_.torrent
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-02 11:22 - 2019-02-03 16:07 - 000000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2019-04-02 11:22 - 2009-07-14 06:45 - 000014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-02 11:22 - 2009-07-14 06:45 - 000014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-02 11:21 - 2009-07-14 17:18 - 000669976 _____ C:\Windows\system32\perfh005.dat
2019-04-02 11:21 - 2009-07-14 17:18 - 000142562 _____ C:\Windows\system32\perfc005.dat
2019-04-02 11:21 - 2009-07-14 07:13 - 001588076 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-02 11:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-04-02 11:15 - 2016-12-02 18:41 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-02 11:15 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-02 11:12 - 2016-12-06 00:31 - 000000000 ____D C:\Windows\pss
2019-04-02 11:12 - 2016-12-02 17:54 - 000000000 ____D C:\Windows\Panther
2019-04-02 11:05 - 2016-12-05 12:06 - 000000000 ____D C:\Users\Aiko Kasumi\AppData\Roaming\uTorrent
2019-04-02 10:33 - 2016-12-02 18:44 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-01 10:22 - 2016-12-05 20:13 - 000000000 ____D C:\Users\Aiko Kasumi\AppData\Roaming\MPC-HC
2019-03-31 22:38 - 2016-12-06 17:03 - 000000000 ____D C:\Users\Aiko Kasumi\AppData\Local\CrashDumps
2019-03-29 15:19 - 2016-12-25 17:04 - 000000000 ____D C:\Users\Aiko Kasumi\Documents\My Games
2019-03-29 15:15 - 2018-02-17 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-03-29 14:24 - 2018-02-17 19:38 - 000000000 ____D C:\GOG Games
2019-03-28 07:28 - 2016-12-02 18:25 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 07:28 - 2016-12-02 18:25 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-26 15:16 - 2016-12-02 21:57 - 000000000 ____D C:\Users\Aiko Kasumi\AppData\Local\ElevatedDiagnostics
2019-03-21 09:42 - 2016-12-02 18:26 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-17 11:57 - 2016-12-26 21:12 - 000000000 ____D C:\Windows\SysWOW64\directx
2019-03-17 11:55 - 2017-01-29 23:13 - 000000000 ____D C:\Games
2019-03-11 09:21 - 2016-12-04 23:46 - 000003379 _____ C:\Users\Aiko Kasumi\Desktop\Nový textový dokument.txt
2019-03-07 10:30 - 2016-12-14 16:50 - 000000000 ____D C:\Users\Aiko Kasumi\Desktop\Nová složka
==================== Files in the root of some directories =======
2018-09-09 23:07 - 2018-09-09 23:07 - 000000068 _____ () C:\Users\Aiko Kasumi\AppData\Roaming\changzhi_leidian.data
2019-01-20 14:15 - 2018-08-07 01:55 - 011924306 _____ (InstallShield Software Corporation) C:\Users\Aiko Kasumi\AppData\Roaming\pinnacle-setup.exe
2017-03-17 15:32 - 2017-03-17 15:32 - 000000099 _____ () C:\Users\Aiko Kasumi\AppData\Local\fusioncache.dat
2018-01-18 20:58 - 2018-01-18 20:58 - 000000000 ___SH () C:\Users\Aiko Kasumi\AppData\Local\LumaEmu
2018-09-29 06:13 - 2018-09-29 06:13 - 000000000 _____ () C:\Users\Aiko Kasumi\AppData\Local\oobelibMkey.log
2018-03-17 11:42 - 2018-03-17 11:42 - 000000218 _____ () C:\Users\Aiko Kasumi\AppData\Local\recently-used.xbel
2017-07-11 12:15 - 2019-02-13 18:09 - 000007596 _____ () C:\Users\Aiko Kasumi\AppData\Local\Resmon.ResmonCfg
2018-11-09 17:28 - 2018-11-09 17:28 - 000000000 _____ () C:\Users\Aiko Kasumi\AppData\Local\{2E446900-3029-49EA-8FCB-1A8DF8B141C6}
Some files in TEMP:
====================
2019-03-31 22:31 - 2019-03-16 17:49 - 000099911 _____ () C:\Users\Aiko Kasumi\AppData\Local\Temp\Uninstall.exe
2019-03-23 22:19 - 2019-04-02 09:44 - 189819392 __RSH () C:\Users\Aiko Kasumi\AppData\Local\Temp\userinit.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-03-24 16:09
==================== End of FRST.txt ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Aiko Kasumi (02-04-2019 11:23:21)
Running from C:\Users\Aiko Kasumi\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2016-12-02 16:03:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2708306715-2691450848-3124592038-500 - Administrator - Disabled)
Aiko Kasumi (S-1-5-21-2708306715-2691450848-3124592038-1000 - Administrator - Enabled) => C:\Users\Aiko Kasumi
ASPNET (S-1-5-21-2708306715-2691450848-3124592038-1002 - Limited - Enabled)
Guest (S-1-5-21-2708306715-2691450848-3124592038-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2708306715-2691450848-3124592038-1004 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cok Free Auto Clicker 2.0 (HKLM-x32\...\Cok Free Auto Clicker_is1) (Version: 2.0 - Cok Software)
CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Discord (HKU\S-1-5-21-2708306715-2691450848-3124592038-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fresco Logic USB3.0 Host Controller (HKLM\...\{7D9A89FA-0F41-464B-938B-EE4F98D46386}) (Version: 3.0.116.3 - Fresco Logic Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Guitar Hero III (HKLM-x32\...\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}) (Version: 1.3 - Aspyr)
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.91 - Riot Games, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{323BFF40-F953-44E2-9F40-097CC99BE198}) (Version: 21.2.2011 - O&O Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
osu! (HKLM-x32\...\{aad170ae-9abc-4934-b63c-6e7385d0715e}) (Version: latest - ppy Pty Ltd)
Outlast 2 (HKLM-x32\...\1453301453_is1) (Version: gog-1 - GOG.com)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.2 - Power Software Ltd)
Project Warlock (HKLM-x32\...\1459073823_is1) (Version: 0.9.9.8 - GOG.com)
Quest Hunter (HKLM-x32\...\Quest Hunter_is1) (Version: - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.6.8.66 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.26 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
Tencent Gaming Buddy (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
The Sims 4 StrangerVille (HKLM-x32\...\The Sims 4 StrangerVille_is1) (Version: - )
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2018-06-18] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2018-06-18] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-03-13] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2018-06-18] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1C982B32-4BC6-4329-969F-207E92FABF14} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2862C8DB-5948-40F9-A8E5-03225CE18951} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2A5E5790-9B9C-4B5C-A4E8-5DD2B5319654} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK Computer Inc. -> ASUS)
Task: {3123D0E0-1183-402D-845B-CC9869B510D1} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {37A46CCA-13CC-4CAE-BB6C-AD3C3ABAC986} - System32\Tasks\mkQvoOcyxnbrTjJ => C:\Users\Aiko Kasumi\AppData\Local\Temp\userinit.exe () [File not signed] <==== ATTENTION
Task: {3DB43078-B4D7-4A65-94BB-FE4B6DC639CF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A3D61BF-223B-4D55-BD1E-E656B91C430B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C5A30BC-61EC-4FCD-9C33-329544690290} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7149BC2B-B769-4ED6-97A8-5BA2C63E3AD2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {9A7E5651-BFD6-4A50-AFC4-BF41F55840C9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B9CA3CB-5B31-4FC6-9915-44C3E69B2AEE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {9EA40E7A-F339-4F9A-B574-0BE2FCB9F4E7} - System32\Tasks\{F8B4C68D-96B3-4395-A1F4-FA8BAD6415DB} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {A51FD312-BAE7-468C-9071-33BF9FC81AE1} - System32\Tasks\{362C2B2C-6063-4204-A801-C6FB32597919} => C:\Windows\system32\pcalua.exe -a "C:\Users\Aiko Kasumi\Downloads\LeagueofLegends_EUNE_Installer_2016_11_10.exe" -d C:\Windows\SysWOW64 -c /groupsextract:100;101;102; /out:"C:\Users\Aiko Kasumi\AppData\Roaming\Riot Games\League of Legends\prerequisites" /callbackid:1432
Task: {CDDEBC17-799C-4B8A-9A37-ADA113E00325} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {CF516321-C8C8-4E9F-8955-45BF2947AB58} - System32\Tasks\AdobeGCInvoker-1.0-AikoKasumi-PC-Aiko Kasumi => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {D0A814B3-6771-4A53-B431-E0990EECD631} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D4E3017F-489F-480A-B026-3C4FCE342597} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D51D3D96-FD67-416D-9034-75CAB2A8C5CB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E0656577-5D43-42E5-8A3A-97DDFFEC2457} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E99E3314-B965-44D8-89FC-BAE15B073EEC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {E9DCBE9F-39AB-40CB-9EF0-4813E4BEB615} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2011-03-13 11:58 - 2011-03-13 11:58 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2011-03-13 11:59 - 2011-03-13 11:59 - 000425632 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2011-03-13 11:58 - 2011-03-13 11:58 - 000181408 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll
2011-03-13 11:59 - 2011-03-13 11:59 - 002233504 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2016-12-02 19:06 - 2016-12-02 19:06 - 001655296 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8444db7d32915e4c\MFC80U.DLL
2016-12-02 19:06 - 2016-12-02 19:06 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8a1a02152edb659b\ATL80.DLL
2019-03-23 22:19 - 2019-04-02 09:44 - 189819392 __RSH () [File not signed] C:\Users\Aiko Kasumi\AppData\Local\Temp\userinit.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-01-02 09:57 - 000000829 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: %CommonProgramFiles%\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2708306715-2691450848-3124592038-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Aiko Kasumi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NvContainerLocalSystem => 3
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: OODefragAgent => 2
MSCONFIG\Services: PinnacleUpdateSvc => 2
MSCONFIG\Services: QMEmulatorService => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: RzKLService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: WTabletServiceCon => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Aiko Kasumi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Aiko Kasumi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Twitch.lnk => C:\Windows\pss\Twitch.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\Aiko Kasumi\AppData\Local\Discord\app-0.0.298\Discord.exe
MSCONFIG\startupreg: firefox => "C:\Program Files (x86)\Common Files\Farley\update.exe" about:robots
MSCONFIG\startupreg: FLxHCIm => "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Unified Remote V3 => "C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8929A0A7-C244-4867-A224-7AA421F4C443}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EEDFE808-57BB-4231-9562-CD314E578CC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A7917F60-BB26-4911-9780-576CF7059CC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2323F989-C2F9-4283-BBC8-D6DB24C0E215}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1FBE97A8-1806-47B7-8F49-9C74DFE55B3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{59A1759E-01ED-4AD8-8EB0-A88A452436C5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CCCEAFAD-2720-406E-826E-24088285F255}] => (Allow) C:\Users\Aiko Kasumi\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{335389A1-B2C1-4AE5-9022-FA155364D369}] => (Allow) C:\Users\Aiko Kasumi\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{84273E0D-4AB9-4D7B-95E8-65BED3EB1D6F}] => (Allow) C:\Program Files (x86)\osu!\osu!.exe (Dean Herbert -> ppy)
FirewallRules: [{F9B8141D-B830-4B5B-B988-7A9785907129}] => (Allow) C:\Program Files (x86)\osu!\osu!.exe (Dean Herbert -> ppy)
FirewallRules: [{4668536C-4D5D-41EE-9697-6329D155958B}] => (Allow) C:\Program Files (x86)\osu!\osu!.exe (Dean Herbert -> ppy)
FirewallRules: [{CB9AE8AB-0863-44A8-84EC-F002CA91DD5B}] => (Allow) C:\Program Files (x86)\osu!\osu!.exe (Dean Herbert -> ppy)
FirewallRules: [TCP Query User{9893A5E3-309E-4B4F-B7B9-2D7F422CD9B3}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [File not signed]
FirewallRules: [UDP Query User{13212B5C-B174-4573-83A2-21654DC15E74}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe () [File not signed]
FirewallRules: [{A4B8000C-57AA-4B6A-9F72-F7E3D35E273C}] => (Allow) C:\MyGames\Revelation Online\game\tianyu.exe (NetEase(Hangzhou) Network Co. Ltd. -> Mail.Ru Group + Netease Games)
FirewallRules: [{6AD67279-E7C9-4E95-83DD-ADBB491E7C1C}] => (Allow) C:\MyGames\Revelation Online\game\tianyu.exe (NetEase(Hangzhou) Network Co. Ltd. -> Mail.Ru Group + Netease Games)
FirewallRules: [TCP Query User{AECFB27F-2705-475F-8339-775BC87FC8D5}C:\program files (x86)\java\jre1.8.0_144\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\jp2launcher.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{2BCEF0E7-78CA-410A-A0FA-779EBE946E55}C:\program files (x86)\java\jre1.8.0_144\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\jp2launcher.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [TCP Query User{BBF08B40-3462-436A-8E09-BDA5B83ADB9D}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{54726A22-78C3-4722-B74B-14FFFB7CDC17}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{0A8AADB2-9E07-4217-A002-DE17ACC17741}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{2855F6CA-81C1-4E97-B912-5AD55C5074C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{8A4C703B-60DA-4EC4-9730-880EB3242B9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [{3AB9A067-0A85-4729-9DCD-3D7B3CA02068}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [{3B8B1CBF-859C-4BD9-A475-1939CE62BEF9}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{F129C7EF-01E6-4387-972C-AFF70FD040A1}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{FC290650-A11B-4594-AB01-1C2412CD671E}] => (Allow) C:\Users\Aiko Kasumi\Desktop\wow dalaran\World of Warcraft Client 3.3.5a - Ready to Play\Wow.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{B03F1BFD-1293-4CE8-9353-A033199DA783}] => (Allow) C:\Users\Aiko Kasumi\Desktop\wow dalaran\World of Warcraft Client 3.3.5a - Ready to Play\Wow.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{56AB5AD4-18FD-4E9E-894B-8DEBF606021F}] => (Allow) C:\Users\Aiko Kasumi\Desktop\wow dalaran\World of Warcraft Client 3.3.5a - Ready to Play\Wow.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{BDC92DE1-413E-4BA7-8DC2-F920055D919A}] => (Allow) C:\Users\Aiko Kasumi\Desktop\wow dalaran\World of Warcraft Client 3.3.5a - Ready to Play\Wow.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{0C4E9376-E2A5-4D2A-9557-2E25D8E65E4A}] => (Allow) C:\Users\Aiko Kasumi\Desktop\wow dalaran\World of Warcraft Client 3.3.5a - Ready to Play\Launcher.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{FEE35887-FC69-4126-B830-034F6D955D4E}] => (Allow) C:\Users\Aiko Kasumi\Desktop\wow dalaran\World of Warcraft Client 3.3.5a - Ready to Play\Launcher.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E064846A-8564-4A4E-ADF2-D55CC622B77D}] => (Allow) C:\Users\Aiko Kasumi\Desktop\wow dalaran\World of Warcraft Client 3.3.5a - Ready to Play\Launcher.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{C056BCD2-CA4F-49CB-B2B7-04D759F289E1}] => (Allow) C:\Users\Aiko Kasumi\Desktop\wow dalaran\World of Warcraft Client 3.3.5a - Ready to Play\Launcher.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D02390C6-B281-433A-8712-19191C28215D}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{0DA8F169-2D3E-49BE-A0A8-0371F3DFBD42}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{CB3AF891-169B-46B9-BE12-F355B00A0868}] => (Allow) C:\Users\Aiko Kasumi\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{3DEC91B9-ED4F-44D4-AC6D-7CE438168196}] => (Allow) C:\Users\Aiko Kasumi\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{C173AF9B-6577-4826-B47F-AE8C692DE329}] => (Allow) C:\Users\Aiko Kasumi\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{27EBFDAF-6350-4D78-B2F3-330E8BEB2341}] => (Allow) C:\Users\Aiko Kasumi\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{1EC7A202-9391-4B42-BE62-0A79D9DD43BA}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{2110CE3E-8A7B-4617-98FC-61E4FA72F42E}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{0EB3DC74-F1E0-4380-8831-6F4CC78B9BDA}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{616AE2BB-1131-4FD3-90FD-1AA168CD62FB}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{11829E7C-AB53-4359-9361-1459B679D57D}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A548E985-2531-460F-A53C-54F0264F6379}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{94DA2763-94D2-4BF1-BB36-A63C6ED695E0}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{CE60D000-0216-470E-B91F-63B8EA172784}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe () [File not signed]
FirewallRules: [{460AFB3C-4C87-4792-A0D3-0708AABCD742}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{6D24009F-4079-4496-A27F-451030B63861}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{A58DAE36-E327-4930-AA57-4358BF7623E3}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{9E31BF70-0CD8-4791-BC09-F796E821E5CE}C:\program files\dnplayerext2\ldboxheadless.exe] => (Allow) C:\program files\dnplayerext2\ldboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [UDP Query User{E8ACD9AB-52D5-43B0-B1DB-59A9B197023B}C:\program files\dnplayerext2\ldboxheadless.exe] => (Allow) C:\program files\dnplayerext2\ldboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [{487F07B6-1D83-48DD-AE13-16ED4053E113}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{563BF0B9-C020-4763-9127-7E789E377F91}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe () [File not signed]
FirewallRules: [{BC9D734A-2386-455C-B74F-1BB8E1505424}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{7B5BC5E7-4E55-409A-9623-DF381C8FDACF}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{1A16D95A-7260-401B-AAB8-4FA3EE41F815}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{55BFF61F-B9FC-426C-9A65-9600298BD65B}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{E7351EBF-64F0-411E-B16F-0958DD02793B}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe () [File not signed]
FirewallRules: [{EFCEBFAC-666A-4BFA-9314-6BED964DCA63}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{7E3006AC-9980-4CD4-84AB-CDFDE66F9473}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{3D72FD66-8A12-45A9-9CD3-9D05B2098506}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{811FACCD-21C0-430B-BE56-C63839A1E763}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{C697C493-9A75-44C5-8FF6-A47A70A4BB2E}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe () [File not signed]
FirewallRules: [{48BD7B6C-FD5D-4C8F-891F-2DCF42758D31}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{925CDF3B-70D0-4570-826E-A78AD75B41CE}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{0F1AF45B-CF7E-4C5E-B47B-EA7D157F82E8}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{2EA2ABAB-B677-4FBF-AF1E-9898484C0ADF}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe (Aspyr Media, Inc.) [File not signed]
FirewallRules: [UDP Query User{8E002584-96DB-4789-B8E8-68B6CDA5C3A0}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe (Aspyr Media, Inc.) [File not signed]
FirewallRules: [{5E604AF2-DB38-4B7F-941D-B64FABB4D6B7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FEB8C6AE-A40F-4C14-A1BE-466FEA5BBDD0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A609A6F0-4F66-4E23-822C-D478AAEDE2F6}] => (Allow) C:\Program Files\Common Files\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6BD8EEE-BFB1-4F69-9B47-C1A5809F244C}] => (Allow) C:\Program Files\Common Files\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C1862D7A-8315-4884-9D41-7BE61442528A}] => (Allow) C:\Program Files\Common Files\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1FBF82A3-D80B-49D8-AF5C-C25F255CB0EF}] => (Allow) C:\Program Files\Common Files\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F1E56DEE-6AEF-4FF0-BDE4-1564A6BF012A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5D6EE2B5-FDB6-4350-AA4C-C7AB57AE6A1E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{903C1810-670D-4E67-A351-FBEB11FF31B2}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{555FCB19-5761-4402-B2C7-B5AD3E0B33DC}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe () [File not signed]
FirewallRules: [{E0B76110-EDE0-407B-8D16-C62E44C903D6}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{5D33FC8F-0AEA-46CF-8841-51040F61023A}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{75DA9D12-4CC6-4EE5-B3FB-A8719E6ED92A}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{7CA33AA2-4F4B-4979-A110-923D22E86C4C}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{FBEE047F-09F4-4FA0-984A-408EEABD8961}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B9EC57A8-81C6-4C58-B77C-7F74ACB5A576}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{C00267EA-F854-4FC6-AF72-14ECD577AE1B}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B552B36A-738C-4D27-AD2A-65DF95C5385D}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{ED19E4A2-2145-4F66-9F09-EB25A40F747A}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{B10A2085-762D-43B1-8448-309E542CF487}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3062C4C8-E06E-453B-8787-DDED7030D79C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{39ECF0A8-FA5E-47B6-AF0B-BA5EFA7CF46A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D1D01E0D-DF2B-42AF-8067-95C0B57A0422}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{171575CE-B52F-4278-9C7E-6E009F2CFC1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2EC97555-E222-454D-9170-CE1341ABB84A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F88E8CFF-9483-416D-8DA2-144D1FD89C35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{CAD18B38-5322-4790-B0FD-09EC3745726C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{43C474C2-22CA-4C95-95FE-D91A08F7DBDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [{F763B424-C144-45CA-A551-D5CA38584568}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [{8D890896-7086-434A-965D-16C5893810CA}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{DE7A4B62-30FA-4C1D-9A80-69540688E839}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{91752F82-C097-4738-8CEB-0EC93845DB2C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{2FE5ED0A-B089-4D00-8E81-739B962A5363}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.192\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{B350CA7E-97C1-4436-89AF-0911B70064D2}C:\program files (x86)\truberbrook\truberbrook.exe] => (Allow) C:\program files (x86)\truberbrook\truberbrook.exe No File
FirewallRules: [UDP Query User{E5AE7417-2239-44C5-A854-524678C7A74F}C:\program files (x86)\truberbrook\truberbrook.exe] => (Allow) C:\program files (x86)\truberbrook\truberbrook.exe No File
FirewallRules: [TCP Query User{52504821-7086-47A8-BAF7-920282449849}C:\program files (x86)\layers of fear\layers of fear cz\layers of fear.exe] => (Allow) C:\program files (x86)\layers of fear\layers of fear cz\layers of fear.exe No File
FirewallRules: [UDP Query User{9B42C790-8B18-4594-A2EB-54668E1E7D74}C:\program files (x86)\layers of fear\layers of fear cz\layers of fear.exe] => (Allow) C:\program files (x86)\layers of fear\layers of fear cz\layers of fear.exe No File
FirewallRules: [TCP Query User{71820A9B-992C-41EB-837B-F3C8A87EEEF3}C:\program files (x86)\outlastoutlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\outlastoutlast\binaries\win64\olgame.exe No File
FirewallRules: [UDP Query User{9352D8F1-292C-4600-91F9-485C4A0B1C0F}C:\program files (x86)\outlastoutlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\outlastoutlast\binaries\win64\olgame.exe No File
FirewallRules: [TCP Query User{3E95B276-AF16-4CFD-9E01-753A4C6F7AE0}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{AF90AD10-5642-4FB0-B2A7-8B7466310444}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{C792CD70-CB0C-42C6-B0A5-80AD95775772}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{C0AF2E06-0384-4810-979A-899B047385F1}C:\program files (x86)\the sims 4 strangerville\game\bin\ts4_x64.exe] => (Block) C:\program files (x86)\the sims 4 strangerville\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{B23BF249-9F4A-42D4-ADD0-FA4D40A2D4E1}C:\program files (x86)\the sims 4 strangerville\game\bin\ts4_x64.exe] => (Block) C:\program files (x86)\the sims 4 strangerville\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{C67B27F0-1C2B-4DE7-97A5-3F8C0307DF4E}C:\program files (x86)\outlast + dlc whistleblower\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\outlast + dlc whistleblower\binaries\win64\olgame.exe No File
FirewallRules: [UDP Query User{405578DC-B18E-4E9B-AD9C-EA7688BE7BC8}C:\program files (x86)\outlast + dlc whistleblower\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\outlast + dlc whistleblower\binaries\win64\olgame.exe No File
FirewallRules: [TCP Query User{C0B64D5F-5129-4893-93E1-E5154CFA0942}C:\gog games\outlast 2\binaries\win64\outlast2.exe] => (Allow) C:\gog games\outlast 2\binaries\win64\outlast2.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{FA2EDB16-A03A-4412-92B1-DF31193E50F9}C:\gog games\outlast 2\binaries\win64\outlast2.exe] => (Allow) C:\gog games\outlast 2\binaries\win64\outlast2.exe (Red Barrels Inc.) [File not signed]
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Bluetooth Module
Description: Bluetooth Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/02/2019 11:21:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.
Error: (04/02/2019 11:21:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.
Error: (04/02/2019 11:21:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.
Error: (04/02/2019 11:21:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.
Error: (04/02/2019 11:21:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.
Error: (04/02/2019 11:21:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.
Error: (04/02/2019 11:21:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.
Error: (04/02/2019 11:21:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.
System errors:
=============
Error: (04/02/2019 11:15:13 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (04/02/2019 11:15:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (04/02/2019 10:48:06 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (04/02/2019 10:48:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (04/02/2019 09:54:48 AM) (Source: volsnap) (EventID: 25) (User: )
Description: Stínové kopie svazku C: byly smazány, protože úložiště stínové kopie nebylo možné včas zvětšit. Zvažte možnost snížení vstupně-výstupního zatížení systému nebo zvolte svazek úložiště stínové kopie, pro který není vytvářena stínová kopie.
Error: (04/02/2019 08:03:01 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Error: (04/02/2019 08:02:55 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Error: (04/01/2019 08:23:39 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.
Windows Defender:
===================================
Date: 2017-11-21 05:56:56.334
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{37DE9D11-87A5-4325-9EB2-93C941C49A38}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2017-03-06 08:15:18.380
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{89DB34E5-4280-46A5-924A-2F80202E4570}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2017-01-05 16:49:41.603
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=226763
Název:BrowserModifier:Win32/Sasquor
ID:226763
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\DAEMON Tools Lite\ElexLiteInstall.exe;process:pid:5716
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2018-06-19 01:49:16.048
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2017-01-05 16:49:56.278
Description:
Prohledávání Windows Defender zjistilo chybu při provádění akce u spywaru nebo jiného potenciálně nežádoucího softwaru.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=226763
Uživatel:AikoKasumi-PC\Aiko Kasumi
Název:BrowserModifier:Win32/Sasquor
ID:226763
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Cesta:
Akce:Odebrat
Kód chyby:0x80508023
Popis chyby:Programu se nepodařilo najít spyware ani jiný potenciálně nežádoucí software v tomto počítači.
Stav:
CodeIntegrity:
===================================
Date: 2018-08-30 04:08:32.184
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\TxGameAssistant\UI\AOW_DRV_X64_EV.SYS because the set of per-page image hashes could not be found on the system.
Date: 2018-08-30 04:08:32.173
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\TxGameAssistant\UI\AOW_DRV_X64_EV.SYS because the set of per-page image hashes could not be found on the system.
Date: 2018-08-30 04:08:32.158
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\TxGameAssistant\UI\AOW_DRV_X64_EV.SYS because the set of per-page image hashes could not be found on the system.
Date: 2018-08-30 04:08:29.439
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\TxGameAssistant\UI\AOW_DRV_X64_EV.SYS because the set of per-page image hashes could not be found on the system.
Date: 2018-08-30 04:08:29.428
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\TxGameAssistant\UI\AOW_DRV_X64_EV.SYS because the set of per-page image hashes could not be found on the system.
Date: 2018-08-30 04:08:29.404
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\TxGameAssistant\UI\AOW_DRV_X64_EV.SYS because the set of per-page image hashes could not be found on the system.
Date: 2018-08-30 04:08:28.324
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Temp\TxGameDownload\Component\UI\Setup\AOW_DRV_X64_EV.SYS because the set of per-page image hashes could not be found on the system.
Date: 2018-08-30 04:08:28.313
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Temp\TxGameDownload\Component\UI\Setup\AOW_DRV_X64_EV.SYS because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 89%
Total physical RAM: 4001.06 MB
Available physical RAM: 422.81 MB
Total Virtual: 8000.3 MB
Available Virtual: 2689.36 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:390.62 GB) (Free:50.4 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:540.89 GB) (Free:31.48 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 787FAE2B)
Partition 1: (Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Děkuji, Lukáš
Přispějete na provoz fóra?