VIRY.CZ

Dobrý den, chtěl jsem si aktivovat nový windows 10 pro, jenomže mi to nejde kvůli chybě 0x8007232B. prosím o pomoc

Zdravím!
Pokud máte legální kopii windows s platným aktivačním klíčem, postupujte podle tohoro návodu: https://websetnet.net/cs/k%C3%B3d-chyby ... eexistuje/ .

Děkují jinak snažil jsem se spustit NVidiaProfileInspectorDmW ale nepsalo mi to:
Informace o vyvolání ladění JIT najdete na konci této zprávy,
nikoli v tomto dialogovém okně.

************** Text výjimky **************
System.ArgumentOutOfRangeException: Index a délka musí odkazovat na umístění v rámci řetězce.
Název parametru: length
v System.String.Substring(Int32 startIndex, Int32 length)
v DmW.DmWcode.NewVersion()
v DmW.DmWcode.NewVersionDownload()
v nspector.frmDrvSettings.frmDrvSettings_Load(Object sender, EventArgs e)
v System.Windows.Forms.Form.OnLoad(EventArgs e)
v System.Windows.Forms.Form.OnCreateControl()
v System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
v System.Windows.Forms.Control.CreateControl()
v System.Windows.Forms.Control.WmShowWindow(Message& m)
v System.Windows.Forms.Control.WndProc(Message& m)
v System.Windows.Forms.Form.WmShowWindow(Message& m)
v nspector.frmDrvSettings.WndProc(Message& m)
v System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)


************** Načtená sestavení **************
mscorlib
Verze sestavení: 4.0.0.0
Verze Win32: 4.8.4121.0 built by: NET48REL1LAST_C
Základ kódu (CodeBase): file:///C:/Windows/Microsoft.NET/Framework64/v4.0.30319/mscorlib.dll
----------------------------------------
NVidiaProfileInspectorDmW
Verze sestavení: 3.5.0.0
Verze Win32: 3.5.0.0
Základ kódu (CodeBase): file:///D:/NVidiaProfileInspectorDmW/NVidiaProfileInspectorDmW.exe
----------------------------------------
System
Verze sestavení: 4.0.0.0
Verze Win32: 4.8.4001.0 built by: NET48REL1LAST_C
Základ kódu (CodeBase): file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Windows.Forms
Verze sestavení: 4.0.0.0
Verze Win32: 4.8.4121.0 built by: NET48REL1LAST_C
Základ kódu (CodeBase): file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
Verze sestavení: 4.0.0.0
Verze Win32: 4.8.3752.0 built by: NET48REL1
Základ kódu (CodeBase): file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Xml
Verze sestavení: 4.0.0.0
Verze Win32: 4.8.3752.0 built by: NET48REL1
Základ kódu (CodeBase): file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
System.Configuration
Verze sestavení: 4.0.0.0
Verze Win32: 4.8.3752.0 built by: NET48REL1
Základ kódu (CodeBase): file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Core
Verze sestavení: 4.0.0.0
Verze Win32: 4.8.4121.0 built by: NET48REL1LAST_C
Základ kódu (CodeBase): file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
Microsoft.GeneratedCode
Verze sestavení: 1.0.0.0
Verze Win32: 4.8.3752.0 built by: NET48REL1
Základ kódu (CodeBase): file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
AutoClosingMessageBox
Verze sestavení: 1.0.0.2
Verze Win32: 1.0.0.2
Základ kódu (CodeBase): file:///D:/NVidiaProfileInspectorDmW/AutoClosingMessageBox.DLL
----------------------------------------
System.Windows.Forms.resources
Verze sestavení: 4.0.0.0
Verze Win32: 4.8.3752.0 built by: NET48REL1
Základ kódu (CodeBase): file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms.resources/v4.0_4.0.0.0_cs_b77a5c561934e089/System.Windows.Forms.resources.dll
----------------------------------------
System.resources
Verze sestavení: 4.0.0.0
Verze Win32: 4.8.3752.0 built by: NET48REL1
Základ kódu (CodeBase): file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.resources/v4.0_4.0.0.0_cs_b77a5c561934e089/System.resources.dll
----------------------------------------
mscorlib.resources
Verze sestavení: 4.0.0.0
Verze Win32: 4.8.3752.0 built by: NET48REL1
Základ kódu (CodeBase): file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/mscorlib.resources/v4.0_4.0.0.0_cs_b77a5c561934e089/mscorlib.resources.dll
----------------------------------------

************** Ladění JIT **************
Aby bylo povoleno ladění JIT, musí konfigurační soubor
pro tuto aplikaci nebo počítač (machine.config) mít
v oddílu system.windows.forms nastavenou hodnotu njitDebugging.
Aplikace rovněž musí být kompilována s povoleným
laděním.

Příklad:

<configuration>
<system.windows.forms jitDebugging="true" />
</configuration>

Je-li ladění JIT povoleno, budou všechny neošetřené výjimky
odeslány ladicímu programu JIT, který je registrován v počítači,
a nebudou zpracovány tímto dialogovým oknem.

Tohle je tak trochu mimo naše poslání. Jsme bezpečnostní fórum. Ale trochu jsem za vás googlil a našel toto: https://pc-help.cz/viewtopic.php?t=88798 .

Tam jsem teda vyčetl že s tím laděním nic nezmůžu ale děkuji jinak jsem si koupil key product a když dám nastavení>aktivace>zadám kod tak mi to napíše 0x800705b4 nevím co už mám dělat

Tak už to nakonec mám šel jsem podle videa .. díky moc

Mohu poprosit o kontrolu??
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Mimic (25-02-2021 16:24:28)
Running from D:\staženéé
Windows 10 Pro Version 1903 18362.778 (X64) (2019-10-16 07:52:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1235492812-2151765122-4279266773-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1235492812-2151765122-4279266773-503 - Limited - Disabled)
Guest (S-1-5-21-1235492812-2151765122-4279266773-501 - Limited - Disabled)
MALUS (S-1-5-21-1235492812-2151765122-4279266773-1003 - Limited - Disabled)
Mimic (S-1-5-21-1235492812-2151765122-4279266773-1002 - Administrator - Enabled) => C:\Users\Mimic
WDAGUtilityAccount (S-1-5-21-1235492812-2151765122-4279266773-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
Aktualizace NVIDIA 38.0.6.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.6.0 - NVIDIA Corporation) Hidden
Almastriga version build 0.001 (HKLM-x32\...\{03FB0452-F9DD-4F45-A8AC-14E5E7BEF6B1}_is1) (Version: build 0.001 - Taboolicious)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.10 - Kakao Games Europe B.V.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Gameforge Client (HKLM-x32\...\{d3b2a0c1-f0d0-4888-ae0b-1c5e1febdafb}_is1) (Version: 2.1.21.726 - Gameforge)
Gameforge Login MS2 (HKLM-x32\...\{703bd6d7-79c0-4005-8cd7-89522a05a546}_is1) (Version: 1.3.39 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
iCloud Outlook (HKLM\...\{A8C64C2A-BD34-464F-BA61-A969BA46FC2B}) (Version: 10.9.3.62 - Apple Inc.)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends PBE (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Riot Game league_of_legends.pbe) (Version: - Riot Games, Inc)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1235492812-2151765122-4279266773-500\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)
NirSoft WebBrowserPassView (HKLM-x32\...\NirSoft WebBrowserPassView) (Version: - )
NosTale (HKLM-x32\...\{dd4e22d6-00d1-44b9-8126-d8b40e0cd7c9}) (Version: - Gameforge)
NosTale (HKLM-x32\...\Nostale(CZ)_is1) (Version: - Gameforge 4D GmbH)
NosTale cs-CZ (HKLM-x32\...\{dd4e22d6-00d1-44b9-8126-d8b40e0cd7c9.cs-CZ}) (Version: - Gameforge)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Oh So Hero! (HKLM-x32\...\Oh So Hero!) (Version: 0.15.000 - Full Frontal Frog)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.)
Outbyte PC Repair (HKLM-x32\...\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1) (Version: 1.1.7.62798 - Outbyte Computing Pty Ltd)
Outlook Express Backup V6.5 (HKLM-x32\...\EditPlus Text Editor_is1) (Version: 4.60.2181.23 - GOM & Company)
Ovládací panel NVIDIA 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.40 - NVIDIA Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200616 - Kakao Corp.)
Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 9.8.7.18 - Bitsum)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Robin Morningwood Adventure The Whellcum's Secret version 0.5.2 (HKLM-x32\...\{0AC36B87-FA0B-4B60-9580-E9028F2A03A3}_is1) (Version: 0.5.2 - Grizzly Gamer)
Robin Morningwood Adventure version 1.9 (HKLM-x32\...\{90438DFC-FAF8-4125-8D8A-959003C55B2B}_is1) (Version: 1.9 - GrizzlyGamerStudio)
ScrSnap (HKLM-x32\...\ScrSnap) (Version: - ) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: - Electronic Arts, Inc.)
Twitch (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Web Companion (HKLM-x32\...\{a054d50b-9305-455d-965a-7b3b1db38c5b}) (Version: 7.0.2388.4219 - Lavasoft)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.200 - McAfee, LLC)
WeMod (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\WeMod) (Version: 6.2.16 - WeMod)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
World of Warcraft Classic PTR (HKLM-x32\...\World of Warcraft Classic PTR) (Version: - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-18] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-04] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-24] (Fitbit)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_10.9.62.0_x86__nzyj5cx40ttqa [2020-04-10] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa [2020-04-17] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.9.1.0_x64__nfy108tqq3p12 [2020-04-18] (Thumbmunkeys Ltd) [MS Ad]
PlayList Downloader from Youtube -> C:\Program Files\WindowsApps\299OMANSAK.PlayListDownloaderfromYoutube_1.5.5.0_x64__zratab4wdvxjg [2020-04-07] (OMANSAK) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-02-08] (Skype)
State of Decay 2 -> C:\Program Files\WindowsApps\Microsoft.Dayton_2.384.54.2_x64__8wekyb3d8bbwe [2020-03-14] (Microsoft Studios)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.88.0_x64__8wekyb3d8bbwe [2020-05-08] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{7000EBEA-9341-4C5A-8297-B3541E8D3474} -> [iCloud Drive] => C:\Users\Mimic\iCloudDrive0
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Loaded Modules (Whitelisted) =============

2020-04-15 19:37 - 2020-05-19 22:02 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-04-15 19:37 - 2020-05-19 22:02 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-04-15 19:37 - 2020-05-19 22:02 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-12-28 22:04 - 2020-05-19 22:02 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-12-28 22:04 - 2020-05-19 22:02 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-12-28 22:04 - 2020-05-19 22:02 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-12-28 22:04 - 2020-05-19 22:02 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-12-28 22:04 - 2020-05-19 22:02 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-12-28 22:04 - 2020-05-19 22:02 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Mimic:.repos [590]
AlternateDataStreams: C:\Users\Mimic\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Mimic\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35953192.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\52888064.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\66B8A4F9.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35953192.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\52888064.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\66B8A4F9.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171101&iDate=2020-06-13 10:25:11&bName=
SearchScopes: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-02-12] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-02-12] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-12-25 00:47 - 2019-01-04 14:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Process Lasso\;
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1235492812-2151765122-4279266773-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{03C80138-2E04-4CA2-9F50-8D3C69DA694D}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [{C2F9CCC3-37D0-4D96-AFB2-72190C0840D8}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => No File
FirewallRules: [{24A71FA6-A2D2-4CCD-A9DC-6FB7647919FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe => No File
FirewallRules: [{AA76C0BF-9353-4167-A094-24B7E97EF6B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe => No File
FirewallRules: [UDP Query User{8029EC52-9BFB-4A4A-BD3D-6ECFE32E4B1A}D:\classic offik\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) D:\classic offik\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{935771FD-1959-42EC-97E3-E980641C7D79}D:\classic offik\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) D:\classic offik\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{B992D716-4AD0-4D6C-A2E9-A06BAAA54320}D:\league of legends\game\league of legends.exe] => (Allow) D:\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{12B8A14D-5D5C-4942-A64D-30D9A383EE92}D:\league of legends\game\league of legends.exe] => (Allow) D:\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{ACAF409C-1C07-4B86-8EDC-9F1025144CFA}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Downloader.exe => No File
FirewallRules: [{A81BA1FA-F357-4EED-9E49-4116FAEECBFF}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Launcher.exe => No File
FirewallRules: [{561315A9-3D87-40C2-834A-132D4623018F}] => (Allow) C:\Users\Mimic\Downloads\bin64\BlackDesert64.exe => No File
FirewallRules: [{42841A18-F645-4105-BAFB-B943366E2C86}] => (Allow) C:\Users\Mimic\Downloads\bin\BlackDesert32.exe => No File
FirewallRules: [UDP Query User{D2F8A587-E1E3-4844-9A3B-9A0F98FA1BEB}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A6165E2F-2EC3-4431-89B3-ACC062060849}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{67B94190-5FE1-4D54-9AD4-B3351E543231}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{1B11AED1-44F6-49B8-9E25-73A93B1F668A}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{1511F20F-9F9C-46B6-B585-8775AE8926EC}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{BE6C583F-3D5C-4DE3-BEA1-D3A4E4EFACBC}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{2136E8B7-405B-4681-96A9-69E18EFB1DDB}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{B897E717-C6A6-4D72-AFC2-6D19C5D37A6C}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{D7454C61-EC00-4D57-8699-8896A0E8031C}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{1B1BEF2C-0088-4866-A7E8-C63739194F78}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{CD6B6B07-0AB4-4DD6-91AA-42182240325D}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A8C5B25F-4631-40E8-8E9D-EBD325800452}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{EFFDE2AB-6369-4A2F-BF72-8F753AD4BCFE}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{52E9227D-F6D3-4DD5-8918-3FED9C1CDF1A}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{F81CC3BA-00DE-4E55-AAE2-DD2C1B2ACA6E}D:\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{FAA3116E-B54A-4459-AFB3-6F95E098DAF0}D:\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{755B8356-49CA-436E-9471-928AF271B9A1}D:\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{727B4094-01C8-4932-AF25-3861D758D55C}D:\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{158AEE44-E4C1-4607-928E-F52EA9DE72F1}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{DE11E38C-873F-4DFB-A407-5E74CC5A4E3F}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{096F6BA9-15D6-468B-897D-4F53D145DB11}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{28AC4DF0-3506-452A-A759-0F57D88DA92D}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{53702A04-72DC-45A9-B0EE-29EDE2B99C79}D:\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{8BBBD486-4A49-4125-A2BD-B256BECE799E}D:\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{BF3C59EB-F68C-4DA6-9D8F-78D50FDC4618}D:\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{36DCFA73-5BD8-4EFC-B05A-4E8908FF7813}D:\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => No File
FirewallRules: [{56827E1D-1E07-4185-A265-766CCF6AD374}] => (Block) D:\Games\The Elder Scrolls - Skyrim - Special Edition\SkyrimSELauncher.exe => No File
FirewallRules: [{6E115B2C-A092-4405-8143-2BD0ACA487FF}] => (Block) D:\Games\The Elder Scrolls - Skyrim - Special Edition\SkyrimSE.exe => No File
FirewallRules: [UDP Query User{BD3B6BD9-1B82-476F-9D13-ED3068005548}D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{82209BD8-10CA-4701-BFD8-23531BB80AD3}D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => No File
FirewallRules: [{8E4CCCE1-80C4-4846-9897-65BC24ABEE7C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{F2E670F2-BFF1-44D8-92FB-35F41C0DADE4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [UDP Query User{90A56B86-9E30-4FEC-AA1D-543104C4AB71}D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{DA3E68ED-FECA-4505-B936-BF1B3BB215FC}D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{2B92B0F6-CA02-41B3-82BE-CABAEEF959B4}C:\users\mimic\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mimic\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{8FABF57D-244A-48E1-B363-78329F468E96}C:\users\mimic\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mimic\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{21501777-8FF9-40CB-9D27-6CAA70583216}C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F07B8AB7-9F3D-4D88-B3C4-0735D2F0959B}C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe => No File
FirewallRules: [{EB52B047-F494-42B9-A5DB-7B09B7369C18}] => (Allow) D:\Vendetta Gaming Network\NosTale Vendetta\patcher.exe => No File
FirewallRules: [UDP Query User{F7554FAB-3AAD-453E-BA62-6AC05A36623E}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [TCP Query User{B3C4F9DE-EAEB-4BA3-8BEB-5970D5F786D3}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [{996B30DC-3954-4276-94FD-ED50B20C3916}] => (Allow) C:\Program Files (x86)\(GF26)Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{D8244336-5AD6-404F-8BD2-4C63DFC573B1}] => (Allow) C:\Program Files (x86)\(GF26)Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{CFAC7C1E-5C2E-4645-AEF1-BB6F002FDFC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [{11365570-912C-4B9B-B3E4-E2BDCA707AB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [UDP Query User{95396641-5016-4A2F-9BE9-2E3F445A887D}D:\counter-strike 1.6\hl.exe] => (Allow) D:\counter-strike 1.6\hl.exe => No File
FirewallRules: [TCP Query User{D914467A-8A65-45C6-992A-98F68486032A}D:\counter-strike 1.6\hl.exe] => (Allow) D:\counter-strike 1.6\hl.exe => No File
FirewallRules: [{73E6D535-0CB2-44FB-9900-47151BFA918D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{ED892C48-4E71-4D95-A90F-F6C8E4252F7C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{80BFEDFA-69BB-4D87-8CC6-A40A8AE12D92}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{621B4183-6B32-4C3E-BF18-80FEE17A4546}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{0B58D1CE-5F7B-4CC2-BB89-962CF449D6A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A3603895-6D9A-4409-927E-BC09D6A1DCC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{7F054086-0750-480F-A761-B25574282C98}D:\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{FD615BA5-CDA3-4BE1-BD74-DD068A777B36}D:\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => No File
FirewallRules: [{ECDFA95B-63D5-4926-9793-E07C8A62ACFA}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{7C134238-8120-4EB9-9CCA-66F1889DA322}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [TCP Query User{8BD3491B-407E-48E2-9AFE-26B00082653F}D:\riot games\league of legends (pbe)\game\league of legends.exe] => (Allow) D:\riot games\league of legends (pbe)\game\league of legends.exe => No File
FirewallRules: [UDP Query User{CC37225C-E063-4E7C-87BD-B4504106C6EC}D:\riot games\league of legends (pbe)\game\league of legends.exe] => (Allow) D:\riot games\league of legends (pbe)\game\league of legends.exe => No File
FirewallRules: [{BEAEBB63-C931-414D-926C-1D584D8BCEC7}] => (Allow) C:\Users\Mimic\AppData\Local\Programs\Opera\65.0.3467.72\opera.exe => No File
FirewallRules: [{31013513-4995-43ED-8CE9-31C0F173BD93}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\BombTag\BombTag.exe => No File
FirewallRules: [{C0A4F349-E66B-40F2-B338-B04768B6D080}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\BombTag\BombTag.exe => No File
FirewallRules: [{8C73E130-FF27-4B58-8D89-7B7336593365}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Brawlhalla\Brawlhalla.exe => No File
FirewallRules: [{068F0BBC-A4C4-45FE-98E7-379FA531023C}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Brawlhalla\Brawlhalla.exe => No File
FirewallRules: [TCP Query User{F3F17166-4CCF-4B73-A1DB-88C25B27D447}D:\classic offik\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) D:\classic offik\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{C5B0D094-E644-4B45-96B1-9ED7BAF19760}D:\classic offik\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) D:\classic offik\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{1A386DA8-BB9C-4F23-867A-3408BE412FCF}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe => No File
FirewallRules: [{CD0EB855-7DD4-46E0-9505-1ACE30BF189C}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe => No File
FirewallRules: [{E9CFCBEC-961B-49E2-B3F2-7C0507ACAC80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{DEBC685A-0DEC-4F59-9EB3-2E73AD5129FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{090EDC91-0A93-4D16-AE08-A5B7C320B217}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe => No File
FirewallRules: [{8B0E738C-8FD7-464D-B2B7-842AD6B97FB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe => No File
FirewallRules: [TCP Query User{600834BD-4ADE-4F38-9475-62B66FE6874F}D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe] => (Block) D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{5C2FE8F3-9A14-450C-8A9E-071F647CDC9F}D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe] => (Block) D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe => No File
FirewallRules: [{215354C0-76C2-4636-B2E5-5E86AEB05DFA}] => (Allow) C:\Users\Mimic\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{02AAF38C-CD4E-49C9-9255-3D2791C41CE1}] => (Allow) C:\Users\Mimic\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{2C7FD055-0E95-43EB-8E53-06EED82AE80C}D:\games\outlast 2\binaries\win64\outlast2.exe] => (Allow) D:\games\outlast 2\binaries\win64\outlast2.exe => No File
FirewallRules: [UDP Query User{72603C6B-0B21-415B-9035-D72FA9D526A7}D:\games\outlast 2\binaries\win64\outlast2.exe] => (Allow) D:\games\outlast 2\binaries\win64\outlast2.exe => No File
FirewallRules: [{EB9D5BF6-FC61-4220-9FBC-A84532C6590E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4E030515-2D49-408E-AFD0-45772A87DBC3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22BB9CB9-7CFC-43FB-AD76-4E4AC4F9AC00}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E908B8D5-1C91-48CD-91A1-D065411D0AC0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D855C73C-0B77-456D-B309-E2757AC46A09}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B8165DDD-D695-4FFB-A613-BC2542BF28C4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1B71D93-1041-449B-BC83-254C613DD8EF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BBF22A65-CC99-464C-BDC2-1B4BE6C631EF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{524A7336-5E55-4F98-8669-441052FFD714}C:\users\mimic\appdata\roaming\twitch\bin\electron\twitchui.exe] => (Allow) C:\users\mimic\appdata\roaming\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [UDP Query User{54735A18-A5B6-4B5E-A85C-C8AA885F95D1}C:\users\mimic\appdata\roaming\twitch\bin\electron\twitchui.exe] => (Allow) C:\users\mimic\appdata\roaming\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [TCP Query User{4A848F37-B344-412D-A37D-D323EDCFFC0D}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{013B8A78-4D65-44C3-90DE-BF6345702C82}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{61D0DB09-1DDB-49F0-B259-A95AF5815881}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DyingLightGame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{C9AE2363-6C9E-4A7F-A0CF-C50836A9EA3D}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DyingLightGame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{3C072DFF-8ABC-42C2-8EBF-CBA4C04A2416}] => (Allow) D:\Dyinig light\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{BB28A6EE-92FF-4653-B41D-16A38A3D398E}] => (Allow) D:\Dyinig light\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{A358654C-EAE3-4EF8-B245-59B2D09BF17C}D:\far cry 5\bin_plus\farcry5.exe] => (Allow) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [UDP Query User{17FCD82D-BEE0-494C-9E6B-3B16AD3BE781}D:\far cry 5\bin_plus\farcry5.exe] => (Allow) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [{EEC90268-D54B-4AD9-9705-C3F2369513A2}] => (Block) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [{0567FA14-F619-437F-8924-2016BE56377F}] => (Block) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [{6ED204CD-7C5E-4B07-A8D0-65408456DC0B}] => (Allow) D:\Dyinig light\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{B990E38D-7CBD-4AD3-975B-7C571B44C8CF}] => (Allow) D:\Dyinig light\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [TCP Query User{30ADEA13-D9F4-48B1-A900-8BE6E022C032}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2602CD8E-29D6-4BA2-8636-FB24D0521976}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{098265FB-6761-42DA-9A3E-7EF3583A1CB0}] => (Allow) D:\Dyinig light\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{9FE1C4B5-98AE-4409-8D9B-A47B21643625}] => (Allow) D:\Dyinig light\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{4BDFAEEB-B6B9-4128-B0FF-D8CC53299F7D}] => (Allow) C:\Users\Mimic\Downloads\bin\BlackDesert32.exe => No File
FirewallRules: [{AA43B9FD-E279-42E8-8BA5-C9561DDDC7DD}] => (Allow) C:\Users\Mimic\Downloads\bin64\BlackDesert64.exe => No File
FirewallRules: [{A7D0FDCC-54D4-4E73-9CB2-71064A238D67}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Launcher.exe => No File
FirewallRules: [{CB2DB56B-8FEF-436A-98EC-E885461883EF}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Downloader.exe => No File
FirewallRules: [{D0BC2476-010B-47EF-9035-C8C818166714}] => (Allow) D:\Dyinig light\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{B153ACDE-A8A5-4196-BCBC-CA71F80BF04F}] => (Allow) D:\Dyinig light\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{B0729BB9-A897-416B-B459-5E9A004EFFC5}] => (Allow) D:\Dyinig light\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{D934C1E9-8491-4161-9F6E-44A8810FD9B9}] => (Allow) D:\Dyinig light\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{47450C3D-A78F-436D-B38B-BD8A98151B84}] => (Allow) D:\Dyinig light\steamapps\common\TheForestDedicatedServer\TheForestDedicatedServer.exe () [File not signed]
FirewallRules: [{310F8167-92B5-41A8-A138-5812776942A5}] => (Allow) D:\Dyinig light\steamapps\common\TheForestDedicatedServer\TheForestDedicatedServer.exe () [File not signed]
FirewallRules: [TCP Query User{FD3A4381-68A0-483B-B363-40CC4BE09A95}D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{CCBC5B3C-F25C-4336-A01D-4D5D02944FBF}D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{25B11BFF-B7BF-4866-808B-976A2C4A32FA}D:\classic offik\diablo iii\x64\diablo iii64.exe] => (Allow) D:\classic offik\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{ADDDBBDA-EAF9-47A2-B687-7086D31D7058}D:\classic offik\diablo iii\x64\diablo iii64.exe] => (Allow) D:\classic offik\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D1C0352B-FEBA-4735-9154-93C4005A63DE}D:\riots game\patch\lewd red riding hoof-v1.03\ost_game\binaries\win64\ost_game-win64-shipping.exe] => (Block) D:\riots game\patch\lewd red riding hoof-v1.03\ost_game\binaries\win64\ost_game-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{B15FC298-9193-4CD8-BAD7-9F6DE3388ECB}D:\riots game\patch\lewd red riding hoof-v1.03\ost_game\binaries\win64\ost_game-win64-shipping.exe] => (Block) D:\riots game\patch\lewd red riding hoof-v1.03\ost_game\binaries\win64\ost_game-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{1D5C3CCA-D67E-4E87-B757-7B627C055270}D:\riots game\patch\farm\breeding farm.exe] => (Allow) D:\riots game\patch\farm\breeding farm.exe () [File not signed]
FirewallRules: [UDP Query User{96ED3C99-AEF1-41CB-842B-0D76DF146B6E}D:\riots game\patch\farm\breeding farm.exe] => (Allow) D:\riots game\patch\farm\breeding farm.exe () [File not signed]
FirewallRules: [TCP Query User{34E741B5-E0ED-4618-9C3C-32A8D12AF8CF}C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe] => (Allow) C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe => No File
FirewallRules: [UDP Query User{0F6C06D5-8CED-4357-83B3-81AA16F47E44}C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe] => (Allow) C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe => No File
FirewallRules: [TCP Query User{E1D44D9F-BEB5-477F-972A-0E7D48749969}D:\riots game\patch\uncleneighbor\uncleneighbor.exe] => (Allow) D:\riots game\patch\uncleneighbor\uncleneighbor.exe () [File not signed]
FirewallRules: [UDP Query User{2295E70E-C491-4C25-9CB9-4A9F68E20BFC}D:\riots game\patch\uncleneighbor\uncleneighbor.exe] => (Allow) D:\riots game\patch\uncleneighbor\uncleneighbor.exe () [File not signed]
FirewallRules: [TCP Query User{99A2FABD-654F-4BFC-A381-AEF92393AE44}D:\riots game\patch\lotw\lotw\binaries\win64\lotw.exe] => (Allow) D:\riots game\patch\lotw\lotw\binaries\win64\lotw.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{B045B97C-781E-479A-9DF9-900B21986B76}D:\riots game\patch\lotw\lotw\binaries\win64\lotw.exe] => (Allow) D:\riots game\patch\lotw\lotw\binaries\win64\lotw.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{F0127D7B-970B-445D-BFD4-8466962A6E4F}D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [UDP Query User{67973BA4-0B7A-4810-920E-2ED2FA5CBF88}D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{97D64AF5-2924-49D5-9030-A41197AAFAD0}] => (Block) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{9CF96C2F-63BE-4151-9DD6-CFFA38436B3C}] => (Block) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [TCP Query User{EA7BC563-17C5-4900-B682-59F0567E2142}D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [UDP Query User{6D8E17F9-91FA-40D1-BADA-D2B29CC00EB1}D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{9B556605-2B60-4F1D-BB21-0EF68D0D6752}] => (Block) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{0755C3D9-37CD-4D66-A1C9-238F53F75E2E}] => (Block) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{778FF7DE-A0D2-4E1C-B9F4-BEEDD9D1B7DE}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{7AB79D43-AE00-45EB-9B2D-4B9135A58DC0}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [TCP Query User{88BB794C-DF94-4716-9F16-870C2E6EF314}D:\riots game\patch\thelewdknight0.3.5\the lewd knight.exe] => (Allow) D:\riots game\patch\thelewdknight0.3.5\the lewd knight.exe () [File not signed]
FirewallRules: [UDP Query User{9B69EF41-0AE2-492E-B1FC-26F5839D621C}D:\riots game\patch\thelewdknight0.3.5\the lewd knight.exe] => (Allow) D:\riots game\patch\thelewdknight0.3.5\the lewd knight.exe () [File not signed]
FirewallRules: [TCP Query User{C5D9F686-4710-4E07-9A1B-244737B3004B}D:\classic offik\warcraft iii\_retail_\x86_64\warcraft iii.exe] => (Block) D:\classic offik\warcraft iii\_retail_\x86_64\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc)
FirewallRules: [UDP Query User{B5BF3530-6314-4F11-A110-31EA2600C560}D:\classic offik\warcraft iii\_retail_\x86_64\warcraft iii.exe] => (Block) D:\classic offik\warcraft iii\_retail_\x86_64\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc)
FirewallRules: [{5E20B5CA-F27D-4816-9D7F-C982E9E572FB}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{A9D7493A-5377-4FA8-8AF2-9389C06B89A8}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{BC62ED5E-E579-4106-8819-274A061A6F6F}] => (Allow) D:\Dyinig light\steamapps\common\NARUTO SHIPPUDEN ULTIMATE NINJA STORM REVOLUTION\NSUNSR_launcher.exe () [File not signed]
FirewallRules: [{FDB3E626-F556-4C3A-B59D-ED907E839A22}] => (Allow) D:\Dyinig light\steamapps\common\NARUTO SHIPPUDEN ULTIMATE NINJA STORM REVOLUTION\NSUNSR_launcher.exe () [File not signed]
FirewallRules: [{235D8EC2-45CC-4CEE-A506-8C5D1B248A25}] => (Allow) D:\Dyinig light\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{ED32F3AF-C340-48A5-B9EB-3A6C0EF104C0}] => (Allow) D:\Dyinig light\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{21D29E25-EDE8-4B13-BE6C-2D4F69FCA7E8}] => (Allow) D:\Dyinig light\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{00692236-CBAB-4B8F-92A1-13C0EB51B991}] => (Allow) D:\Dyinig light\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{F4CFF9FB-116A-428F-AB89-92860FE66F72}] => (Allow) D:\Dyinig light\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{F38EC794-B7C7-4804-A2E2-18C9E971E909}] => (Allow) D:\Dyinig light\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{45FBB493-1816-4963-A3CB-9F4DE57DA66F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 4 The Nightmare Prince\trine4.exe => No File
FirewallRules: [{41A80515-84C7-4D01-9FAE-CB6C32E76D82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 4 The Nightmare Prince\trine4.exe => No File
FirewallRules: [{6F36F5F1-CEDA-424E-82E1-835A1DC858A5}] => (Allow) D:\Dyinig light\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe () [File not signed]
FirewallRules: [{5125D724-14B5-4294-8E76-B0ED12139F48}] => (Allow) D:\Dyinig light\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe () [File not signed]
FirewallRules: [TCP Query User{0A302999-D746-4C2E-91BF-A6E07042A990}D:\dyinig light\steamapps\common\trine\_enchanted_edition_\trine1_32bit.exe] => (Block) D:\dyinig light\steamapps\common\trine\_enchanted_edition_\trine1_32bit.exe () [File not signed]
FirewallRules: [UDP Query User{F1F6AB90-0542-4961-BB03-57FEADEDC3CD}D:\dyinig light\steamapps\common\trine\_enchanted_edition_\trine1_32bit.exe] => (Block) D:\dyinig light\steamapps\common\trine\_enchanted_edition_\trine1_32bit.exe () [File not signed]
FirewallRules: [{F6D9E75B-CE9D-4A10-8EE1-F01BC383072D}] => (Allow) D:\Dyinig light\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{DDC979DF-6C31-48BC-AB91-9B2C4183A917}] => (Allow) D:\Dyinig light\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [TCP Query User{07A07DED-0414-4E7C-A50F-365B5ED52397}D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe] => (Block) D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe => No File
FirewallRules: [UDP Query User{C43A7C60-9447-4C79-80C2-F05F484543B5}D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe] => (Block) D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe => No File
FirewallRules: [TCP Query User{81E6CCC2-05A8-4474-9AE2-648593F9F9E8}D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe] => (Block) D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe => No File
FirewallRules: [UDP Query User{55E97C58-87B4-4E39-8B2D-6A29BFCF8F6A}D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe] => (Block) D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe => No File
FirewallRules: [TCP Query User{74E9CA75-1668-46B6-93B6-13D6961777E4}C:\program files (x86)\quadcorem2\pack\core.bin] => (Allow) C:\program files (x86)\quadcorem2\pack\core.bin () [File not signed]
FirewallRules: [UDP Query User{8EF1FF6C-68FD-4FDA-9EDC-5D39766E92AB}C:\program files (x86)\quadcorem2\pack\core.bin] => (Allow) C:\program files (x86)\quadcorem2\pack\core.bin () [File not signed]
FirewallRules: [TCP Query User{BD7F689C-92FF-4190-80EE-39756E978EB6}D:\riots game\patch\cybernance\cralpha0.7\rigsandbox\binaries\win64\rigsandbox-win64-test.exe] => (Allow) D:\riots game\patch\cybernance\cralpha0.7\rigsandbox\binaries\win64\rigsandbox-win64-test.exe (Nemesis Soft LTD) [File not signed]
FirewallRules: [UDP Query User{DBC01F10-8CDB-4333-99D6-3DAB658D2B19}D:\riots game\patch\cybernance\cralpha0.7\rigsandbox\binaries\win64\rigsandbox-win64-test.exe] => (Allow) D:\riots game\patch\cybernance\cralpha0.7\rigsandbox\binaries\win64\rigsandbox-win64-test.exe (Nemesis Soft LTD) [File not signed]
FirewallRules: [{68A1D9DC-501A-412F-A12C-FDC9D51A265F}] => (Allow) D:\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C8C259B2-D4C0-4086-9787-1038157ED570}] => (Allow) D:\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D03C281D-316B-4A9B-9354-44B0DB27FF68}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9FE01952-F1D9-416D-B63E-566547E8CCD5}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C59C23F8-A833-42FC-B365-C219EC0918B0}] => (Allow) D:\staženéé\bin\BlackDesert32.exe => No File
FirewallRules: [{4CBC0BDE-BB6D-4D3B-90BD-BD2DB286F8F6}] => (Allow) D:\staženéé\bin64\BlackDesert64.exe => No File
FirewallRules: [{5469E661-758E-428F-ACA4-42E9BEE30844}] => (Allow) D:\staženéé\BlackDesert_Launcher.exe => No File
FirewallRules: [{765DA455-1B86-4AD5-817A-92633053DDE9}] => (Allow) D:\staženéé\BlackDesert_Downloader.exe => No File
FirewallRules: [{953B297B-289D-4162-8914-008778EAF1AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{21A7403D-FB28-4B8B-A4D0-0BD47D97B78F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C28E73E6-92DB-41C8-A0F7-AE57DD58F9F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7671A118-3EE9-4C5C-8516-43D6028364AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{515520CF-398C-4FD1-ACEB-E709ED4DEA8A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.25 GB) (Free:15.34 GB) (14%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/25/2021 04:15:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14940,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/25/2021 04:06:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13676,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/25/2021 03:59:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (952,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/25/2021 03:50:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2504,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/25/2021 03:35:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12820,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/25/2021 03:19:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10436,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/25/2021 03:09:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4140,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/25/2021 02:59:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15764,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (02/25/2021 04:25:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (02/25/2021 04:25:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0G63EDE)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/25/2021 04:23:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (02/25/2021 04:23:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (02/25/2021 04:23:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0G63EDE)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/25/2021 04:21:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (02/25/2021 04:20:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0G63EDE)
Description: Server {58598185-CF77-4407-B011-0C8282EF681F} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/25/2021 04:20:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0G63EDE)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2019-10-20 09:57:33.067
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2C93FBD5-A97B-4952-96D7-42FE3B86E0FF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-10-16 12:41:55.285
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Netpass
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files (x86)\NirSoft\WebBrowserPassView\WebBrowserPassView.exe; file:_C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView\WebBrowserPassView.lnk; startup:_C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView\WebBrowserPassView.lnk
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-0G63EDE\Mimic
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze bezpečnostních informací: AV: 1.303.1818.0, AS: 1.303.1818.0, NIS: 1.303.1818.0
Verze modulu: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2019-10-16 12:41:29.005
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Netpass
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files (x86)\NirSoft\WebBrowserPassView\WebBrowserPassView.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-0G63EDE\Mimic
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze bezpečnostních informací: AV: 1.303.1818.0, AS: 1.303.1818.0, NIS: 1.303.1818.0
Verze modulu: AM: 1.1.16400.2, NIS: 1.1.16400.2

==================== Memory info ===========================

BIOS: American Megatrends Inc. F22b 02/13/2018
Motherboard: Gigabyte Technology Co., Ltd. AB350-Gaming 3-CF
Processor: AMD Ryzen 5 1600 Six-Core Processor
Percentage of memory in use: 23%
Total physical RAM: 16335.28 MB
Available physical RAM: 12457.39 MB
Total Virtual: 25039.28 MB
Available Virtual: 19666.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:15.34 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:43.31 GB) NTFS

\\?\Volume{d933678a-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.1 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: D933678A)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
Ran by Mimic (administrator) on DESKTOP-0G63EDE (Gigabyte Technology Co., Ltd. AB350-Gaming 3) (25-02-2021 16:23:37)
Running from D:\staženéé
Loaded Profiles: Mimic
Platform: Windows 10 Pro Version 1903 18362.778 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_10.9.62.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_10.9.62.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\bitsumsessionagent.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(Bitsum LLC -> Bitsum LLC) C:\Program Files\Process Lasso\srvstub.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Mimic\AppData\Local\Temp\Twitch\Twitch.exe
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Mimic\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe <8>
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Mimic\AppData\Roaming\Twitch\Bin\TwitchAgent.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [4StoryPrePatch] => D:\4secret\4SecretPrePatch.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Run: [btweb] => "C:\Users\Mimic\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8442464 2020-12-18] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Policies\system: [DisableLockWorkstation] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-16] (Google LLC -> Google LLC)
Startup: C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-12-06]
ShortcutTarget: Twitch.lnk -> C:\Users\Mimic\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07C19DA9-9809-4E3C-A0EF-71A9A73AC8A9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0B0DB705-37EA-4968-946C-030378D84EBF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {10FE5B53-9E7D-4ADE-BF14-F16A405BAE2B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1122F02D-E2F3-4BFC-8ECF-C37F95D5BB7F} - System32\Tasks\Outbyte\PC Repair\Start PC Repair оn logon => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe [8287552 2021-02-05] (Outbyte Computing Pty Ltd -> Outbyte) <==== ATTENTION
Task: {1BD676E1-AA73-4FED-A03C-8417BAE84505} - System32\Tasks\Apple Diagnostics => C:\Users\Mimic\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2020-04-10] ()
Task: {29354060-62E1-4282-8B37-A77EC565D331} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {297E0AEE-4D81-4A0E-BE3F-B57D62E94A13} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A49D111-DD2E-4415-8E95-40B3AA3FABDD} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1630104 2020-11-20] (Bitsum LLC -> Bitsum LLC)
Task: {49332DF1-7BB7-43E1-9BB3-D0453BB0EAFC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4F46DDDF-FB8A-4686-ABFB-0D0793CD9EFB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F840A11-67B3-48C6-8341-2D01E58AE617} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71175C86-518C-44C7-B01B-827AA95F1810} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8511337C-A708-4A62-BA99-61A1DED78C6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-20] (Google LLC -> Google LLC)
Task: {857BF743-6CB9-4AE7-BEE6-59A3D03F1504} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-21] (Adobe Inc. -> Adobe)
Task: {8891E9FD-4515-4B4E-9B5D-81A18A4697C8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {98AD43E8-36DF-4981-A1A1-AEFD90354284} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-21] (Adobe Inc. -> Adobe)
Task: {AC652B89-D1EB-43AB-951E-D666B042EDC2} - System32\Tasks\Session agent for Process Lasso => C:\Program Files\Process Lasso\bitsumsessionagent.exe [349080 2020-11-20] (Bitsum LLC -> Bitsum LLC)
Task: {B8B2F599-8920-48FA-8AB3-2F7C141C43AC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
Task: {C3C945C1-9ADA-459C-8EAA-1302C641C29A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F6A0F20A-B5B6-4EE9-AE12-B7D81FE63911} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-20] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{5582edf2-6605-4509-9265-68cb85011cfc}: [DhcpNameServer] 213.46.172.38 213.46.172.39

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-02-12] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default [2021-02-25]
CHR Notifications: Default -> hxxps://manius.cz
CHR HomePage: Default -> hxxp://www.google.com
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=E210US91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-26]
CHR Extension: (Dokumenty) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-26]
CHR Extension: (Disk Google) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-26]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2020-04-20]
CHR Extension: (Tabulky) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-26]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-02-10]
CHR Extension: (Záložky na iCloudu) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2020-05-01]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-12-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (Vysor) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Gmail) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-31]
CHR Profile: C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-09]
CHR Profile: C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\System Profile [2020-07-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera:
=======
OPR Profile: C:\Users\Mimic\AppData\Roaming\Opera Software\Opera Stable [2020-05-22]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-21] (Adobe Inc. -> Adobe)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2020-12-29] (Apple Inc. -> Apple Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [568480 2021-01-11] (Gameforge 4D GmbH -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-23] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [959752 2021-02-12] (McAfee, LLC -> McAfee, LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 ProcessGovernor; C:\Program Files\Process Lasso\processgovernor.exe [1169816 2020-11-20] (Bitsum LLC -> Bitsum LLC)
S3 TNTClientDaemonMS2; C:\Program Files (x86)\GameforgeLoginMS2\daemon.exe [406184 2019-02-28] (Gameforge 4D GmbH -> )
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29280 2020-12-18] (LAVASOFT SOFTWARE CANADA INC -> )
S2 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AAErrorPort; C:\Users\Mimic\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== ATTENTION

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-15] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-16] (Microsoft Corporation) [File not signed]
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1214752 2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216056 2020-08-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-02] (Malwarebytes Inc -> Malwarebytes)
S3 ObDrvMonPCRSrv; C:\Program Files (x86)\Outbyte\PC Repair\DrvMonX64.sys [186544 2021-01-12] (Outbyte Computing Pty Ltd -> Outbyte)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-17] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2719256 2021-02-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S0 35953192; system32\drivers\83336149.sys [X]
S0 66B8A4F9; system32\drivers\66B8A4F9.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 PRProt; \??\C:\Users\Mimic\AppData\Local\Temp\ActiveAnticheat\1223454\active64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-24 15:28 - 2021-02-24 15:28 - 000003547 ____C C:\Users\Mimic\Desktop\windows10.cmd
2021-02-24 15:26 - 2021-02-24 15:28 - 000003547 ____C C:\Users\Mimic\Desktop\Nový textový dokument.txt
2021-02-24 14:59 - 2021-02-24 15:19 - 000000000 ___HD C:\$WINDOWS.~BT
2021-02-24 14:56 - 2021-02-24 14:57 - 000000000 ___HD C:\$GetCurrent
2021-02-24 14:52 - 2021-02-24 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso
2021-02-24 14:51 - 2021-02-25 16:20 - 000002430 _____ C:\WINDOWS\system32\Tasks\Session agent for Process Lasso
2021-02-24 14:51 - 2021-02-25 16:20 - 000002348 _____ C:\WINDOWS\system32\Tasks\Process Lasso Management Console (GUI)
2021-02-24 14:51 - 2021-02-24 14:52 - 000001976 _____ C:\ProgramData\Desktop\Process Lasso.lnk
2021-02-24 14:51 - 2021-02-24 14:52 - 000000000 ____D C:\ProgramData\ProcessLasso
2021-02-24 14:51 - 2021-02-24 14:52 - 000000000 ____D C:\Program Files\Process Lasso
2021-02-24 14:51 - 2021-02-24 14:51 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\ProcessLasso
2021-02-23 15:50 - 2021-02-24 14:59 - 000000036 _____ C:\WINDOWS\progress.ini
2021-02-23 15:45 - 2021-02-24 14:56 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník s aktualizací Windows 10.lnk
2021-02-23 15:45 - 2021-02-24 14:56 - 000000719 ____C C:\Users\Mimic\Desktop\Pomocník s aktualizací Windows 10.lnk
2021-02-23 15:45 - 2021-02-24 14:56 - 000000000 ____D C:\Windows10Upgrade
2021-02-23 14:44 - 2021-02-25 16:20 - 000003354 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{445A50B5-41A2-4C37-9686-B5F8F8E539DB}
2021-02-23 14:42 - 2021-02-23 14:42 - 000001213 ____C C:\Users\Mimic\Desktop\PC Repair.lnk
2021-02-23 14:42 - 2021-02-23 14:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Outbyte
2021-02-23 14:42 - 2021-02-23 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outbyte
2021-02-23 14:42 - 2021-02-23 14:42 - 000000000 ____D C:\Program Files (x86)\Outbyte
2021-02-23 14:41 - 2021-02-23 14:41 - 000000000 ____D C:\ProgramData\Outbyte
2021-02-22 12:01 - 2021-02-22 12:01 - 000000000 ____C C:\Users\Mimic\Desktop\Nový rastrový obrázek.bmp
2021-02-18 15:28 - 2021-02-18 15:28 - 000000000 ____D C:\Users\Mimic\AppData\Local\PJU_ReBuild
2021-02-17 15:10 - 2021-02-17 15:10 - 000000000 ___DC C:\Users\Mimic\AppData\LocalLow\L2 Games
2021-02-16 01:42 - 2021-02-16 01:42 - 000000000 ____D C:\Users\Mimic\AppData\Local\ElevatedDiagnostics
2021-02-15 11:35 - 2021-02-19 07:20 - 000001280 ____C C:\Users\Mimic\Desktop\BDO GUIDE.txt
2021-02-13 16:33 - 2021-02-13 16:33 - 000000000 ___DC C:\Users\Mimic\AppData\LocalLow\WhitePeach
2021-02-13 10:53 - 2021-01-23 09:57 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-02-13 10:53 - 2021-01-23 09:57 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-02-13 10:53 - 2021-01-23 09:57 - 001453720 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-02-13 10:53 - 2021-01-23 09:57 - 001435872 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-02-13 10:53 - 2021-01-23 09:57 - 001435872 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-02-13 10:53 - 2021-01-23 09:57 - 001094872 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-02-13 10:53 - 2021-01-23 09:57 - 001094872 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-02-13 10:53 - 2021-01-23 09:57 - 000948960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-02-13 10:53 - 2021-01-23 09:57 - 000948960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-02-13 10:53 - 2021-01-23 09:56 - 001193112 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-02-13 10:53 - 2021-01-23 09:54 - 001512104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-02-13 10:53 - 2021-01-23 09:54 - 001164968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-02-13 10:53 - 2021-01-23 09:54 - 000680088 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-02-13 10:53 - 2021-01-23 09:54 - 000672936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-02-13 10:53 - 2021-01-23 09:54 - 000558248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-02-13 10:53 - 2021-01-23 09:54 - 000547480 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-02-13 10:53 - 2021-01-23 09:53 - 008262312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-02-13 10:53 - 2021-01-23 09:53 - 007392920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-02-13 10:53 - 2021-01-23 09:53 - 004611760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-02-13 10:53 - 2021-01-23 09:53 - 002731184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-02-13 10:53 - 2021-01-23 09:53 - 002103448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-02-13 10:53 - 2021-01-23 09:53 - 001732264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446140.dll
2021-02-13 10:53 - 2021-01-23 09:53 - 001589400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-02-13 10:53 - 2021-01-23 09:53 - 001491608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446140.dll
2021-02-13 10:53 - 2021-01-23 09:53 - 000813208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-02-13 10:53 - 2021-01-22 23:59 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-02-13 00:56 - 2021-02-13 00:56 - 000000000 ____D C:\Users\Mimic\AppData\Local\Underneaththelabyrinth
2021-02-06 17:56 - 2021-02-06 17:55 - 000000892 ____C C:\Users\Mimic\Desktop\steam – zástupce.lnk
2021-02-06 14:08 - 2021-02-06 14:08 - 000000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Black Desert Online.lnk
2021-02-06 14:08 - 2021-02-06 14:08 - 000000728 _____ C:\ProgramData\Desktop\Black Desert Online.lnk
2021-02-06 14:08 - 2021-02-06 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Desert Online
2021-02-03 21:09 - 2021-02-03 21:09 - 000000000 ____D C:\Users\Mimic\AppData\Local\CrashRpt
2021-02-03 19:59 - 2021-02-03 20:00 - 000000000 ____D C:\Users\Mimic\AppData\Local\NCStreaming
2021-02-03 19:59 - 2021-02-03 19:59 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\obs-studio
2021-01-31 19:03 - 2021-01-31 22:01 - 000000298 ____C C:\Users\Mimic\Desktop\ECO produkty.txt
2021-01-28 20:54 - 2021-01-28 20:54 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\twitch-desktop-electron-platform

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-25 16:23 - 2020-05-09 00:17 - 000000000 ____D C:\FRST
2021-02-25 16:21 - 2019-10-16 08:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-25 16:21 - 2019-09-14 06:23 - 000000000 ___DC C:\Users\Mimic\AppData\Roaming\Twitch
2021-02-25 16:21 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-25 16:21 - 2018-12-24 22:24 - 000000000 ___DC C:\Users\Mimic\AppData\Local\D3DSCache
2021-02-25 16:21 - 2018-12-24 15:57 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-25 16:20 - 2020-10-20 18:46 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-25 16:20 - 2020-05-30 23:23 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1235492812-2151765122-4279266773-500
2021-02-25 16:20 - 2019-10-16 08:52 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-25 16:20 - 2019-10-16 08:52 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-25 16:20 - 2019-10-16 08:52 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-25 16:20 - 2019-10-16 08:52 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-25 16:20 - 2019-10-16 08:52 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-25 16:20 - 2019-10-16 08:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-25 16:20 - 2019-10-16 08:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-25 16:20 - 2019-10-16 08:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-25 16:20 - 2019-10-16 08:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-25 16:20 - 2019-10-16 08:52 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-25 16:20 - 2019-10-16 08:52 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-25 16:20 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-02-25 15:32 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-24 18:12 - 2020-05-01 12:08 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\discord
2021-02-24 18:12 - 2019-10-16 08:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-24 15:29 - 2019-10-16 08:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-02-24 15:26 - 2018-12-26 01:13 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-24 15:25 - 2019-10-16 18:25 - 000488808 _____ C:\WINDOWS\system32\perfh011.dat
2021-02-24 15:25 - 2019-10-16 18:25 - 000133986 _____ C:\WINDOWS\system32\perfc011.dat
2021-02-24 15:25 - 2019-10-16 18:23 - 000719846 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-24 15:25 - 2019-10-16 18:23 - 000146332 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-24 15:25 - 2019-10-16 08:54 - 002311632 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-24 15:25 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-02-24 15:19 - 2021-01-07 05:18 - 000000000 ____D C:\WINDOWS\Panther
2021-02-24 15:13 - 2019-10-16 08:51 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2021-02-24 15:13 - 2019-10-16 08:51 - 000001908 _____ C:\WINDOWS\diagerr.xml
2021-02-24 15:11 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-02-24 14:37 - 2019-06-30 16:27 - 000000000 ___DC C:\Users\Mimic\AppData\Local\BlackDesertOnline
2021-02-23 20:46 - 2019-07-13 19:20 - 002719256 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2021-02-23 15:04 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\USOPrivate
2021-02-22 13:46 - 2018-12-25 11:26 - 000000000 ___DC C:\Users\Mimic\AppData\Local\CrashDumps
2021-02-21 15:43 - 2019-10-16 08:46 - 000000000 ____D C:\Users\Mimic
2021-02-16 21:36 - 2018-03-29 21:46 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-16 21:36 - 2018-03-29 21:46 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-13 10:53 - 2018-12-24 16:17 - 000000000 ___DC C:\Users\Mimic\AppData\Local\NVIDIA
2021-02-13 10:37 - 2018-12-24 16:10 - 000000000 ____D C:\ProgramData\Riot Games
2021-02-13 10:21 - 2019-01-08 12:27 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2021-02-13 10:20 - 2020-05-31 13:49 - 000000000 ____D C:\Users\Mimic\AppData\Local\Ubisoft Game Launcher
2021-02-13 10:20 - 2020-05-31 13:49 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2021-02-13 10:19 - 2019-10-07 06:54 - 000000000 ___DC C:\Users\Mimic\AppData\Local\Nox
2021-02-11 14:13 - 2019-07-01 22:40 - 000000000 ___DC C:\Users\Mimic\Documents\Black Desert
2021-02-06 17:57 - 2019-10-16 08:46 - 000000000 ____D C:\Users\Administrator
2021-02-06 15:25 - 2018-12-24 15:57 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-06 15:25 - 2018-12-24 15:56 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-06 15:25 - 2018-12-24 15:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-06 15:25 - 2018-12-24 10:26 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2021-02-06 14:08 - 2019-12-06 16:33 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-27 12:17 - 2018-12-24 16:17 - 002797808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-01-27 12:17 - 2018-12-24 16:17 - 002154224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-01-27 12:17 - 2018-12-24 16:17 - 001295088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll

==================== Files in the root of some directories ========

2020-05-09 08:39 - 2020-05-09 08:39 - 000000000 _____ () C:\Users\Mimic\AppData\Roaming\unp201749821.tmp
2019-10-21 18:28 - 2019-10-21 18:28 - 000000033 _____ () C:\Users\Mimic\AppData\Local\Nox_crash.log
2019-10-16 06:54 - 2019-10-16 06:54 - 000000017 ____C () C:\Users\Mimic\AppData\Local\resmon.resmoncfg
2019-11-09 11:15 - 2020-01-26 12:07 - 000000071 _____ () C:\Users\Mimic\AppData\Local\update_progress.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
AlternateDataStreams: C:\Users\Mimic:.repos [590]
AlternateDataStreams: C:\Users\Mimic\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Mimic\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
FirewallRules: [{03C80138-2E04-4CA2-9F50-8D3C69DA694D}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [{C2F9CCC3-37D0-4D96-AFB2-72190C0840D8}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => No File
FirewallRules: [{24A71FA6-A2D2-4CCD-A9DC-6FB7647919FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe => No File
FirewallRules: [{AA76C0BF-9353-4167-A094-24B7E97EF6B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe => No File
FirewallRules: [{ACAF409C-1C07-4B86-8EDC-9F1025144CFA}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Downloader.exe => No File
FirewallRules: [{A81BA1FA-F357-4EED-9E49-4116FAEECBFF}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Launcher.exe => No File
FirewallRules: [{561315A9-3D87-40C2-834A-132D4623018F}] => (Allow) C:\Users\Mimic\Downloads\bin64\BlackDesert64.exe => No File
FirewallRules: [{42841A18-F645-4105-BAFB-B943366E2C86}] => (Allow) C:\Users\Mimic\Downloads\bin\BlackDesert32.exe => No File
FirewallRules: [{56827E1D-1E07-4185-A265-766CCF6AD374}] => (Block) D:\Games\The Elder Scrolls - Skyrim - Special Edition\SkyrimSELauncher.exe => No File
FirewallRules: [{6E115B2C-A092-4405-8143-2BD0ACA487FF}] => (Block) D:\Games\The Elder Scrolls - Skyrim - Special Edition\SkyrimSE.exe => No File
FirewallRules: [UDP Query User{BD3B6BD9-1B82-476F-9D13-ED3068005548}D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{82209BD8-10CA-4701-BFD8-23531BB80AD3}D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => No File
FirewallRules: [{8E4CCCE1-80C4-4846-9897-65BC24ABEE7C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{F2E670F2-BFF1-44D8-92FB-35F41C0DADE4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [UDP Query User{90A56B86-9E30-4FEC-AA1D-543104C4AB71}D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{DA3E68ED-FECA-4505-B936-BF1B3BB215FC}D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{21501777-8FF9-40CB-9D27-6CAA70583216}C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F07B8AB7-9F3D-4D88-B3C4-0735D2F0959B}C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe => No File
FirewallRules: [{EB52B047-F494-42B9-A5DB-7B09B7369C18}] => (Allow) D:\Vendetta Gaming Network\NosTale Vendetta\patcher.exe => No File
FirewallRules: [{996B30DC-3954-4276-94FD-ED50B20C3916}] => (Allow) C:\Program Files (x86)\(GF26)Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{D8244336-5AD6-404F-8BD2-4C63DFC573B1}] => (Allow) C:\Program Files (x86)\(GF26)Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{CFAC7C1E-5C2E-4645-AEF1-BB6F002FDFC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [{11365570-912C-4B9B-B3E4-E2BDCA707AB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [UDP Query User{95396641-5016-4A2F-9BE9-2E3F445A887D}D:\counter-strike 1.6\hl.exe] => (Allow) D:\counter-strike 1.6\hl.exe => No File
FirewallRules: [TCP Query User{D914467A-8A65-45C6-992A-98F68486032A}D:\counter-strike 1.6\hl.exe] => (Allow) D:\counter-strike 1.6\hl.exe => No File
FirewallRules: [{73E6D535-0CB2-44FB-9900-47151BFA918D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{ED892C48-4E71-4D95-A90F-F6C8E4252F7C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{80BFEDFA-69BB-4D87-8CC6-A40A8AE12D92}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{621B4183-6B32-4C3E-BF18-80FEE17A4546}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{ECDFA95B-63D5-4926-9793-E07C8A62ACFA}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{7C134238-8120-4EB9-9CCA-66F1889DA322}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [TCP Query User{8BD3491B-407E-48E2-9AFE-26B00082653F}D:\riot games\league of legends (pbe)\game\league of legends.exe] => (Allow) D:\riot games\league of legends (pbe)\game\league of legends.exe => No File
FirewallRules: [UDP Query User{CC37225C-E063-4E7C-87BD-B4504106C6EC}D:\riot games\league of legends (pbe)\game\league of legends.exe] => (Allow) D:\riot games\league of legends (pbe)\game\league of legends.exe => No File
FirewallRules: [{BEAEBB63-C931-414D-926C-1D584D8BCEC7}] => (Allow) C:\Users\Mimic\AppData\Local\Programs\Opera\65.0.3467.72\opera.exe => No File
FirewallRules: [{31013513-4995-43ED-8CE9-31C0F173BD93}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\BombTag\BombTag.exe => No File
FirewallRules: [{C0A4F349-E66B-40F2-B338-B04768B6D080}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\BombTag\BombTag.exe => No File
FirewallRules: [{8C73E130-FF27-4B58-8D89-7B7336593365}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Brawlhalla\Brawlhalla.exe => No File
FirewallRules: [{068F0BBC-A4C4-45FE-98E7-379FA531023C}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Brawlhalla\Brawlhalla.exe => No File
FirewallRules: [{1A386DA8-BB9C-4F23-867A-3408BE412FCF}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe => No File
FirewallRules: [{CD0EB855-7DD4-46E0-9505-1ACE30BF189C}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe => No File
FirewallRules: [{E9CFCBEC-961B-49E2-B3F2-7C0507ACAC80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{DEBC685A-0DEC-4F59-9EB3-2E73AD5129FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{090EDC91-0A93-4D16-AE08-A5B7C320B217}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe => No File
FirewallRules: [{8B0E738C-8FD7-464D-B2B7-842AD6B97FB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe => No File
FirewallRules: [TCP Query User{600834BD-4ADE-4F38-9475-62B66FE6874F}D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe] => (Block) D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{5C2FE8F3-9A14-450C-8A9E-071F647CDC9F}D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe] => (Block) D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{A358654C-EAE3-4EF8-B245-59B2D09BF17C}D:\far cry 5\bin_plus\farcry5.exe] => (Allow) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [UDP Query User{17FCD82D-BEE0-494C-9E6B-3B16AD3BE781}D:\far cry 5\bin_plus\farcry5.exe] => (Allow) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [{EEC90268-D54B-4AD9-9705-C3F2369513A2}] => (Block) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [{0567FA14-F619-437F-8924-2016BE56377F}] => (Block) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [{4BDFAEEB-B6B9-4128-B0FF-D8CC53299F7D}] => (Allow) C:\Users\Mimic\Downloads\bin\BlackDesert32.exe => No File
FirewallRules: [{AA43B9FD-E279-42E8-8BA5-C9561DDDC7DD}] => (Allow) C:\Users\Mimic\Downloads\bin64\BlackDesert64.exe => No File
FirewallRules: [{A7D0FDCC-54D4-4E73-9CB2-71064A238D67}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Launcher.exe => No File
FirewallRules: [{CB2DB56B-8FEF-436A-98EC-E885461883EF}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Downloader.exe => No File
FirewallRules: [TCP Query User{FD3A4381-68A0-483B-B363-40CC4BE09A95}D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{CCBC5B3C-F25C-4336-A01D-4D5D02944FBF}D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{34E741B5-E0ED-4618-9C3C-32A8D12AF8CF}C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe] => (Allow) C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe => No File
FirewallRules: [UDP Query User{0F6C06D5-8CED-4357-83B3-81AA16F47E44}C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe] => (Allow) C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe => No File
FirewallRules: [TCP Query User{F0127D7B-970B-445D-BFD4-8466962A6E4F}D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [UDP Query User{67973BA4-0B7A-4810-920E-2ED2FA5CBF88}D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{97D64AF5-2924-49D5-9030-A41197AAFAD0}] => (Block) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{9CF96C2F-63BE-4151-9DD6-CFFA38436B3C}] => (Block) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [TCP Query User{EA7BC563-17C5-4900-B682-59F0567E2142}D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [UDP Query User{6D8E17F9-91FA-40D1-BADA-D2B29CC00EB1}D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{9B556605-2B60-4F1D-BB21-0EF68D0D6752}] => (Block) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{0755C3D9-37CD-4D66-A1C9-238F53F75E2E}] => (Block) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{45FBB493-1816-4963-A3CB-9F4DE57DA66F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 4 The Nightmare Prince\trine4.exe => No File
FirewallRules: [{41A80515-84C7-4D01-9FAE-CB6C32E76D82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 4 The Nightmare Prince\trine4.exe => No File
FirewallRules: [TCP Query User{07A07DED-0414-4E7C-A50F-365B5ED52397}D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe] => (Block) D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe => No File
FirewallRules: [UDP Query User{C43A7C60-9447-4C79-80C2-F05F484543B5}D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe] => (Block) D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe => No File
FirewallRules: [TCP Query User{81E6CCC2-05A8-4474-9AE2-648593F9F9E8}D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe] => (Block) D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe => No File
FirewallRules: [UDP Query User{55E97C58-87B4-4E39-8B2D-6A29BFCF8F6A}D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe] => (Block) D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe => No File
FirewallRules: [{C59C23F8-A833-42FC-B365-C219EC0918B0}] => (Allow) D:\staženéé\bin\BlackDesert32.exe => No File
FirewallRules: [{4CBC0BDE-BB6D-4D3B-90BD-BD2DB286F8F6}] => (Allow) D:\staženéé\bin64\BlackDesert64.exe => No File
FirewallRules: [{5469E661-758E-428F-ACA4-42E9BEE30844}] => (Allow) D:\staženéé\BlackDesert_Launcher.exe => No File
FirewallRules: [{765DA455-1B86-4AD5-817A-92633053DDE9}] => (Allow) D:\staženéé\BlackDesert_Downloader.exe => No File
C:\Program Files (x86)\NirSoft\WebBrowserPassView\WebBrowserPassView.exe
C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView\WebBrowserPassView
C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView\WebBrowserPassView.lnk
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {8511337C-A708-4A62-BA99-61A1DED78C6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-20] (Google LLC -> Google LLC)
Task: {F6A0F20A-B5B6-4EE9-AE12-B7D81FE63911} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-20] (Google LLC -> Google LLC)
S2 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AAErrorPort; C:\Users\Mimic\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== ATTENTION
S0 35953192; system32\drivers\83336149.sys [X]
S0 66B8A4F9; system32\drivers\66B8A4F9.sys [X]
S3 PRProt; \??\C:\Users\Mimic\AppData\Local\Temp\ActiveAnticheat\1223454\active64.sys [X] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA

EmptyTemp:
End

Uložte do D:\staženéé jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Dobrý den, žádný log se mi nezobrazil :/

Měl by být v souboru fixlog.txt v D:\staženéé. Někdy se stane, že se sám neotevře.

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-03-2021
Ran by Mimic (17-03-2021 12:40:56) Run:1
Running from D:\staženéé
Loaded Profiles: Mimic & Administrator
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
AlternateDataStreams: C:\Users\Mimic:.repos [590]
AlternateDataStreams: C:\Users\Mimic\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Mimic\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
FirewallRules: [{03C80138-2E04-4CA2-9F50-8D3C69DA694D}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [{C2F9CCC3-37D0-4D96-AFB2-72190C0840D8}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => No File
FirewallRules: [{24A71FA6-A2D2-4CCD-A9DC-6FB7647919FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe => No File
FirewallRules: [{AA76C0BF-9353-4167-A094-24B7E97EF6B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe => No File
FirewallRules: [{ACAF409C-1C07-4B86-8EDC-9F1025144CFA}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Downloader.exe => No File
FirewallRules: [{A81BA1FA-F357-4EED-9E49-4116FAEECBFF}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Launcher.exe => No File
FirewallRules: [{561315A9-3D87-40C2-834A-132D4623018F}] => (Allow) C:\Users\Mimic\Downloads\bin64\BlackDesert64.exe => No File
FirewallRules: [{42841A18-F645-4105-BAFB-B943366E2C86}] => (Allow) C:\Users\Mimic\Downloads\bin\BlackDesert32.exe => No File
FirewallRules: [{56827E1D-1E07-4185-A265-766CCF6AD374}] => (Block) D:\Games\The Elder Scrolls - Skyrim - Special Edition\SkyrimSELauncher.exe => No File
FirewallRules: [{6E115B2C-A092-4405-8143-2BD0ACA487FF}] => (Block) D:\Games\The Elder Scrolls - Skyrim - Special Edition\SkyrimSE.exe => No File
FirewallRules: [UDP Query User{BD3B6BD9-1B82-476F-9D13-ED3068005548}D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{82209BD8-10CA-4701-BFD8-23531BB80AD3}D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe => No File
FirewallRules: [{8E4CCCE1-80C4-4846-9897-65BC24ABEE7C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{F2E670F2-BFF1-44D8-92FB-35F41C0DADE4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [UDP Query User{90A56B86-9E30-4FEC-AA1D-543104C4AB71}D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{DA3E68ED-FECA-4505-B936-BF1B3BB215FC}D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{21501777-8FF9-40CB-9D27-6CAA70583216}C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F07B8AB7-9F3D-4D88-B3C4-0735D2F0959B}C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe] => (Allow) C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe => No File
FirewallRules: [{EB52B047-F494-42B9-A5DB-7B09B7369C18}] => (Allow) D:\Vendetta Gaming Network\NosTale Vendetta\patcher.exe => No File
FirewallRules: [{996B30DC-3954-4276-94FD-ED50B20C3916}] => (Allow) C:\Program Files (x86)\(GF26)Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{D8244336-5AD6-404F-8BD2-4C63DFC573B1}] => (Allow) C:\Program Files (x86)\(GF26)Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{CFAC7C1E-5C2E-4645-AEF1-BB6F002FDFC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [{11365570-912C-4B9B-B3E4-E2BDCA707AB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe => No File
FirewallRules: [UDP Query User{95396641-5016-4A2F-9BE9-2E3F445A887D}D:\counter-strike 1.6\hl.exe] => (Allow) D:\counter-strike 1.6\hl.exe => No File
FirewallRules: [TCP Query User{D914467A-8A65-45C6-992A-98F68486032A}D:\counter-strike 1.6\hl.exe] => (Allow) D:\counter-strike 1.6\hl.exe => No File
FirewallRules: [{73E6D535-0CB2-44FB-9900-47151BFA918D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{ED892C48-4E71-4D95-A90F-F6C8E4252F7C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{80BFEDFA-69BB-4D87-8CC6-A40A8AE12D92}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{621B4183-6B32-4C3E-BF18-80FEE17A4546}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{ECDFA95B-63D5-4926-9793-E07C8A62ACFA}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{7C134238-8120-4EB9-9CCA-66F1889DA322}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [TCP Query User{8BD3491B-407E-48E2-9AFE-26B00082653F}D:\riot games\league of legends (pbe)\game\league of legends.exe] => (Allow) D:\riot games\league of legends (pbe)\game\league of legends.exe => No File
FirewallRules: [UDP Query User{CC37225C-E063-4E7C-87BD-B4504106C6EC}D:\riot games\league of legends (pbe)\game\league of legends.exe] => (Allow) D:\riot games\league of legends (pbe)\game\league of legends.exe => No File
FirewallRules: [{BEAEBB63-C931-414D-926C-1D584D8BCEC7}] => (Allow) C:\Users\Mimic\AppData\Local\Programs\Opera\65.0.3467.72\opera.exe => No File
FirewallRules: [{31013513-4995-43ED-8CE9-31C0F173BD93}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\BombTag\BombTag.exe => No File
FirewallRules: [{C0A4F349-E66B-40F2-B338-B04768B6D080}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\BombTag\BombTag.exe => No File
FirewallRules: [{8C73E130-FF27-4B58-8D89-7B7336593365}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Brawlhalla\Brawlhalla.exe => No File
FirewallRules: [{068F0BBC-A4C4-45FE-98E7-379FA531023C}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\Brawlhalla\Brawlhalla.exe => No File
FirewallRules: [{1A386DA8-BB9C-4F23-867A-3408BE412FCF}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe => No File
FirewallRules: [{CD0EB855-7DD4-46E0-9505-1ACE30BF189C}] => (Allow) D:\Counter-Strike 1.6 GO\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe => No File
FirewallRules: [{E9CFCBEC-961B-49E2-B3F2-7C0507ACAC80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{DEBC685A-0DEC-4F59-9EB3-2E73AD5129FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => No File
FirewallRules: [{090EDC91-0A93-4D16-AE08-A5B7C320B217}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe => No File
FirewallRules: [{8B0E738C-8FD7-464D-B2B7-842AD6B97FB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe => No File
FirewallRules: [TCP Query User{600834BD-4ADE-4F38-9475-62B66FE6874F}D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe] => (Block) D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{5C2FE8F3-9A14-450C-8A9E-071F647CDC9F}D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe] => (Block) D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{A358654C-EAE3-4EF8-B245-59B2D09BF17C}D:\far cry 5\bin_plus\farcry5.exe] => (Allow) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [UDP Query User{17FCD82D-BEE0-494C-9E6B-3B16AD3BE781}D:\far cry 5\bin_plus\farcry5.exe] => (Allow) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [{EEC90268-D54B-4AD9-9705-C3F2369513A2}] => (Block) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [{0567FA14-F619-437F-8924-2016BE56377F}] => (Block) D:\far cry 5\bin_plus\farcry5.exe => No File
FirewallRules: [{4BDFAEEB-B6B9-4128-B0FF-D8CC53299F7D}] => (Allow) C:\Users\Mimic\Downloads\bin\BlackDesert32.exe => No File
FirewallRules: [{AA43B9FD-E279-42E8-8BA5-C9561DDDC7DD}] => (Allow) C:\Users\Mimic\Downloads\bin64\BlackDesert64.exe => No File
FirewallRules: [{A7D0FDCC-54D4-4E73-9CB2-71064A238D67}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Launcher.exe => No File
FirewallRules: [{CB2DB56B-8FEF-436A-98EC-E885461883EF}] => (Allow) C:\Users\Mimic\Downloads\BlackDesert_Downloader.exe => No File
FirewallRules: [TCP Query User{FD3A4381-68A0-483B-B363-40CC4BE09A95}D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{CCBC5B3C-F25C-4336-A01D-4D5D02944FBF}D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{34E741B5-E0ED-4618-9C3C-32A8D12AF8CF}C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe] => (Allow) C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe => No File
FirewallRules: [UDP Query User{0F6C06D5-8CED-4357-83B3-81AA16F47E44}C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe] => (Allow) C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe => No File
FirewallRules: [TCP Query User{F0127D7B-970B-445D-BFD4-8466962A6E4F}D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [UDP Query User{67973BA4-0B7A-4810-920E-2ED2FA5CBF88}D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{97D64AF5-2924-49D5-9030-A41197AAFAD0}] => (Block) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{9CF96C2F-63BE-4151-9DD6-CFFA38436B3C}] => (Block) D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [TCP Query User{EA7BC563-17C5-4900-B682-59F0567E2142}D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [UDP Query User{6D8E17F9-91FA-40D1-BADA-D2B29CC00EB1}D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe] => (Allow) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{9B556605-2B60-4F1D-BB21-0EF68D0D6752}] => (Block) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{0755C3D9-37CD-4D66-A1C9-238F53F75E2E}] => (Block) D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe => No File
FirewallRules: [{45FBB493-1816-4963-A3CB-9F4DE57DA66F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 4 The Nightmare Prince\trine4.exe => No File
FirewallRules: [{41A80515-84C7-4D01-9FAE-CB6C32E76D82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 4 The Nightmare Prince\trine4.exe => No File
FirewallRules: [TCP Query User{07A07DED-0414-4E7C-A50F-365B5ED52397}D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe] => (Block) D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe => No File
FirewallRules: [UDP Query User{C43A7C60-9447-4C79-80C2-F05F484543B5}D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe] => (Block) D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe => No File
FirewallRules: [TCP Query User{81E6CCC2-05A8-4474-9AE2-648593F9F9E8}D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe] => (Block) D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe => No File
FirewallRules: [UDP Query User{55E97C58-87B4-4E39-8B2D-6A29BFCF8F6A}D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe] => (Block) D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe => No File
FirewallRules: [{C59C23F8-A833-42FC-B365-C219EC0918B0}] => (Allow) D:\staženéé\bin\BlackDesert32.exe => No File
FirewallRules: [{4CBC0BDE-BB6D-4D3B-90BD-BD2DB286F8F6}] => (Allow) D:\staženéé\bin64\BlackDesert64.exe => No File
FirewallRules: [{5469E661-758E-428F-ACA4-42E9BEE30844}] => (Allow) D:\staženéé\BlackDesert_Launcher.exe => No File
FirewallRules: [{765DA455-1B86-4AD5-817A-92633053DDE9}] => (Allow) D:\staženéé\BlackDesert_Downloader.exe => No File
C:\Program Files (x86)\NirSoft\WebBrowserPassView\WebBrowserPassView.exe
C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView\WebBrowserPassView
C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView\WebBrowserPassView.lnk
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {8511337C-A708-4A62-BA99-61A1DED78C6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-20] (Google LLC -> Google LLC)
Task: {F6A0F20A-B5B6-4EE9-AE12-B7D81FE63911} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-20] (Google LLC -> Google LLC)
S2 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AAErrorPort; C:\Users\Mimic\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [X] <==== ATTENTION
S0 35953192; system32\drivers\83336149.sys [X]
S0 66B8A4F9; system32\drivers\66B8A4F9.sys [X]
S3 PRProt; \??\C:\Users\Mimic\AppData\Local\Temp\ActiveAnticheat\1223454\active64.sys [X] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\Mimic => ":.repos" ADS removed successfully
C:\Users\Mimic\Application Data => ":6699d3ee8dd9cf775caae782c8f44f03" ADS removed successfully
"C:\Users\Mimic\AppData\Roaming" => ":6699d3ee8dd9cf775caae782c8f44f03" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{03C80138-2E04-4CA2-9F50-8D3C69DA694D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2F9CCC3-37D0-4D96-AFB2-72190C0840D8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{24A71FA6-A2D2-4CCD-A9DC-6FB7647919FD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AA76C0BF-9353-4167-A094-24B7E97EF6B8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ACAF409C-1C07-4B86-8EDC-9F1025144CFA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A81BA1FA-F357-4EED-9E49-4116FAEECBFF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{561315A9-3D87-40C2-834A-132D4623018F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{42841A18-F645-4105-BAFB-B943366E2C86}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{56827E1D-1E07-4185-A265-766CCF6AD374}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E115B2C-A092-4405-8143-2BD0ACA487FF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BD3B6BD9-1B82-476F-9D13-ED3068005548}D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{82209BD8-10CA-4701-BFD8-23531BB80AD3}D:\league of legends\rads\projects\league_client\releases\0.0.0.179\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E4CCCE1-80C4-4846-9897-65BC24ABEE7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F2E670F2-BFF1-44D8-92FB-35F41C0DADE4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{90A56B86-9E30-4FEC-AA1D-543104C4AB71}D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DA3E68ED-FECA-4505-B936-BF1B3BB215FC}D:\heroes of the storm\versions\base71138\heroesofthestorm_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{21501777-8FF9-40CB-9D27-6CAA70583216}C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F07B8AB7-9F3D-4D88-B3C4-0735D2F0959B}C:\riot games\pbe\rads\projects\league_client\releases\0.0.2.78\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB52B047-F494-42B9-A5DB-7B09B7369C18}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{996B30DC-3954-4276-94FD-ED50B20C3916}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D8244336-5AD6-404F-8BD2-4C63DFC573B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CFAC7C1E-5C2E-4645-AEF1-BB6F002FDFC6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{11365570-912C-4B9B-B3E4-E2BDCA707AB9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{95396641-5016-4A2F-9BE9-2E3F445A887D}D:\counter-strike 1.6\hl.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D914467A-8A65-45C6-992A-98F68486032A}D:\counter-strike 1.6\hl.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73E6D535-0CB2-44FB-9900-47151BFA918D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED892C48-4E71-4D95-A90F-F6C8E4252F7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{80BFEDFA-69BB-4D87-8CC6-A40A8AE12D92}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{621B4183-6B32-4C3E-BF18-80FEE17A4546}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECDFA95B-63D5-4926-9793-E07C8A62ACFA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C134238-8120-4EB9-9CCA-66F1889DA322}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8BD3491B-407E-48E2-9AFE-26B00082653F}D:\riot games\league of legends (pbe)\game\league of legends.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CC37225C-E063-4E7C-87BD-B4504106C6EC}D:\riot games\league of legends (pbe)\game\league of legends.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BEAEBB63-C931-414D-926C-1D584D8BCEC7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{31013513-4995-43ED-8CE9-31C0F173BD93}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0A4F349-E66B-40F2-B338-B04768B6D080}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C73E130-FF27-4B58-8D89-7B7336593365}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{068F0BBC-A4C4-45FE-98E7-379FA531023C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1A386DA8-BB9C-4F23-867A-3408BE412FCF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD0EB855-7DD4-46E0-9505-1ACE30BF189C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9CFCBEC-961B-49E2-B3F2-7C0507ACAC80}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DEBC685A-0DEC-4F59-9EB3-2E73AD5129FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{090EDC91-0A93-4D16-AE08-A5B7C320B217}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B0E738C-8FD7-464D-B2B7-842AD6B97FB1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{600834BD-4ADE-4F38-9475-62B66FE6874F}D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5C2FE8F3-9A14-450C-8A9E-071F647CDC9F}D:\heroes of the storm\versions\base78725\heroesofthestorm_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A358654C-EAE3-4EF8-B245-59B2D09BF17C}D:\far cry 5\bin_plus\farcry5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{17FCD82D-BEE0-494C-9E6B-3B16AD3BE781}D:\far cry 5\bin_plus\farcry5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EEC90268-D54B-4AD9-9705-C3F2369513A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0567FA14-F619-437F-8924-2016BE56377F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BDFAEEB-B6B9-4128-B0FF-D8CC53299F7D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AA43B9FD-E279-42E8-8BA5-C9561DDDC7DD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7D0FDCC-54D4-4E73-9CB2-71064A238D67}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CB2DB56B-8FEF-436A-98EC-E885461883EF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FD3A4381-68A0-483B-B363-40CC4BE09A95}D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CCBC5B3C-F25C-4336-A01D-4D5D02944FBF}D:\heroes of the storm\versions\base80702\heroesofthestorm_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{34E741B5-E0ED-4618-9C3C-32A8D12AF8CF}C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0F6C06D5-8CED-4357-83B3-81AA16F47E44}C:\users\mimic\appdata\local\temp\rar$exa35748.11172\uncleneighbor\uncleneighbor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F0127D7B-970B-445D-BFD4-8466962A6E4F}D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{67973BA4-0B7A-4810-920E-2ED2FA5CBF88}D:\riots game\patch\freebuild\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{97D64AF5-2924-49D5-9030-A41197AAFAD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9CF96C2F-63BE-4151-9DD6-CFFA38436B3C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EA7BC563-17C5-4900-B682-59F0567E2142}D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6D8E17F9-91FA-40D1-BADA-D2B29CC00EB1}D:\riots game\patch\section\windowsnoeditor\windowsnoeditor\projectunknown101\binaries\win64\projectunknown101.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B556605-2B60-4F1D-BB21-0EF68D0D6752}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0755C3D9-37CD-4D66-A1C9-238F53F75E2E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45FBB493-1816-4963-A3CB-9F4DE57DA66F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{41A80515-84C7-4D01-9FAE-CB6C32E76D82}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{07A07DED-0414-4E7C-A50F-365B5ED52397}D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C43A7C60-9447-4C79-80C2-F05F484543B5}D:\dyinig light\steamapps\common\trine 2\trine2_32bit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{81E6CCC2-05A8-4474-9AE2-648593F9F9E8}D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{55E97C58-87B4-4E39-8B2D-6A29BFCF8F6A}D:\ancient.cities.v0.2.0.5\ancient.cities.v0.2.0.5\art\bin\x64\ancient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C59C23F8-A833-42FC-B365-C219EC0918B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4CBC0BDE-BB6D-4D3B-90BD-BD2DB286F8F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5469E661-758E-428F-ACA4-42E9BEE30844}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{765DA455-1B86-4AD5-817A-92633053DDE9}" => removed successfully
"C:\Program Files (x86)\NirSoft\WebBrowserPassView\WebBrowserPassView.exe" => not found
"C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView\WebBrowserPassView" => not found
"C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView\WebBrowserPassView.lnk" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8511337C-A708-4A62-BA99-61A1DED78C6D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8511337C-A708-4A62-BA99-61A1DED78C6D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F6A0F20A-B5B6-4EE9-AE12-B7D81FE63911}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6A0F20A-B5B6-4EE9-AE12-B7D81FE63911}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\System\CurrentControlSet\Services\wuauserv => removed successfully
wuauserv => service removed successfully
wuauserv => service not found.
HKLM\System\CurrentControlSet\Services\AAErrorPort => removed successfully
AAErrorPort => service removed successfully
HKLM\System\CurrentControlSet\Services\35953192 => removed successfully
35953192 => service removed successfully
HKLM\System\CurrentControlSet\Services\66B8A4F9 => removed successfully
66B8A4F9 => service removed successfully
HKLM\System\CurrentControlSet\Services\PRProt => removed successfully
PRProt => service removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 102489937 B
Java, Flash, Steam htmlcache => 393455729 B
Windows/system/drivers => 26500 B
Edge => 8769103 B
Chrome => 265502577 B
Firefox => 0 B
Opera => 31326153 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 355814 B
NetworkService => 365898 B
Mimic => 89838917 B
Administrator => 166597680 B

RecycleBin => 0 B
EmptyTemp: => 1017.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:42:12 ====

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2021
Ran by Mimic (administrator) on DESKTOP-0G63EDE (Gigabyte Technology Co., Ltd. AB350-Gaming 3) (30-03-2021 19:54:25)
Running from D:\staženéé
Loaded Profiles: Mimic & Administrator
Platform: Windows 10 Pro Version 1903 18362.778 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_10.9.62.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_10.9.62.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Mimic\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Mimic\AppData\Roaming\uTorrent\updates\3.5.5_45966\utorrentie.exe <2>
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Mimic\AppData\Roaming\uTorrent\uTorrent.exe
(Coherent Labs -> Coherent Labs) [File not signed] D:\Black Desert Online\bin64\host\CoherentUI_Host.exe <2>
(Discord Inc. -> Discord Inc.) C:\Users\Mimic\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(EasyAntiCheat Oy -> Epic Games, Inc) C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Outbyte Computing Pty Ltd -> Outbyte) C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe
(Pearl abyss Corp -> ) D:\Black Desert Online\bin64\BlackDesert64.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Mimic\AppData\Local\Temp\Twitch\Twitch.exe
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Mimic\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe <8>
(Twitch Interactive, Inc. -> Twitch Interactive, Inc.) C:\Users\Mimic\AppData\Roaming\Twitch\Bin\TwitchAgent.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [116960 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [4StoryPrePatch] => D:\4secret\4SecretPrePatch.exe
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Run: [btweb] => "C:\Users\Mimic\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-02-28] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3518016 2021-03-16] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Policies\system: [DisableLockWorkstation] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-16] (Google LLC -> Google LLC)
Startup: C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-12-06]
ShortcutTarget: Twitch.lnk -> C:\Users\Mimic\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07C19DA9-9809-4E3C-A0EF-71A9A73AC8A9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0B0DB705-37EA-4968-946C-030378D84EBF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {10FE5B53-9E7D-4ADE-BF14-F16A405BAE2B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1122F02D-E2F3-4BFC-8ECF-C37F95D5BB7F} - System32\Tasks\Outbyte\PC Repair\Start PC Repair оn logon => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe [8287552 2021-02-05] (Outbyte Computing Pty Ltd -> Outbyte) <==== ATTENTION
Task: {1BD676E1-AA73-4FED-A03C-8417BAE84505} - System32\Tasks\Apple Diagnostics => C:\Users\Mimic\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2020-04-10] ()
Task: {29354060-62E1-4282-8B37-A77EC565D331} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {297E0AEE-4D81-4A0E-BE3F-B57D62E94A13} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {43284E46-4579-45E8-A010-51389F12623D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
Task: {49332DF1-7BB7-43E1-9BB3-D0453BB0EAFC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4F46DDDF-FB8A-4686-ABFB-0D0793CD9EFB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F840A11-67B3-48C6-8341-2D01E58AE617} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71175C86-518C-44C7-B01B-827AA95F1810} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1235492812-2151765122-4279266773-500" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{445A50B5-41A2-4C37-9686-B5F8F8E539DB}" /ENABLE
Task: {8275A37E-F24C-40E8-BB70-BDE382B0FDAB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {857BF743-6CB9-4AE7-BEE6-59A3D03F1504} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-21] (Adobe Inc. -> Adobe)
Task: {8891E9FD-4515-4B4E-9B5D-81A18A4697C8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {98AD43E8-36DF-4981-A1A1-AEFD90354284} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-21] (Adobe Inc. -> Adobe)
Task: {C3C945C1-9ADA-459C-8EAA-1302C641C29A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{5582edf2-6605-4509-9265-68cb85011cfc}: [DhcpNameServer] 213.46.172.38 213.46.172.39

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-03-26] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default [2021-03-30]
CHR Notifications: Default -> hxxps://manius.cz
CHR HomePage: Default -> hxxp://www.google.com
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=E210US91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-26]
CHR Extension: (Dokumenty) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-26]
CHR Extension: (Disk Google) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-26]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2020-04-20]
CHR Extension: (Tabulky) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-26]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-03-21]
CHR Extension: (Záložky na iCloudu) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2020-05-01]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-12-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-12]
CHR Extension: (Vysor) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Gmail) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-17]
CHR Profile: C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-03-17]
CHR Profile: C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera:
=======
OPR Profile: C:\Users\Mimic\AppData\Roaming\Opera Software\Opera Stable [2021-03-17]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-21] (Adobe Inc. -> Adobe)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7878680 2021-03-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621608 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56904 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2020-12-29] (Apple Inc. -> Apple Inc.)
R3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [810928 2021-02-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [568480 2021-01-11] (Gameforge 4D GmbH -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-23] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-03-26] (McAfee, LLC -> McAfee, LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1123336 2021-03-03] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [321544 2021-03-03] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-12-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294464 2021-03-16] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)
S3 TNTClientDaemonMS2; C:\Program Files (x86)\GameforgeLoginMS2\daemon.exe [406184 2019-02-28] (Gameforge 4D GmbH -> )
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-02-28] (LAVASOFT SOFTWARE CANADA INC -> )
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465160 2021-03-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-16] (Microsoft Corporation) [File not signed]
R3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [2237408 2021-03-30] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1214752 2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216056 2020-08-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-02] (Malwarebytes Inc -> Malwarebytes)
R3 ObDrvMonPCRSrv; C:\Program Files (x86)\Outbyte\PC Repair\DrvMonX64.sys [186544 2021-01-12] (Outbyte Computing Pty Ltd -> Outbyte)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54168 2020-11-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_025a; C:\WINDOWS\System32\drivers\RzDev_025a.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-17] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2719256 2021-02-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-30 11:04 - 2021-03-30 11:04 - 000022448 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_1668210340722791.dll
2021-03-26 13:50 - 2021-03-26 14:21 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\coc2electron
2021-03-26 13:50 - 2021-03-26 13:50 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\CoC II
2021-03-24 13:54 - 2021-03-30 11:01 - 000000000 ___DC C:\Users\Mimic\AppData\LocalLow\uTorrent
2021-03-23 14:40 - 2021-03-23 15:02 - 000000000 ____D C:\Users\Mimic\AppData\Local\Razer
2021-03-23 14:40 - 2021-03-23 14:40 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\Synapse3
2021-03-23 14:40 - 2021-03-23 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-03-23 14:39 - 2021-03-23 14:39 - 000000000 ____D C:\Program Files\Razer Chroma SDK
2021-03-23 14:39 - 2021-03-23 14:39 - 000000000 ____D C:\Program Files\Razer
2021-03-23 14:39 - 2021-03-23 14:39 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2021-03-23 14:37 - 2021-03-23 14:39 - 000000000 ____D C:\Program Files (x86)\Razer
2021-03-23 14:12 - 2021-03-23 15:02 - 000000000 ____D C:\ProgramData\Razer
2021-03-23 09:49 - 2021-03-23 09:49 - 000000000 ____D C:\Users\Mimic\AppData\Local\ali213GameLauncher
2021-03-12 18:10 - 2021-03-12 18:10 - 000000000 ____D C:\Users\Mimic\AppData\Local\Bioasshard_Arena
2021-03-03 11:52 - 2021-03-03 11:52 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-03-03 11:51 - 2021-02-24 14:53 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-03 11:51 - 2021-02-24 14:53 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-03 11:51 - 2021-02-24 14:53 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-03 11:51 - 2021-02-24 14:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-03 11:51 - 2021-02-24 14:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-03 11:51 - 2021-02-24 14:53 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-03 11:51 - 2021-02-24 14:53 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-03 11:51 - 2021-02-24 14:53 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-03 11:51 - 2021-02-24 14:53 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-03 11:51 - 2021-02-24 14:53 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-03 11:51 - 2021-02-24 14:51 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-03-03 11:51 - 2021-02-24 14:51 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-03-03 11:51 - 2021-02-24 14:50 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-03-03 11:51 - 2021-02-24 14:50 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-03-03 11:51 - 2021-02-24 14:50 - 001511192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-03-03 11:51 - 2021-02-24 14:50 - 001163544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-03-03 11:51 - 2021-02-24 14:50 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-03-03 11:51 - 2021-02-24 14:50 - 000671512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-03-03 11:51 - 2021-02-24 14:50 - 000556816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-03-03 11:51 - 2021-02-24 14:49 - 008260880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-03-03 11:51 - 2021-02-24 14:49 - 007391512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-03-03 11:51 - 2021-02-24 14:49 - 004610320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-03-03 11:51 - 2021-02-24 14:49 - 002729776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-03-03 11:51 - 2021-02-24 14:49 - 001730864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446172.dll
2021-03-03 11:51 - 2021-02-24 14:49 - 001490200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446172.dll
2021-03-03 11:51 - 2021-02-24 14:42 - 006072896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-03-03 05:40 - 2021-03-03 05:40 - 000201736 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaSDK64.dll
2021-03-03 05:40 - 2021-03-03 05:40 - 000176136 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaSDK.dll
2021-02-28 23:00 - 2021-02-28 23:00 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-28 23:00 - 2021-02-28 23:00 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-30 19:55 - 2020-06-21 22:18 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\uTorrent
2021-03-30 19:54 - 2020-05-09 01:17 - 000000000 ____D C:\FRST
2021-03-30 19:51 - 2020-05-01 13:08 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\discord
2021-03-30 19:44 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-30 19:36 - 2019-10-16 09:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-30 11:02 - 2021-02-23 15:44 - 000003414 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{445A50B5-41A2-4C37-9686-B5F8F8E539DB}
2021-03-30 11:02 - 2020-05-31 00:23 - 000002918 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1235492812-2151765122-4279266773-500
2021-03-30 11:02 - 2020-04-11 12:54 - 000000000 ____D C:\Users\Mimic\AppData\Local\BitTorrentHelper
2021-03-30 11:02 - 2019-10-16 09:52 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-30 11:02 - 2019-10-16 09:52 - 000003256 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-30 11:02 - 2019-10-16 09:52 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-30 11:02 - 2019-10-16 09:52 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-30 11:02 - 2019-10-16 09:52 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-30 11:02 - 2019-10-16 09:52 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-30 11:02 - 2019-10-16 09:52 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-30 11:02 - 2019-10-16 09:52 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-30 11:02 - 2019-10-16 09:52 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-30 11:02 - 2019-10-16 09:52 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-03-30 11:02 - 2019-10-16 09:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-03-30 11:02 - 2018-12-24 16:57 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-30 11:01 - 2019-09-14 07:23 - 000000000 ___DC C:\Users\Mimic\AppData\Roaming\Twitch
2021-03-29 13:01 - 2018-12-25 12:26 - 000000000 ___DC C:\Users\Mimic\AppData\Local\CrashDumps
2021-03-28 10:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-23 15:16 - 2018-12-26 02:13 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-23 14:54 - 2019-10-16 19:25 - 000488808 _____ C:\WINDOWS\system32\perfh011.dat
2021-03-23 14:54 - 2019-10-16 19:25 - 000133986 _____ C:\WINDOWS\system32\perfc011.dat
2021-03-23 14:54 - 2019-10-16 19:23 - 000719846 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-23 14:54 - 2019-10-16 19:23 - 000146332 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-23 14:54 - 2019-10-16 09:54 - 002311632 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-23 14:54 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2021-03-23 14:50 - 2019-10-16 09:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-23 14:49 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-23 01:56 - 2021-02-16 02:42 - 000000000 ____D C:\Users\Mimic\AppData\Local\ElevatedDiagnostics
2021-03-18 19:01 - 2018-12-26 02:15 - 000465160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-03-17 13:42 - 2018-05-08 17:08 - 000000000 ___DC C:\Users\Mimic\AppData\LocalLow\Temp
2021-03-16 00:45 - 2018-03-29 22:46 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-16 00:45 - 2018-03-29 22:46 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-15 14:05 - 2019-11-17 08:14 - 000000000 ____D C:\Users\Mimic\AppData\Local\User Data
2021-03-06 09:04 - 2019-10-16 09:52 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-03-03 23:56 - 2018-12-24 17:17 - 000000000 ___DC C:\Users\Mimic\AppData\Local\NVIDIA
2021-03-03 11:48 - 2018-12-24 17:17 - 000000000 ___DC C:\Users\Mimic\AppData\Local\NVIDIA Corporation
2021-02-28 23:01 - 2020-10-27 00:06 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-28 23:00 - 2020-04-22 02:34 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-02-28 23:00 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-28 23:00 - 2019-01-14 23:20 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-28 23:00 - 2019-01-08 16:39 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-28 23:00 - 2019-01-08 16:39 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-28 23:00 - 2019-01-08 16:39 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-28 23:00 - 2018-12-26 02:15 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-28 23:00 - 2018-12-26 02:15 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-28 23:00 - 2018-12-26 02:15 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-28 23:00 - 2018-12-26 02:15 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-28 23:00 - 2018-12-26 02:15 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-28 23:00 - 2018-12-26 02:15 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-28 16:20 - 2019-10-16 09:46 - 000000000 ____D C:\Users\Mimic

==================== Files in the root of some directories ========

2020-05-09 09:39 - 2020-05-09 09:39 - 000000000 _____ () C:\Users\Mimic\AppData\Roaming\unp201749821.tmp
2019-10-21 19:28 - 2019-10-21 19:28 - 000000033 _____ () C:\Users\Mimic\AppData\Local\Nox_crash.log
2019-10-16 07:54 - 2019-10-16 07:54 - 000000017 ____C () C:\Users\Mimic\AppData\Local\resmon.resmoncfg
2019-11-09 12:15 - 2020-01-26 13:07 - 000000071 _____ () C:\Users\Mimic\AppData\Local\update_progress.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-03-2021
Ran by Mimic (30-03-2021 19:55:41)
Running from D:\staženéé
Windows 10 Pro Version 1903 18362.778 (X64) (2019-10-16 07:52:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1235492812-2151765122-4279266773-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1235492812-2151765122-4279266773-503 - Limited - Disabled)
Guest (S-1-5-21-1235492812-2151765122-4279266773-501 - Limited - Disabled)
MALUS (S-1-5-21-1235492812-2151765122-4279266773-1003 - Limited - Disabled)
Mimic (S-1-5-21-1235492812-2151765122-4279266773-1002 - Administrator - Enabled) => C:\Users\Mimic
WDAGUtilityAccount (S-1-5-21-1235492812-2151765122-4279266773-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\uTorrent) (Version: 3.5.5.45966 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
Almastriga version build 0.001 (HKLM-x32\...\{03FB0452-F9DD-4F45-A8AC-14E5E7BEF6B1}_is1) (Version: build 0.001 - Taboolicious)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Black Desert (HKLM-x32\...\BlackDesert_NA_is1) (Version: 1.0 - PearlAbyss Corp.)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.10 - Kakao Games Europe B.V.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Gameforge Client (HKLM-x32\...\{d3b2a0c1-f0d0-4888-ae0b-1c5e1febdafb}_is1) (Version: 2.1.21.726 - Gameforge)
Gameforge Login MS2 (HKLM-x32\...\{703bd6d7-79c0-4005-8cd7-89522a05a546}_is1) (Version: 1.3.39 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
iCloud Outlook (HKLM\...\{A8C64C2A-BD34-464F-BA61-A969BA46FC2B}) (Version: 10.9.3.62 - Apple Inc.)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends PBE (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Riot Game league_of_legends.pbe) (Version: - Riot Games, Inc)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1235492812-2151765122-4279266773-500\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)
NirSoft WebBrowserPassView (HKLM-x32\...\NirSoft WebBrowserPassView) (Version: - )
NosTale (HKLM-x32\...\{dd4e22d6-00d1-44b9-8126-d8b40e0cd7c9}) (Version: - Gameforge)
NosTale (HKLM-x32\...\Nostale(CZ)_is1) (Version: - Gameforge 4D GmbH)
NosTale cs-CZ (HKLM-x32\...\{dd4e22d6-00d1-44b9-8126-d8b40e0cd7c9.cs-CZ}) (Version: - Gameforge)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Oh So Hero! (HKLM-x32\...\Oh So Hero!) (Version: 0.15.000 - Full Frontal Frog)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.)
Outbyte PC Repair (HKLM-x32\...\{D5C6DB0C-BC43-4A77-9121-D1A07591F855}_is1) (Version: 1.1.7.62798 - Outbyte Computing Pty Ltd)
Outlook Express Backup V6.5 (HKLM-x32\...\EditPlus Text Editor_is1) (Version: 4.60.2181.23 - GOM & Company)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200616 - Kakao Corp.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0331.031613 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Robin Morningwood Adventure The Whellcum's Secret version 0.5.2 (HKLM-x32\...\{0AC36B87-FA0B-4B60-9580-E9028F2A03A3}_is1) (Version: 0.5.2 - Grizzly Gamer)
Robin Morningwood Adventure version 1.9 (HKLM-x32\...\{90438DFC-FAF8-4125-8D8A-959003C55B2B}_is1) (Version: 1.9 - GrizzlyGamerStudio)
ScrSnap (HKLM-x32\...\ScrSnap) (Version: - ) <==== ATTENTION
TeamSpeak 3 Client (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
Twitch (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Web Companion (HKLM-x32\...\{e81fff90-d055-4d36-bb93-31b8ac403cd1}) (Version: 7.0.2417.4248 - Lavasoft)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.582 - McAfee, LLC)
WeMod (HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\WeMod) (Version: 6.2.16 - WeMod)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
World of Warcraft Classic PTR (HKLM-x32\...\World of Warcraft Classic PTR) (Version: - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-19] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-04] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-24] (Fitbit)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_10.9.62.0_x86__nzyj5cx40ttqa [2020-04-10] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa [2020-04-17] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.9.1.0_x64__nfy108tqq3p12 [2020-04-19] (Thumbmunkeys Ltd) [MS Ad]
PlayList Downloader from Youtube -> C:\Program Files\WindowsApps\299OMANSAK.PlayListDownloaderfromYoutube_1.5.5.0_x64__zratab4wdvxjg [2020-04-08] (OMANSAK) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-02-08] (Skype)
State of Decay 2 -> C:\Program Files\WindowsApps\Microsoft.Dayton_2.384.54.2_x64__8wekyb3d8bbwe [2020-03-14] (Microsoft Studios)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.88.0_x64__8wekyb3d8bbwe [2020-05-08] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002_Classes\CLSID\{7000EBEA-9341-4C5A-8297-B3541E8D3474} -> [iCloud Drive] => C:\Users\Mimic\iCloudDrive0
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Loaded Modules (Whitelisted) =============

2021-02-06 15:21 - 2021-02-06 15:21 - 000104448 _____ () [File not signed] D:\Black Desert Online\bin64\host\libegl.dll
2021-02-06 15:21 - 2021-02-06 15:21 - 000884736 _____ () [File not signed] D:\Black Desert Online\bin64\host\libglesv2.dll
2021-03-03 05:40 - 2021-03-03 05:40 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoFoundation.dll
2021-03-03 05:40 - 2021-03-03 05:40 - 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoJSON.dll
2021-03-03 05:40 - 2021-03-03 05:40 - 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNet.dll
2021-03-03 05:40 - 2021-03-03 05:40 - 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoNetSSLWin.dll
2021-03-03 05:40 - 2021-03-03 05:40 - 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoUtil.dll
2021-03-03 05:40 - 2021-03-03 05:40 - 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\PocoXML.dll
2021-02-06 15:21 - 2021-02-06 15:21 - 009956864 _____ (The ICU Project) [File not signed] D:\Black Desert Online\bin64\host\icudt.dll
2020-04-15 20:37 - 2020-05-19 23:02 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-04-15 20:37 - 2020-05-19 23:02 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-04-15 20:37 - 2020-05-19 23:02 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-12-28 23:04 - 2020-05-19 23:02 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-12-28 23:04 - 2020-05-19 23:02 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-12-28 23:04 - 2020-05-19 23:02 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-12-28 23:04 - 2020-05-19 23:02 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-12-28 23:04 - 2020-05-19 23:02 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-12-28 23:04 - 2020-05-19 23:02 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35953192.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\52888064.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\66B8A4F9.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35953192.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\52888064.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\66B8A4F9.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171101&iDate=2020-06-13 10:25:11&bName=
SearchScopes: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-12-25 01:47 - 2019-01-04 15:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Mimic\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1235492812-2151765122-4279266773-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{8029EC52-9BFB-4A4A-BD3D-6ECFE32E4B1A}D:\classic offik\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) D:\classic offik\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{935771FD-1959-42EC-97E3-E980641C7D79}D:\classic offik\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) D:\classic offik\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{B992D716-4AD0-4D6C-A2E9-A06BAAA54320}D:\league of legends\game\league of legends.exe] => (Allow) D:\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{12B8A14D-5D5C-4942-A64D-30D9A383EE92}D:\league of legends\game\league of legends.exe] => (Allow) D:\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{D2F8A587-E1E3-4844-9A3B-9A0F98FA1BEB}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A6165E2F-2EC3-4431-89B3-ACC062060849}D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{67B94190-5FE1-4D54-9AD4-B3351E543231}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{1B11AED1-44F6-49B8-9E25-73A93B1F668A}D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{1511F20F-9F9C-46B6-B585-8775AE8926EC}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{BE6C583F-3D5C-4DE3-BEA1-D3A4E4EFACBC}D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{2136E8B7-405B-4681-96A9-69E18EFB1DDB}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{B897E717-C6A6-4D72-AFC2-6D19C5D37A6C}D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{D7454C61-EC00-4D57-8699-8896A0E8031C}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{1B1BEF2C-0088-4866-A7E8-C63739194F78}D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{CD6B6B07-0AB4-4DD6-91AA-42182240325D}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A8C5B25F-4631-40E8-8E9D-EBD325800452}D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{EFFDE2AB-6369-4A2F-BF72-8F753AD4BCFE}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{52E9227D-F6D3-4DD5-8918-3FED9C1CDF1A}D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{F81CC3BA-00DE-4E55-AAE2-DD2C1B2ACA6E}D:\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{FAA3116E-B54A-4459-AFB3-6F95E098DAF0}D:\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.190\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{755B8356-49CA-436E-9471-928AF271B9A1}D:\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{727B4094-01C8-4932-AF25-3861D758D55C}D:\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.189\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{158AEE44-E4C1-4607-928E-F52EA9DE72F1}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{DE11E38C-873F-4DFB-A407-5E74CC5A4E3F}D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.184\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{096F6BA9-15D6-468B-897D-4F53D145DB11}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{28AC4DF0-3506-452A-A759-0F57D88DA92D}D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.183\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{53702A04-72DC-45A9-B0EE-29EDE2B99C79}D:\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{8BBBD486-4A49-4125-A2BD-B256BECE799E}D:\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.181\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{BF3C59EB-F68C-4DA6-9D8F-78D50FDC4618}D:\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{36DCFA73-5BD8-4EFC-B05A-4E8908FF7813}D:\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.180\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{2B92B0F6-CA02-41B3-82BE-CABAEEF959B4}C:\users\mimic\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mimic\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{8FABF57D-244A-48E1-B363-78329F468E96}C:\users\mimic\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mimic\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{F7554FAB-3AAD-453E-BA62-6AC05A36623E}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [TCP Query User{B3C4F9DE-EAEB-4BA3-8BEB-5970D5F786D3}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [{0B58D1CE-5F7B-4CC2-BB89-962CF449D6A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A3603895-6D9A-4409-927E-BC09D6A1DCC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{7F054086-0750-480F-A761-B25574282C98}D:\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{FD615BA5-CDA3-4BE1-BD74-DD068A777B36}D:\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F3F17166-4CCF-4B73-A1DB-88C25B27D447}D:\classic offik\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) D:\classic offik\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{C5B0D094-E644-4B45-96B1-9ED7BAF19760}D:\classic offik\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) D:\classic offik\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{215354C0-76C2-4636-B2E5-5E86AEB05DFA}] => (Allow) C:\Users\Mimic\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{02AAF38C-CD4E-49C9-9255-3D2791C41CE1}] => (Allow) C:\Users\Mimic\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{2C7FD055-0E95-43EB-8E53-06EED82AE80C}D:\games\outlast 2\binaries\win64\outlast2.exe] => (Allow) D:\games\outlast 2\binaries\win64\outlast2.exe => No File
FirewallRules: [UDP Query User{72603C6B-0B21-415B-9035-D72FA9D526A7}D:\games\outlast 2\binaries\win64\outlast2.exe] => (Allow) D:\games\outlast 2\binaries\win64\outlast2.exe => No File
FirewallRules: [{EB9D5BF6-FC61-4220-9FBC-A84532C6590E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4E030515-2D49-408E-AFD0-45772A87DBC3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22BB9CB9-7CFC-43FB-AD76-4E4AC4F9AC00}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E908B8D5-1C91-48CD-91A1-D065411D0AC0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D855C73C-0B77-456D-B309-E2757AC46A09}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B8165DDD-D695-4FFB-A613-BC2542BF28C4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1B71D93-1041-449B-BC83-254C613DD8EF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BBF22A65-CC99-464C-BDC2-1B4BE6C631EF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{524A7336-5E55-4F98-8669-441052FFD714}C:\users\mimic\appdata\roaming\twitch\bin\electron\twitchui.exe] => (Allow) C:\users\mimic\appdata\roaming\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [UDP Query User{54735A18-A5B6-4B5E-A85C-C8AA885F95D1}C:\users\mimic\appdata\roaming\twitch\bin\electron\twitchui.exe] => (Allow) C:\users\mimic\appdata\roaming\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [TCP Query User{4A848F37-B344-412D-A37D-D323EDCFFC0D}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{013B8A78-4D65-44C3-90DE-BF6345702C82}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{61D0DB09-1DDB-49F0-B259-A95AF5815881}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DyingLightGame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{C9AE2363-6C9E-4A7F-A0CF-C50836A9EA3D}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DyingLightGame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{3C072DFF-8ABC-42C2-8EBF-CBA4C04A2416}] => (Allow) D:\Dyinig light\steamapps\common\The Witcher 3\bin\x64\witcher3.exe => No File
FirewallRules: [{BB28A6EE-92FF-4653-B41D-16A38A3D398E}] => (Allow) D:\Dyinig light\steamapps\common\The Witcher 3\bin\x64\witcher3.exe => No File
FirewallRules: [{6ED204CD-7C5E-4B07-A8D0-65408456DC0B}] => (Allow) D:\Dyinig light\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{B990E38D-7CBD-4AD3-975B-7C571B44C8CF}] => (Allow) D:\Dyinig light\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [TCP Query User{30ADEA13-D9F4-48B1-A900-8BE6E022C032}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2602CD8E-29D6-4BA2-8636-FB24D0521976}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{098265FB-6761-42DA-9A3E-7EF3583A1CB0}] => (Allow) D:\Dyinig light\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{9FE1C4B5-98AE-4409-8D9B-A47B21643625}] => (Allow) D:\Dyinig light\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{D0BC2476-010B-47EF-9035-C8C818166714}] => (Allow) D:\Dyinig light\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{B153ACDE-A8A5-4196-BCBC-CA71F80BF04F}] => (Allow) D:\Dyinig light\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{B0729BB9-A897-416B-B459-5E9A004EFFC5}] => (Allow) D:\Dyinig light\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{D934C1E9-8491-4161-9F6E-44A8810FD9B9}] => (Allow) D:\Dyinig light\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{47450C3D-A78F-436D-B38B-BD8A98151B84}] => (Allow) D:\Dyinig light\steamapps\common\TheForestDedicatedServer\TheForestDedicatedServer.exe () [File not signed]
FirewallRules: [{310F8167-92B5-41A8-A138-5812776942A5}] => (Allow) D:\Dyinig light\steamapps\common\TheForestDedicatedServer\TheForestDedicatedServer.exe () [File not signed]
FirewallRules: [TCP Query User{25B11BFF-B7BF-4866-808B-976A2C4A32FA}D:\classic offik\diablo iii\x64\diablo iii64.exe] => (Allow) D:\classic offik\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{ADDDBBDA-EAF9-47A2-B687-7086D31D7058}D:\classic offik\diablo iii\x64\diablo iii64.exe] => (Allow) D:\classic offik\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D1C0352B-FEBA-4735-9154-93C4005A63DE}D:\riots game\patch\lewd red riding hoof-v1.03\ost_game\binaries\win64\ost_game-win64-shipping.exe] => (Block) D:\riots game\patch\lewd red riding hoof-v1.03\ost_game\binaries\win64\ost_game-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{B15FC298-9193-4CD8-BAD7-9F6DE3388ECB}D:\riots game\patch\lewd red riding hoof-v1.03\ost_game\binaries\win64\ost_game-win64-shipping.exe] => (Block) D:\riots game\patch\lewd red riding hoof-v1.03\ost_game\binaries\win64\ost_game-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{1D5C3CCA-D67E-4E87-B757-7B627C055270}D:\riots game\patch\farm\breeding farm.exe] => (Allow) D:\riots game\patch\farm\breeding farm.exe () [File not signed]
FirewallRules: [UDP Query User{96ED3C99-AEF1-41CB-842B-0D76DF146B6E}D:\riots game\patch\farm\breeding farm.exe] => (Allow) D:\riots game\patch\farm\breeding farm.exe () [File not signed]
FirewallRules: [TCP Query User{E1D44D9F-BEB5-477F-972A-0E7D48749969}D:\riots game\patch\uncleneighbor\uncleneighbor.exe] => (Allow) D:\riots game\patch\uncleneighbor\uncleneighbor.exe () [File not signed]
FirewallRules: [UDP Query User{2295E70E-C491-4C25-9CB9-4A9F68E20BFC}D:\riots game\patch\uncleneighbor\uncleneighbor.exe] => (Allow) D:\riots game\patch\uncleneighbor\uncleneighbor.exe () [File not signed]
FirewallRules: [TCP Query User{99A2FABD-654F-4BFC-A381-AEF92393AE44}D:\riots game\patch\lotw\lotw\binaries\win64\lotw.exe] => (Allow) D:\riots game\patch\lotw\lotw\binaries\win64\lotw.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{B045B97C-781E-479A-9DF9-900B21986B76}D:\riots game\patch\lotw\lotw\binaries\win64\lotw.exe] => (Allow) D:\riots game\patch\lotw\lotw\binaries\win64\lotw.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{778FF7DE-A0D2-4E1C-B9F4-BEEDD9D1B7DE}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{7AB79D43-AE00-45EB-9B2D-4B9135A58DC0}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [TCP Query User{88BB794C-DF94-4716-9F16-870C2E6EF314}D:\riots game\patch\thelewdknight0.3.5\the lewd knight.exe] => (Allow) D:\riots game\patch\thelewdknight0.3.5\the lewd knight.exe () [File not signed]
FirewallRules: [UDP Query User{9B69EF41-0AE2-492E-B1FC-26F5839D621C}D:\riots game\patch\thelewdknight0.3.5\the lewd knight.exe] => (Allow) D:\riots game\patch\thelewdknight0.3.5\the lewd knight.exe () [File not signed]
FirewallRules: [TCP Query User{C5D9F686-4710-4E07-9A1B-244737B3004B}D:\classic offik\warcraft iii\_retail_\x86_64\warcraft iii.exe] => (Block) D:\classic offik\warcraft iii\_retail_\x86_64\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc)
FirewallRules: [UDP Query User{B5BF3530-6314-4F11-A110-31EA2600C560}D:\classic offik\warcraft iii\_retail_\x86_64\warcraft iii.exe] => (Block) D:\classic offik\warcraft iii\_retail_\x86_64\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc)
FirewallRules: [{BC62ED5E-E579-4106-8819-274A061A6F6F}] => (Allow) D:\Dyinig light\steamapps\common\NARUTO SHIPPUDEN ULTIMATE NINJA STORM REVOLUTION\NSUNSR_launcher.exe () [File not signed]
FirewallRules: [{FDB3E626-F556-4C3A-B59D-ED907E839A22}] => (Allow) D:\Dyinig light\steamapps\common\NARUTO SHIPPUDEN ULTIMATE NINJA STORM REVOLUTION\NSUNSR_launcher.exe () [File not signed]
FirewallRules: [{235D8EC2-45CC-4CEE-A506-8C5D1B248A25}] => (Allow) D:\Dyinig light\steamapps\common\Planet Zoo\PlanetZoo.exe => No File
FirewallRules: [{ED32F3AF-C340-48A5-B9EB-3A6C0EF104C0}] => (Allow) D:\Dyinig light\steamapps\common\Planet Zoo\PlanetZoo.exe => No File
FirewallRules: [{21D29E25-EDE8-4B13-BE6C-2D4F69FCA7E8}] => (Allow) D:\Dyinig light\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{00692236-CBAB-4B8F-92A1-13C0EB51B991}] => (Allow) D:\Dyinig light\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{F4CFF9FB-116A-428F-AB89-92860FE66F72}] => (Allow) D:\Dyinig light\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{F38EC794-B7C7-4804-A2E2-18C9E971E909}] => (Allow) D:\Dyinig light\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{6F36F5F1-CEDA-424E-82E1-835A1DC858A5}] => (Allow) D:\Dyinig light\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe () [File not signed]
FirewallRules: [{5125D724-14B5-4294-8E76-B0ED12139F48}] => (Allow) D:\Dyinig light\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe () [File not signed]
FirewallRules: [TCP Query User{0A302999-D746-4C2E-91BF-A6E07042A990}D:\dyinig light\steamapps\common\trine\_enchanted_edition_\trine1_32bit.exe] => (Block) D:\dyinig light\steamapps\common\trine\_enchanted_edition_\trine1_32bit.exe () [File not signed]
FirewallRules: [UDP Query User{F1F6AB90-0542-4961-BB03-57FEADEDC3CD}D:\dyinig light\steamapps\common\trine\_enchanted_edition_\trine1_32bit.exe] => (Block) D:\dyinig light\steamapps\common\trine\_enchanted_edition_\trine1_32bit.exe () [File not signed]
FirewallRules: [{F6D9E75B-CE9D-4A10-8EE1-F01BC383072D}] => (Allow) D:\Dyinig light\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{DDC979DF-6C31-48BC-AB91-9B2C4183A917}] => (Allow) D:\Dyinig light\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [TCP Query User{74E9CA75-1668-46B6-93B6-13D6961777E4}C:\program files (x86)\quadcorem2\pack\core.bin] => (Allow) C:\program files (x86)\quadcorem2\pack\core.bin => No File
FirewallRules: [UDP Query User{8EF1FF6C-68FD-4FDA-9EDC-5D39766E92AB}C:\program files (x86)\quadcorem2\pack\core.bin] => (Allow) C:\program files (x86)\quadcorem2\pack\core.bin => No File
FirewallRules: [TCP Query User{BD7F689C-92FF-4190-80EE-39756E978EB6}D:\riots game\patch\cybernance\cralpha0.7\rigsandbox\binaries\win64\rigsandbox-win64-test.exe] => (Allow) D:\riots game\patch\cybernance\cralpha0.7\rigsandbox\binaries\win64\rigsandbox-win64-test.exe (Nemesis Soft LTD) [File not signed]
FirewallRules: [UDP Query User{DBC01F10-8CDB-4333-99D6-3DAB658D2B19}D:\riots game\patch\cybernance\cralpha0.7\rigsandbox\binaries\win64\rigsandbox-win64-test.exe] => (Allow) D:\riots game\patch\cybernance\cralpha0.7\rigsandbox\binaries\win64\rigsandbox-win64-test.exe (Nemesis Soft LTD) [File not signed]
FirewallRules: [{68A1D9DC-501A-412F-A12C-FDC9D51A265F}] => (Allow) D:\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C8C259B2-D4C0-4086-9787-1038157ED570}] => (Allow) D:\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D03C281D-316B-4A9B-9354-44B0DB27FF68}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9FE01952-F1D9-416D-B63E-566547E8CCD5}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{953B297B-289D-4162-8914-008778EAF1AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{21A7403D-FB28-4B8B-A4D0-0BD47D97B78F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C28E73E6-92DB-41C8-A0F7-AE57DD58F9F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7671A118-3EE9-4C5C-8516-43D6028364AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D4950E88-5F80-4890-B11E-9FA0F1E34B0B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AED6E6F7-845B-4378-864C-8A22DFEDB3A6}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{E16D29EF-1460-4A29-A8AA-B41897E62278}] => (Allow) D:\Dyinig light\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland Sp. z o.o. -> Techland)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.25 GB) (Free:17.65 GB) (16%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/30/2021 07:53:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (22464,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/30/2021 07:25:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (34696,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/30/2021 06:46:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5452,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/30/2021 06:30:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (23040,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/30/2021 05:58:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10380,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/30/2021 05:36:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (25340,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/30/2021 04:58:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19052,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/30/2021 04:39:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18612,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (03/30/2021 07:56:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/30/2021 07:54:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (03/30/2021 07:54:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0G63EDE)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/30/2021 07:52:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (03/30/2021 07:52:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/30/2021 07:50:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (03/30/2021 07:40:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0G63EDE)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/30/2021 07:38:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
================
Date: 2019-10-20 09:57:33.067
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2C93FBD5-A97B-4952-96D7-42FE3B86E0FF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-10-16 12:41:55.285
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Netpass
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files (x86)\NirSoft\WebBrowserPassView\WebBrowserPassView.exe; file:_C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView\WebBrowserPassView.lnk; startup:_C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView\WebBrowserPassView.lnk
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-0G63EDE\Mimic
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze bezpečnostních informací: AV: 1.303.1818.0, AS: 1.303.1818.0, NIS: 1.303.1818.0
Verze modulu: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2019-10-16 12:41:29.005
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Netpass
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files (x86)\NirSoft\WebBrowserPassView\WebBrowserPassView.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-0G63EDE\Mimic
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze bezpečnostních informací: AV: 1.303.1818.0, AS: 1.303.1818.0, NIS: 1.303.1818.0
Verze modulu: AM: 1.1.16400.2, NIS: 1.1.16400.2

==================== Memory info ===========================

BIOS: American Megatrends Inc. F22b 02/13/2018
Motherboard: Gigabyte Technology Co., Ltd. AB350-Gaming 3-CF
Processor: AMD Ryzen 5 1600 Six-Core Processor
Percentage of memory in use: 50%
Total physical RAM: 16335.28 MB
Available physical RAM: 8154.52 MB
Total Virtual: 26575.28 MB
Available Virtual: 10926.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:17.65 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:58.9 GB) NTFS

\\?\Volume{d933678a-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.1 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: D933678A)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Bylo smazáno, log je již OK.

Rudy píše: ↑30 bře 2021 19:06 Bylo smazáno, log je již OK.

Dííky moc