Dobrý den,
dnes ráno 7. 11. 21 jsem zjistil v mailu, že mi někdo ukradl účet na Steam (z Ruska z Moskvy) a že se mu podařilo změnit emailovou adresu na svojí ruskou, na což využil potvrzovací kody, které přišli na můj email. Nevím, zda se tedy nedostal i do emailové schránky. Změnil jsem si heslo - v mailu jsem nezaznamenal žádnou škodu a od Steamu získal účet zpět. Ale zřejmě mám zavirovaný počítač. Při vypnutí a zapnutí počítače se mi po naběhnutí systému automaticky otevře firefox a tam je otevřená nějaká stránka s adfly giftkeys ke steamu. Nejde mi to zrušit. Posílám FRST log i addition.txt.
Můžete mi poradit, jak se toho zbavit?
Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2021
Ran by Marek (administrator) on MAREKT-NB-10 (LENOVO 80FL) (07-11-2021 13:18:16)
Running from C:\Users\Marek\Downloads
Loaded Profiles: Marek
: Microsoft Windows 10 Home Version 20H2 19042.1320 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\SysWOW64\UMonit64.exe
(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hitachi-LG Data Storage Korea, Inc. -> Hitachi-LG Data Storage, Inc.) C:\Program Files (x86)\ODD Auto Firmware Update\ODDFWUpdate.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Lenovo -> ) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.Amd64.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.x86.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9>
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-09-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-09-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-09-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-09-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3742112 2015-09-05] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9308416 2015-09-05] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1571696 2015-05-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2015-05-27] (Lenovo (Beijing) Limited -> )
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-05-27] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2015-05-27] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2015-05-27] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [167496 2021-11-04] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-10-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Marek\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Marek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\...\RunOnce: [Uninstall 21.205.1003.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marek\AppData\Local\Microsoft\OneDrive\21.205.1003.0003" (No File)
HKLM\...\Windows x64\Print Processors\Canon MP495 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA9.DLL [28672 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-03] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-16] () [File not signed] <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0601A6ED-EDDA-4CF9-8124-274D798BC8EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {0FFEA2BE-E887-48F2-8EBE-DDD27CFE50E4} - System32\Tasks\{E2CFC71A-2B11-4079-B5A4-24358042554A} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {1475CCE5-BD80-4DFF-8EAC-75FF4914DABA} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1B994581-33B4-43DA-AFE4-83B942E014C0} - System32\Tasks\{F7528021-3A2F-49B0-AE35-D11AA0BB7D22} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\SAW The Videogame\SAW\Binaries\SawGame.exe" -d "C:\Program Files\SAW The Videogame\SAW\Binaries"
Task: {1CD06D4D-948D-487F-9FE8-622105B12A67} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3b94edcc-f997-4e6f-8cef-67534a5aee38 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {20329F30-37DF-492A-9D4B-F98DB4624D7F} - System32\Tasks\{C41D60FD-0900-4123-B319-03A19365AD49} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {278B4BB7-1124-4B56-9559-8CB3A9EDA845} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {380EA202-3F23-449A-8AD3-6D959A836A1E} - System32\Tasks\{49285EA4-A02A-4098-92FF-9B423F6C1703} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {434FA76C-13D0-4FF6-B92C-095F498A5C69} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62440 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {4C231F88-F5F7-4F20-BBB5-098444C02DA0} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {4F69ACBE-545F-4018-836C-F0695C5B9356} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {518BC710-8AE3-48DC-9426-C369D961A582} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {58FAE937-321E-42B3-85DE-74F4244DC95E} - System32\Tasks\{56C02415-9661-4FE2-B491-C54C347FE84D} => C:\WINDOWS\system32\pcalua.exe -a E:\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ\Wow.exe -d E:\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ
Task: {5FBC6450-95DC-46EE-AF0A-1A7820B80FB8} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {608652EA-A968-43AC-B81A-BC4370C17D26} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {610ED7A1-7FFF-4453-AE20-9B8F81424CDD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {683A578F-FA3F-47B3-9838-0C81F76FFC48} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d0978f01-db1c-496d-859a-555708e4b7dc => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {69A9457A-50F6-41A0-A80C-5CA4097F020F} - System32\Tasks\{B11BA862-BEF3-40A1-A583-6FAD83A64FAF} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6E50637D-B755-4021-BA9C-809D8AEBEE30} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7cbb489a-3101-4b43-9389-9c077df0ef89 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {702A151C-37F4-4E45-AA71-3E6B7A561F9A} - System32\Tasks\{16EF1DEC-3104-4E16-A536-D75E518F77FE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends\"
Task: {72F98CFF-2723-4CF4-A70D-9BA311BA8F90} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {78E580C2-A3C0-4843-BF83-7EC55DDD252A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {858B6555-5F7D-4BBF-A0C1-3B2DCAA74780} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {87FCC10D-E0AF-4F51-BF91-8C985E3FBCF7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8C726285-38F4-4211-A544-F69A285F439F} - System32\Tasks\{BE9F87BC-A384-4067-917D-744017675B95} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Marek\Desktop\Mafia\Setup.exe -d C:\Users\Marek\Desktop\Mafia
Task: {8DD3CB3F-8470-435B-A1CD-A9D6CD2BD438} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {940F552B-0672-4F2D-ABB0-5E052843833D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {95072E47-7324-48DD-B24A-5B5BF9E3EB7B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\faf2a571-567b-4d3c-8559-7efc2c3cb213 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {956C7486-E291-4950-8C13-C67BC24A337F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-29] (Google LLC -> Google LLC)
Task: {98CFDD2F-3524-4645-BB22-522ECCCDF219} - System32\Tasks\{59E9C808-8E28-466D-82BD-539E729093D2} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {9B1B8552-363A-473B-9C52-71BB995C365A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB64391F-1112-46BF-A7EC-27F7366CFFA6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {B56CBD0E-A9A8-41F1-AD88-76549B380591} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233760 2013-03-07] (Intel® Services Manager -> Intel Corporation)
Task: {B64E5ABF-3618-4E9A-9C9A-3C25860DA7BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-29] (Google LLC -> Google LLC)
Task: {B8305AA3-A623-42A8-ABC1-A2085DF5E8BD} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BA5577D1-5B05-4BF3-AF75-66DA2822CB5A} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {C20349F8-45CE-4B2A-91F6-1C029A40BF1A} - System32\Tasks\{542BEC95-696A-4A26-AA7E-DEC096F87E06} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Marek\Downloads\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ\Wow.exe -d C:\Users\Marek\Downloads\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D185A0FE-55E9-416F-8FDF-445C97FC894F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [17152 2014-11-21] (LENOVO -> Lenovo)
Task: {D5F4FADA-1C98-452D-9BD9-F2C25BBA8A72} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {DB0ED372-61EC-4F30-B38A-A02E13F3B8F7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\db6d80d9-2d72-48a7-adf9-78f2422c072e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {DBF4112F-5DD1-4BEB-8C4F-2ABC443342A6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E2312B4D-D16D-436C-8BB8-8C20E8D8DFE0} - System32\Tasks\ODDAutoFirmwareUpdate => C:\Program Files (x86)\ODD Auto Firmware Update\ODDFWUpdate.exe [1260880 2020-02-13] (Hitachi-LG Data Storage Korea, Inc. -> Hitachi-LG Data Storage, Inc.)
Task: {E2FFA19B-DC52-45A8-A663-C36EEF6ED245} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233760 2013-03-07] (Intel® Services Manager -> Intel Corporation)
Task: {E580501F-9E33-496F-98DE-AFF36FADFD8D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
Task: {EACF5EFE-D09D-4ACE-BD5A-4B2A1B2B0CF4} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {EBEA95A7-FA39-41EB-B8FC-66E8AFDC00D0} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {EC5EF385-E991-46C6-BCFD-726844572BC0} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe [53248 2014-02-26] () [File not signed]
Task: {EF90EAFA-90E1-488F-B5F0-D4D072CBD59D} - System32\Tasks\{A544E525-BFF8-4517-954A-B8828A3ABF58} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {F54C5141-D182-4B82-B3B7-D4CA59C28B6F} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {F9138DB2-E377-43AE-8F5D-861035E8F6F8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 172.19.29.1 0.0.0.0
Tcpip\..\Interfaces\{06b16624-4a5d-4d15-be3c-2dc78a736983}: [DhcpNameServer] 172.19.29.1 0.0.0.0
Tcpip\..\Interfaces\{a5d792e1-4cd8-4d71-a9bf-6d3310a01121}: [NameServer] 217.77.165.81,217.77.165.211
Edge:
=======
DownloadDir: C:\Users\Marek\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Marek\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-16]
FireFox:
========
FF DefaultProfile: ud2ucm8s.default-1520284576366
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\ud2ucm8s.default-1520284576366 [2021-11-07]
FF Homepage: Mozilla\Firefox\Profiles\ud2ucm8s.default-1520284576366 -> www.seznam.cz/
FF Extension: (No Name) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\ud2ucm8s.default-1520284576366\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-01]
FF Extension: (Greasemonkey) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\ud2ucm8s.default-1520284576366\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-01-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-2684046251-4145855513-4240160385-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-11-07]
Chrome:
=======
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default [2021-11-05]
CHR Extension: (Beyond 20) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnblbpbepfbfmoobegdogkglpbhcjofh [2021-10-22]
CHR Extension: (Skype) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2021-01-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] (Lenovo (Beijing) Limited -> )
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [3139904 2021-11-04] (ESET, spol. s r.o. -> ESET)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (LENOVO -> Lenovo)
R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-05-27] (Lenovo -> )
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-05-27] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-05-28] (PointGrab Ltd -> PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [515336 2014-05-28] (PointGrab Ltd -> PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-05-27] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-05-27] (Lenovo (Beijing) Limited -> Lenovo)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-11-03] (ADLICE (ASCOET JULIEN) -> )
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2015-05-27] (Lenovo -> Lenovo)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-08-09] (Microsoft) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-08-09] (Microsoft) [File not signed]
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2015-05-27] (Lenovo (Beijing) Limited -> Lenovo)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-14] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [183408 2021-11-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [124496 2021-11-04] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [201984 2021-11-04] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-11-15] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-11-15] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-11-04] (ESET, spol. s r.o. -> ESET)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [111336 2014-04-17] (GENESYS LOGIC, INC. -> GenesysLogic)
R3 KMDFVirtualKbd; C:\WINDOWS\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] (Lenovo (Beijing) Limited -> )
R3 KMDFVirtualMouse; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] (Lenovo (Beijing) Limited -> )
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80160 2015-02-13] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
U3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [42056 2021-11-07] (Adlice -> )
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-11-07] (Adlice -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three months (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-07 13:18 - 2021-11-07 13:37 - 000036827 _____ C:\Users\Marek\Downloads\FRST.txt
2021-11-07 13:15 - 2021-11-07 13:29 - 000000000 ____D C:\FRST
2021-11-07 13:11 - 2021-11-07 13:11 - 002312192 _____ (Farbar) C:\Users\Marek\Downloads\FRST64.exe
2021-11-07 12:18 - 2021-11-07 12:18 - 000042056 _____ C:\WINDOWS\system32\Drivers\rkflt.sys
2021-11-07 12:17 - 2021-11-07 12:17 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2021-11-07 12:17 - 2021-11-07 12:17 - 000000910 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2021-11-07 12:16 - 2021-11-07 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-11-07 12:16 - 2021-11-07 12:17 - 000000000 ____D C:\Program Files\RogueKiller
2021-11-07 12:05 - 2021-11-07 12:17 - 000000000 ____D C:\ProgramData\RogueKiller
2021-11-07 11:54 - 2021-11-07 11:54 - 041659160 _____ (Adlice Software ) C:\Users\Marek\Downloads\RogueKiller_setup.exe
2021-11-06 10:44 - 2021-11-06 10:44 - 000174446 _____ C:\Users\Marek\Downloads\Dluhopisy_Emisni-podminky_2021-09-15_proti-inflacni-dluhopis.pdf
2021-11-04 15:20 - 2021-11-05 13:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-10-30 18:00 - 2021-10-30 18:00 - 000011361 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-30 17:10 - 2021-10-30 17:10 - 000000000 ___HD C:\$WinREAgent
2021-10-30 17:01 - 2021-10-30 17:01 - 000001993 _____ C:\Users\Marek\Desktop\PC Health Check.lnk
2021-10-30 17:00 - 2021-10-30 17:01 - 000000000 ___RD C:\Users\Marek\AppData\Local\PCHealthCheck
2021-10-30 17:00 - 2021-10-30 17:00 - 000001403 _____ C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-30 16:58 - 2021-10-30 16:58 - 014221312 _____ C:\Users\Marek\Downloads\WindowsPCHealthCheckSetup.msi
2021-10-24 18:04 - 2021-10-24 18:04 - 000010764 _____ C:\Users\Marek\Documents\Jany peníze u mě.xlsx
2021-10-16 15:36 - 2021-10-16 15:36 - 000002304 _____ C:\Users\Marek\Desktop\Magnus.txt
2021-10-13 06:07 - 2021-10-13 06:07 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-13 06:06 - 2021-10-13 06:06 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-13 06:05 - 2021-10-13 06:05 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-13 06:05 - 2021-10-13 06:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-09 06:53 - 2021-11-04 18:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-02 15:09 - 2021-10-02 15:09 - 000113271 _____ C:\Users\Marek\Downloads\1102110422331.pdf
2021-09-15 14:28 - 2021-09-15 14:28 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-15 14:27 - 2021-09-15 14:27 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-15 14:27 - 2021-09-15 14:27 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 14:27 - 2021-09-15 14:27 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-15 14:27 - 2021-09-15 14:27 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-15 14:26 - 2021-09-15 14:26 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-15 14:26 - 2021-09-15 14:26 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-15 14:26 - 2021-09-15 14:26 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-15 14:25 - 2021-09-15 14:25 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-13 18:49 - 2021-09-13 18:49 - 000146062 _____ C:\Users\Marek\Desktop\OckovaciCertifikat.pdf
2021-09-12 11:57 - 2021-09-12 14:01 - 000009689 _____ C:\Users\Marek\Desktop\xerxes.odt
2021-09-12 11:57 - 2021-09-12 12:52 - 000012501 _____ C:\Users\Marek\Desktop\DnD-Oathbreaker-Lund-II.odt
==================== Three months (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-07 14:13 - 2015-11-17 20:30 - 000000000 ____D C:\Users\Marek\AppData\Roaming\vlc
2021-11-07 14:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-07 13:48 - 2016-11-26 11:55 - 000000000 ____D C:\Users\Marek\AppData\LocalLow\Mozilla
2021-11-07 13:46 - 2019-02-05 16:56 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-07 13:22 - 2015-12-13 22:53 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-07 12:09 - 2020-12-01 18:24 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Rockstar Games
2021-11-07 11:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-07 11:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-07 11:27 - 2020-06-11 01:36 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-07 10:26 - 2020-12-05 12:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-07 08:09 - 2020-07-04 21:17 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Kodi
2021-11-07 07:59 - 2020-02-25 22:01 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-11-07 05:53 - 2020-12-05 13:19 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2684046251-4145855513-4240160385-1001
2021-11-07 05:53 - 2020-12-05 12:47 - 000002435 _____ C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-05 23:43 - 2017-12-19 08:07 - 000000000 ____D C:\Users\Marek\AppData\Local\Packages
2021-11-05 13:53 - 2020-12-05 13:02 - 001693350 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-05 13:53 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-11-05 13:53 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-11-05 13:53 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-05 13:50 - 2017-05-29 02:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-11-05 13:50 - 2015-09-05 05:28 - 000000000 __SHD C:\Users\Marek\IntelGraphicsProfiles
2021-11-05 13:46 - 2020-12-05 13:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-05 13:46 - 2020-12-05 12:35 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-05 13:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-05 13:46 - 2016-08-04 06:19 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-05 13:46 - 2015-12-13 22:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-05 13:45 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-11-04 23:45 - 2020-11-15 08:48 - 000124496 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2021-11-04 23:45 - 2018-05-06 21:42 - 000201984 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2021-11-04 23:45 - 2018-05-06 21:42 - 000183408 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2021-11-04 23:45 - 2018-05-06 21:42 - 000107456 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2021-11-04 18:06 - 2015-12-13 22:57 - 000001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-03 07:07 - 2021-01-29 16:36 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-03 07:07 - 2021-01-29 16:36 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-02 09:23 - 2015-05-27 04:50 - 000000000 ____D C:\ProgramData\Energy Manager
2021-11-02 04:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-01 02:02 - 2020-12-05 12:35 - 000553392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-01 01:58 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-01 01:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-01 01:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-01 01:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-01 01:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-01 01:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-01 01:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-01 01:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-01 01:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-01 01:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-10-30 18:11 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-19 16:31 - 2016-06-15 18:41 - 000016917 _____ C:\Users\Marek\Documents\Mzdy.xlsx
2021-10-14 12:02 - 2020-12-14 14:49 - 000006617 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-10-13 06:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-13 06:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-13 06:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-13 06:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-13 06:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-13 05:17 - 2016-04-03 20:37 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-10-13 05:12 - 2015-09-10 22:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-13 05:05 - 2015-09-10 22:12 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-13 04:40 - 2016-02-21 21:13 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-10 00:11 - 2021-01-12 04:13 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6cafe2af1b984
2021-10-10 00:11 - 2020-12-05 13:19 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
==================== Files in the root of some directories ========
2015-09-05 08:22 - 2015-09-05 08:22 - 000000000 _____ () C:\Program Files (x86)\Lenovo PhotoMasterImport
2017-04-30 16:39 - 2014-03-04 07:37 - 000000226 _____ () C:\Program Files (x86)\update-southpark.bat
2017-04-30 16:39 - 2013-10-12 19:47 - 000000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2017-04-28 21:54 - 2017-04-29 07:21 - 000000600 _____ () C:\Users\Marek\AppData\Roaming\winscp.rnd
==================== SigCheckExt =========================
2016-07-16 12:42 - 2016-07-16 12:42 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AllJoynDiscoveryPlugin.dll
2013-08-22 12:45 - 2013-08-22 12:45 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-fibers-l2-1-1.dll
2013-08-22 12:42 - 2013-08-22 12:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-psm-appnotify-l1-1-0.dll
2013-08-22 12:43 - 2013-08-22 12:43 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-devices-config-l1-1-1.dll
2013-08-22 12:42 - 2013-08-22 12:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-mm-misc-l1-1-1.dll
2013-08-22 12:42 - 2013-08-22 12:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
2013-08-22 12:42 - 2013-08-22 12:42 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-security-cryptoapi-l1-1-0.dll
2020-02-02 13:58 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrNetSti.dll
2020-02-02 13:58 - 2013-07-03 11:46 - 000065024 _____ (Brother Industries,Ltd) C:\WINDOWS\system32\Brnsplg.dll
2020-02-02 13:58 - 2005-04-22 13:36 - 000143360 _____ C:\WINDOWS\system32\BrSNMP64.dll
2020-02-02 13:58 - 2013-03-08 15:45 - 000059904 _____ (Brother Industries,Ltd.) C:\WINDOWS\system32\BrWiaNCp.dll
2016-07-15 18:40 - 2016-07-01 04:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2017-04-12 15:49 - 2017-03-28 06:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2014-11-21 06:16 - 2014-11-21 06:16 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-11-21 06:16 - 2014-11-21 06:16 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2013-08-22 12:42 - 2013-08-22 12:42 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-msa-ui-l1-1-0.dll
2013-08-22 12:42 - 2013-08-22 12:42 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-misc-l1-2-0.dll
2013-08-22 12:42 - 2013-08-22 12:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll
2015-05-27 04:17 - 2012-11-29 04:26 - 005623808 _____ (Genesys) C:\WINDOWS\system32\GeneIcon.dll
2015-09-05 05:16 - 2015-09-05 05:16 - 000206848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4256.dll
2017-05-10 19:04 - 2017-03-04 07:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-07-16 12:43 - 2016-07-16 23:29 - 003584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll
2014-11-21 11:47 - 2014-11-21 11:47 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2020-02-02 13:58 - 2015-06-16 21:39 - 000252928 _____ (brother) C:\WINDOWS\system32\NSSRH64.dll
2015-09-05 07:24 - 2015-08-25 19:38 - 000176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-09-05 07:21 - 2015-05-23 08:47 - 001756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-05-27 04:15 - 2015-05-23 08:47 - 001571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDiscoveryPlugin.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiOnboardingPlugin.dll
2015-09-05 03:22 - 2015-03-14 02:51 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-05-27 04:47 - 2013-08-22 12:08 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\devcon.exe
2020-10-19 19:26 - 1997-11-19 13:49 - 000303616 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
1998-03-12 23:02 - 1998-03-13 00:02 - 000034304 _____ (Inno Setup) C:\WINDOWS\UNISTB32.EXE
2013-08-22 05:17 - 2013-08-22 05:17 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-fibers-l2-1-1.dll
2013-08-22 05:14 - 2013-08-22 05:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-psm-appnotify-l1-1-0.dll
2013-08-22 05:14 - 2013-08-22 05:14 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-devices-config-l1-1-1.dll
2013-08-22 05:14 - 2013-08-22 05:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-mm-misc-l1-1-1.dll
2013-08-22 05:14 - 2013-08-22 05:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
2013-08-22 05:14 - 2013-08-22 05:14 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-security-cryptoapi-l1-1-0.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\configmanager2.dll
2016-07-16 12:43 - 2016-07-16 12:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coredpus.dll
2015-05-27 04:10 - 2013-08-21 08:16 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2013-08-22 05:14 - 2013-08-22 05:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-msa-ui-l1-1-0.dll
2013-08-22 05:14 - 2013-08-22 05:13 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-misc-l1-2-0.dll
2013-08-22 05:14 - 2013-08-22 05:13 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll
2017-03-14 19:42 - 2017-03-04 07:18 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-07-16 12:44 - 2016-07-16 23:29 - 002549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll
2017-06-27 07:11 - 1997-07-06 19:22 - 000756736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ir41_32.dll
2013-05-12 01:17 - 2013-05-12 01:17 - 000001536 _____ C:\WINDOWS\SysWOW64\IusEventLog.dll
2003-03-18 20:14 - 2003-03-18 20:14 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2003-02-21 04:42 - 2003-02-21 04:42 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2015-05-27 04:17 - 2013-09-27 00:46 - 000172097 _____ C:\WINDOWS\SysWOW64\NoMSGuninstall.exe
2015-09-05 07:24 - 2015-08-25 19:38 - 000155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-09-05 07:21 - 2015-05-23 08:47 - 001316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-05-27 04:15 - 2015-05-23 08:47 - 001320304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-05-27 04:17 - 2014-02-26 04:13 - 000053248 _____ () C:\WINDOWS\SysWOW64\UMonit64.exe
2021-11-07 13:11 - 2021-11-07 13:11 - 002312192 _____ (Farbar) C:\Users\Marek\Downloads\FRST64.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== BCD ================================
Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{b180f849-536a-11e5-aa5a-beb9fe7363be}
{b180f84e-536a-11e5-aa5a-beb9fe7363be}
{b180f84a-536a-11e5-aa5a-beb9fe7363be}
{b180f84b-536a-11e5-aa5a-beb9fe7363be}
{b180f84c-536a-11e5-aa5a-beb9fe7363be}
{b180f84f-536a-11e5-aa5a-beb9fe7363be}
{b180f850-536a-11e5-aa5a-beb9fe7363be}
timeout 10
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {dbe6eab7-36ed-11eb-b574-bca2d926fc1d}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Firmware Application (101fffff)
-------------------------------
identifier {b180f846-536a-11e5-aa5a-beb9fe7363be}
description Setup
badmemoryaccess Yes
Firmware Application (101fffff)
-------------------------------
identifier {b180f847-536a-11e5-aa5a-beb9fe7363be}
description Boot Menu
badmemoryaccess Yes
Firmware Application (101fffff)
-------------------------------
identifier {b180f848-536a-11e5-aa5a-beb9fe7363be}
description Diagnostic Splash
badmemoryaccess Yes
Firmware Application (101fffff)
-------------------------------
identifier {b180f849-536a-11e5-aa5a-beb9fe7363be}
description USB FDD:
badmemoryaccess Yes
Firmware Application (101fffff)
-------------------------------
identifier {b180f84a-536a-11e5-aa5a-beb9fe7363be}
description ATAPI CD:
badmemoryaccess Yes
Firmware Application (101fffff)
-------------------------------
identifier {b180f84b-536a-11e5-aa5a-beb9fe7363be}
description USB HDD:
badmemoryaccess Yes
Firmware Application (101fffff)
-------------------------------
identifier {b180f84c-536a-11e5-aa5a-beb9fe7363be}
description USB CD:
badmemoryaccess Yes
Firmware Application (101fffff)
-------------------------------
identifier {b180f84d-536a-11e5-aa5a-beb9fe7363be}
device partition=\Device\HarddiskVolume3
path \EFI\Microsoft\Boot\lrsBootMgr.efi
description Lenovo Recovery System
badmemoryaccess Yes
Firmware Application (101fffff)
-------------------------------
identifier {b180f84e-536a-11e5-aa5a-beb9fe7363be}
description ATA HDD: WDC WD10S21X-24R1BT0-SSHD-8GB
badmemoryaccess Yes
Firmware Application (101fffff)
-------------------------------
identifier {b180f84f-536a-11e5-aa5a-beb9fe7363be}
description PCI LAN: EFI Network (IPv4)
badmemoryaccess Yes
Firmware Application (101fffff)
-------------------------------
identifier {b180f850-536a-11e5-aa5a-beb9fe7363be}
description PCI LAN: EFI Network (IPv6)
badmemoryaccess Yes
Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {dbe6eab9-36ed-11eb-b574-bca2d926fc1d}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {dbe6eab7-36ed-11eb-b574-bca2d926fc1d}
nx OptIn
bootmenupolicy Standard
Windows Boot Loader
-------------------
identifier {dbe6eab9-36ed-11eb-b574-bca2d926fc1d}
device ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{dbe6eaba-36ed-11eb-b574-bca2d926fc1d}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale cs-CZ
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{dbe6eaba-36ed-11eb-b574-bca2d926fc1d}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Resume from Hibernate
---------------------
identifier {dbe6eab7-36ed-11eb-b574-bca2d926fc1d}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
recoverysequence {dbe6eab9-36ed-11eb-b574-bca2d926fc1d}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes
EMS Settings
------------
identifier {emssettings}
bootems No
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
badmemoryaccess Yes
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
Device options
--------------
identifier {dbe6eaba-36ed-11eb-b574-bca2d926fc1d}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume7
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-11-2021
Ran by Marek (07-11-2021 14:20:23)
Running from C:\Users\Marek\Downloads
Microsoft Windows 10 Home Version 20H2 19042.1320 (X64) (2020-12-05 12:20:48)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2684046251-4145855513-4240160385-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2684046251-4145855513-4240160385-503 - Limited - Disabled)
Guest (S-1-5-21-2684046251-4145855513-4240160385-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2684046251-4145855513-4240160385-1003 - Limited - Enabled)
Marek (S-1-5-21-2684046251-4145855513-4240160385-1001 - Administrator - Enabled) => C:\Users\Marek
WDAGUtilityAccount (S-1-5-21-2684046251-4145855513-4240160385-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Disabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{36381D51-CC5E-4698-A0CC-E939C75EC9D8}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Age Of Empires 2 (HKLM-x32\...\Age Of Empires 2_is1) (Version: - Martin)
Age of Empires complete version 1.0c (HKLM-x32\...\{F7F0D70E-9027-4DF5-B67F-4B48CE29565A}_is1) (Version: 1.0c - vol1)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a914536c-bd41-479c-96aa-dee4a9639c22}) (Version: 21.10.1 - Intel Corporation)
Battle for Wesnoth 1.14.15 (HKLM-x32\...\Battle for Wesnoth 1.14.15) (Version: 1.14.15 - )
Battle for Wesnoth 1.14.9 (HKLM-x32\...\Battle for Wesnoth 1.14.9) (Version: 1.14.9 - )
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{569f9640-fd0a-4a52-97f2-11277f65a3f0}) (Version: 4.4.0.33 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{FE65E525-8FCA-43BE-8D7F-0C4665FAE1A5}) (Version: 4.4.0.33 - Brother Industries, Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{272543B6-B337-4C8F-B9F1-19E884C2C7AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{1162495D-7CE7-4EF9-A0F8-151196F3A660}) (Version: 1.0.17.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Caesar 3 (HKLM-x32\...\GOGPACKCAESAR3_is1) (Version: 2.0.0.9 - GOG.com)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{5D262585-5C19-4279-B1BC-C0D242E6AA3E}) (Version: 20.1.0.708 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{5D262585-5C19-4279-B1BC-C0D242E6AA3E}) (Version: 20.1.708 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{9D4064B2-A6B6-42E6-8695-7C9B3D69954E}) (Version: 20.1.708 - Corel Corporation) Hidden
Čeština do hry South Park: Klacek Pravdy verze 1.1 (HKLM-x32\...\{C1EA3034-6A86-4C18-A91F-SPSOTCZ110FE}_is1) (Version: 1.1 - Ubisoft)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.26.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Discord (HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\...\Discord) (Version: 0.0.307 - Discord Inc.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 15.0.18.0 - ESET, spol. s r.o.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC)
GTA 3 CZ (HKLM-x32\...\GTA 3 CZ 1.2.0) (Version: 1.2.0 - Rockstar Games)
Heroes of Might and Magic III Complete (HKLM-x32\...\InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Kodi (HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\...\Kodi) (Version: - XBMC Foundation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Lenovo App Services (HKLM\...\Lenovo App Services) (Version: 0.200.8.268 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10269 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\{DB34780A-6749-4AA3-A1E5-A56747EF4B04}) (Version: 2.5.1.0528 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{DB34780A-6749-4AA3-A1E5-A56747EF4B04}) (Version: 2.5.1.0528 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.68.3 - ELAN Microelectronic Corp.)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.9.23.0 - Lenovo Group Ltd.)
Magic Transfer (HKLM-x32\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo) Hidden
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 94.0.1 (x64 cs)) (Version: 94.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 94.0.1.7977 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ODD Auto Firmware Update (HKLM-x32\...\{3DD8DB1B-20D0-447C-940A-1306B3931FED}) (Version: 1.0.1807.2501 - Hitachi-LG Data Storage, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
RogueKiller version 15.1.2.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.1.2.0 - Adlice Software)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.3.6 - Lenovo)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Ve stínu havrana (HKLM-x32\...\Ve stínu havrana_is1) (Version: - CINEMAX, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-08] (Microsoft Corporation)
Lenovo Recommends -> C:\Program Files\WindowsApps\E0469640.LenovoRecommends_1.5.14.117_x64__5grkq8ppsgwt4 [2015-09-05] (LENOVO INC)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.15.0_x64__k1h2ywk1493x8 [2021-10-25] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Studios) [MS Ad]
Phone Companion -> C:\Program Files\WindowsApps\E0469640.DeviceCollaboration_2.0.0.9_x64__5grkq8ppsgwt4 [2015-09-05] (LENOVO INC)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2684046251-4145855513-4240160385-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2021-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR 5.21\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR 5.21\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2021-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2021-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR 5.21\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR 5.21\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\ir41_32.dll [756736 1997-07-06] (Intel Corporation) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-02-02 13:58 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2020-02-02 13:58 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2015-06-23 15:00 - 2015-06-23 15:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-06-23 15:00 - 2015-06-23 15:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-05-27 04:40 - 2014-08-13 00:32 - 000468480 _____ (Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
2015-05-27 04:15 - 2015-05-23 08:47 - 001903232 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2020-05-30 15:04 - 2020-05-30 15:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\Vantage\Addins\GenericTelemetryAddin\1.0.0.34\x64\SQLite.Interop.dll
2021-06-04 12:17 - 2020-11-03 04:08 - 000954864 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-2684046251-4145855513-4240160385-1001 -> DefaultScope {B9F25DF4-4227-461D-898E-BA786BFDAFD4} URL =
SearchScopes: HKU\S-1-5-21-2684046251-4145855513-4240160385-1001 -> {B9F25DF4-4227-461D-898E-BA786BFDAFD4} URL =
SearchScopes: HKU\S-1-5-21-2684046251-4145855513-4240160385-1001 -> {C08C6E27-2BFC-4965-9044-394C9FE663F1} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\...\sharepoint.com -> hxxps://czuvpraze.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2016-01-12 22:27 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2016-07-03 10:25 - 2020-01-29 20:37 - 000000503 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Lenovo\Motion Control\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 172.19.29.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{4447DF68-CCE0-4BDE-8340-DF9BBF84FD3D}C:\users\marek\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Block) C:\users\marek\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{D864A3CB-2098-4B1A-9B1D-A8D4CF6C6594}C:\users\marek\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Block) C:\users\marek\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [UDP Query User{1A3D9B70-46A6-447B-A8AE-8A25C650DE2A}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe => No File
FirewallRules: [TCP Query User{1A272CB2-CF7B-4AFD-98FD-3527FC826C18}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe => No File
FirewallRules: [UDP Query User{229F963E-3E10-4A8F-9244-193C56715903}C:\users\marek\desktop\diablo\diablo.exe] => (Block) C:\users\marek\desktop\diablo\diablo.exe => No File
FirewallRules: [TCP Query User{92DBA40D-E46F-4159-9F54-8A3A533311B0}C:\users\marek\desktop\diablo\diablo.exe] => (Block) C:\users\marek\desktop\diablo\diablo.exe => No File
FirewallRules: [UDP Query User{CFC80D13-ED51-42FC-A056-81716D79E85A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{34E747F9-1337-48B5-8D45-437398576CD1}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{3402CC95-1C9E-49C7-8E74-8C237A9CA182}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{B19EB3B7-C988-44F4-8BE4-128787D961E8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A89AED65-1568-4810-88B7-6165A3627737}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{ED552A77-A21D-4C89-8EC8-A194E9934321}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{7E0577EC-1D4B-4EE1-B471-A0803E3396A6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Block) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{47033250-E247-46F8-AB45-CC8135556416}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Block) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E5D9D14B-931A-4F58-BDCB-FA977AE7A840}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{806C9A9F-4AFD-4DC1-8993-5EE283C04E6A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A5169E2D-3A10-43AF-80DF-433C35D70D27}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A934827A-A0D6-4584-9B92-CBE4BF50591B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{79ECE1F6-411B-4589-9A51-1FF1D71AEEE0}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{14031D83-F43B-4263-B30A-73C66B43B63B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{12EB767A-4793-4669-AAF4-3EFB2B80296A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F3B0B5B0-8BDE-491B-A7C1-C37C8B46A48B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A57DD699-DC7A-4F11-A266-9E9CD77CE594}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{9E1DA30C-AFEA-4780-BE6F-82D817E65BA8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{F6FEE0D6-29B3-4996-9A6F-D694A77FD43C}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{031C98FD-A5A5-475D-8CBC-486A12013D9B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E2B29210-185E-4798-9F5F-CAD10480FBCF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{93EB00F6-9BC1-4924-8C0D-BE111372361F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A992342C-414A-4767-83FA-15FD8D83A93F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{00276E73-2362-4098-BA49-429EB71B35BF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{4F0523BB-767E-482D-AFC1-201C26214712}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{728440E3-DC4C-472E-9190-987BC5F7FD80}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{9A1ABED3-C5A8-4191-B136-D5344896A29F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F745DF28-C523-413E-A8AE-6373858CCEF6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E505D533-283E-4522-96E8-6E88685423CC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{ACCFF8A8-73B3-41A0-B7E2-7D492865A4EC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{43A3F859-C118-4AF7-B771-0E23A0C24173}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{CBB4995C-D4DB-4E7F-B8AA-22E594D6A93B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{D1FAEDEE-A62C-48AF-9C6B-B1829F1A574E}C:\users\marek\desktop\hry\borderlands\binaries\borderlands.exe] => (Allow) C:\users\marek\desktop\hry\borderlands\binaries\borderlands.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [TCP Query User{411A8172-71E9-4A61-877C-E0ED13D84112}C:\users\marek\desktop\hry\borderlands\binaries\borderlands.exe] => (Allow) C:\users\marek\desktop\hry\borderlands\binaries\borderlands.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [UDP Query User{BF004235-F6A9-41F9-A15B-6E8E65B5029C}C:\users\marek\desktop\hry\borderlands\binaries\borderlands.exe] => (Allow) C:\users\marek\desktop\hry\borderlands\binaries\borderlands.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [TCP Query User{B6C84E86-DA08-4881-9945-1F30135CAFD0}C:\users\marek\desktop\hry\borderlands\binaries\borderlands.exe] => (Allow) C:\users\marek\desktop\hry\borderlands\binaries\borderlands.exe (Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [UDP Query User{6360524C-4307-415A-AF8E-D9E9C4B85F4C}C:\users\marek\desktop\hry\warcraft 3\war3.exe] => (Block) C:\users\marek\desktop\hry\warcraft 3\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{A320301C-30B1-4B09-B9A3-D26C719A8AF3}C:\users\marek\desktop\hry\warcraft 3\war3.exe] => (Block) C:\users\marek\desktop\hry\warcraft 3\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{A90F764A-1CF2-4B8F-97F4-42593DC5A871}C:\program files (x86)\age of empires\age of empires + rise of rome expansion\empiresx.exe] => (Block) C:\program files (x86)\age of empires\age of empires + rise of rome expansion\empiresx.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{75D49363-9EDC-4B0C-BD0D-7A5625AE7747}C:\program files (x86)\age of empires\age of empires + rise of rome expansion\empiresx.exe] => (Block) C:\program files (x86)\age of empires\age of empires + rise of rome expansion\empiresx.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{68334CD7-20E9-491C-92A3-F324F8F76AFC}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe] => (Block) C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe => No File
FirewallRules: [TCP Query User{F8D841B9-1E4B-45E3-89FD-703818011127}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe] => (Block) C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe => No File
FirewallRules: [{507DE25D-94F9-474F-AE08-CDC6896BEE75}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5D08D2C-1AAF-4BC8-B5ED-8564A40BA6A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C3DF8874-B7F4-45B0-8364-D54F7BF9F574}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EA86995B-F12A-4481-93FE-388C077286FA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{83E588AC-1A0D-4A59-B250-072E5B285794}C:\users\marek\desktop\warcraft 3\war3.exe] => (Allow) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [TCP Query User{1EA0A7D7-5EF0-497B-8018-0788AE87155D}C:\users\marek\desktop\warcraft 3\war3.exe] => (Allow) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [UDP Query User{A3129948-CA15-4FAF-B5FE-89FF8A785E4E}C:\users\marek\desktop\warcraft 3\war3.exe] => (Block) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [TCP Query User{B3D22B17-35B4-4726-9B69-15F03A0F2F5A}C:\users\marek\desktop\warcraft 3\war3.exe] => (Block) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [{1847D6ED-B0B4-41CE-89F4-B628B155BB27}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{16C81C94-BC48-48B8-814A-FE04FABDD765}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B56D0460-31B9-418C-854B-9D8E6F825616}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9E63AB6E-38FA-46B3-8B24-91ED9F81F90F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{284CFEB7-8B13-45A1-AD6F-6E6A990BDA62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E6B926BE-A7CB-48FD-A231-9469107F23B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3D41A4B0-8848-4EA7-A697-A6E649EA37EA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3151A61E-7496-4245-9CDC-9185F125CE61}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{08E7120D-0907-477B-9609-623CBDE555EC}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{6EEFE0DE-9A57-4BE2-9771-BAEB6FFFC32D}] => (Allow) LPort=55100
FirewallRules: [{76185744-3FE2-4D71-9ED8-C2A17ECD46AB}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo -> )
FirewallRules: [{EAD4BF15-9E94-49E5-B3FE-B31B56C25DB3}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo -> )
FirewallRules: [{1597762B-05F0-4587-A0BB-7D2A1A1B6D43}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{67163B54-CB5C-4043-98E9-77829A882A67}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{516B56DC-AFF0-4AC3-B06F-935630602FC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D020D3A9-E243-49F5-9743-35EBD911DD4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FB26CB9C-DFAD-4685-B84C-BC18DA2866B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{1B35E1BE-2BA4-4D75-8EDC-51E183FA016D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{C5C598A6-4A69-4838-A59E-73868EC7EFF4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F37F955D-E119-4AAD-9A47-E6AC3F104A0F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{6EB8B282-167C-46F5-BF97-4339B27F2B4D}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe] => (Block) C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{BFB5D697-626A-44E5-8EF7-D09ECCF07710}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe] => (Block) C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe => No File
FirewallRules: [TCP Query User{0E610789-C149-4855-B6CD-39A2BE0EB36F}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{E8A4A5D0-2B0F-400D-9FE3-CF3D8635D4A6}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [TCP Query User{A9AB2BCA-CDE0-4907-B09F-BAEDE9467AD1}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{60395623-C28F-4101-AE49-89E260F6C5BC}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [{4777E459-FEDE-43B2-B1A2-607E619D6C31}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{29C00148-A2F5-4623-9DB4-831FEA4CCD3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{ACF21724-6CB8-408F-A8AF-4995D159D18E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E1ABA894-8DA1-42C4-941C-64B92DE3CBCE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{B28519FE-2829-4ABB-96C8-D619D7033EE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe => No File
FirewallRules: [{AE02DD2B-8791-4B8A-B3C4-FD4734AAB378}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe => No File
FirewallRules: [TCP Query User{71457C53-730F-4C1D-BAD1-51034F373A52}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{6C4965BA-E6E4-4D79-AB43-25D3A4FD55FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{6EBCC2BA-F0BA-4A31-91FF-D822398ED0CB}C:\program files (x86)\age of empires complete\empiresx.exe] => (Block) C:\program files (x86)\age of empires complete\empiresx.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{1FB48175-808C-42B5-9DA6-82AF0DF72461}C:\program files (x86)\age of empires complete\empiresx.exe] => (Block) C:\program files (x86)\age of empires complete\empiresx.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{23B176AD-B481-4CAF-BD8E-FA7105338D66}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{C2AAF259-27FD-4039-A84E-E5870E5D5AB8}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{D3E5885F-6168-488D-8113-FFBC75D92561}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{7EE43458-EA33-4163-9828-22AE230C10EC}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{55D7947D-531D-4A0C-8071-9BAAA49A8033}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{EEE49C5A-0CC3-4DA1-8D44-69126DC374D3}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{F27E1D22-7D4A-4F70-A845-B7D6042967D6}C:\program files (x86)\battle for wesnoth 1.14.9\wesnothd.exe] => (Allow) C:\program files (x86)\battle for wesnoth 1.14.9\wesnothd.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [UDP Query User{92EDCB67-42A2-4759-A49D-8B8D168CBF54}C:\program files (x86)\battle for wesnoth 1.14.9\wesnothd.exe] => (Allow) C:\program files (x86)\battle for wesnoth 1.14.9\wesnothd.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{96C3AA44-995E-43B1-98C5-FDFEA1FC2D73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe => No File
FirewallRules: [{D5D5C2D6-D2CE-4869-8FEE-C27D534DB161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe => No File
FirewallRules: [TCP Query User{8FB7B2DD-02DA-4315-8E0E-8DE42F1C978B}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [UDP Query User{12714F8C-2983-479D-8219-1C86A998EADC}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [{3E108696-64CF-45DB-A879-98148AA2567D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe => No File
FirewallRules: [{99B51080-5225-47DF-8773-90771F3D3DF1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe => No File
FirewallRules: [{809B4D6B-4F4D-4648-9782-9911E33D0153}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe => No File
FirewallRules: [{FB6EAD2A-4D29-465A-9939-19CF2D077D4C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe => No File
FirewallRules: [{26E40E94-A96A-4EE2-8514-AA8B0F605DD4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe => No File
FirewallRules: [{BFA311A5-366A-4847-AC44-16E7638036C8}] => (Allow) LPort=54925
FirewallRules: [{2A7FAF82-B3DB-4280-9EA7-55BE645BC198}] => (Allow) F:\Install\wlan_wiz\.\wlan_assistant\waw.exe => No File
FirewallRules: [{9A4A33D5-D2AA-4DDA-8012-C8A7D6B453BE}] => (Allow) LPort=54950
FirewallRules: [{EC380AF6-1A01-41F1-B35A-12C13515493D}] => (Allow) LPort=54955
FirewallRules: [{AF07BD28-352A-4068-BDCC-DEF3674DDD88}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{655041B2-7FA1-45A2-9D86-3C4E6188B6D0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{FDE97D37-3E3F-422C-A06B-0B388B3D21C9}C:\program files (x86)\age of empires\empires.exe] => (Block) C:\program files (x86)\age of empires\empires.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{568A2FB2-BF78-432A-8155-402C33629B43}C:\program files (x86)\age of empires\empires.exe] => (Block) C:\program files (x86)\age of empires\empires.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{31444480-A3B5-4BA1-94A5-E27E18D71CFC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{420E8ACA-A854-461F-855B-251691A9863F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{EB87F90B-8F1F-4702-AB2B-3960F4E67064}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{359DDCFC-52D3-470E-905B-C21668363BDB}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{6331E2DD-3B4F-44E6-9F14-612354334F78}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{025B7531-E610-48CB-B5BC-28F09F928925}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{11293C5D-184B-459F-A1E9-314C735B4C85}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{422E03E9-B1B3-4C90-905C-F7FCA2433A9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{045498CD-6DEF-4C07-95A0-7B14FA208381}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9EFF06FC-083A-405A-9547-2858D4654B7F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D2A751D2-DBB2-4C44-B10B-AEB07DA1624D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
21-10-2021 14:54:47 Naplánovaný kontrolní bod
30-10-2021 14:55:02 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/07/2021 07:25:09 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (11/07/2021 07:25:09 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (11/07/2021 07:25:09 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (11/07/2021 06:12:12 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/06/2021 07:18:29 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/05/2021 01:56:01 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (11/05/2021 01:54:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PG_Service_Launcher.exe, verze: 2.5.1.5858, časové razítko: 0x5385af26
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0145b320
ID chybujícího procesu: 0x1154
Čas spuštění chybující aplikace: 0x01d7d24330fc12f5
Cesta k chybující aplikaci: C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b08d6e74-b7fd-49e0-90df-9ce39c477268
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/05/2021 01:47:19 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
System errors:
=============
Error: (11/07/2021 01:12:58 PM) (Source: DCOM) (EventID: 10010) (User: MAREKT-NB-10)
Description: Server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/07/2021 12:11:18 PM) (Source: DCOM) (EventID: 10010) (User: MAREKT-NB-10)
Description: Server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/07/2021 12:10:48 PM) (Source: DCOM) (EventID: 10010) (User: MAREKT-NB-10)
Description: Server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/07/2021 12:10:18 PM) (Source: DCOM) (EventID: 10010) (User: MAREKT-NB-10)
Description: Server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/07/2021 12:09:48 PM) (Source: DCOM) (EventID: 10010) (User: MAREKT-NB-10)
Description: Server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/07/2021 12:09:17 PM) (Source: DCOM) (EventID: 10010) (User: MAREKT-NB-10)
Description: Server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/07/2021 12:08:47 PM) (Source: DCOM) (EventID: 10010) (User: MAREKT-NB-10)
Description: Server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/06/2021 02:54:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2020-12-16 02:35:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {93801337-D2A0-4B36-B276-0A44A18FEA58}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-15 02:35:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EC298179-0916-4E65-96A2-4527C166B14C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-14 22:00:50
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Gamehack.F!MSR
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_F:\CRACK\steam_api.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: MarekT-NB-10\Marek
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.391.0, AS: 1.329.391.0, NIS: 1.329.391.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2020-12-14 21:59:29
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Gamehack.F!MSR
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_F:\CRACK\steam_api.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: MarekT-NB-10\Marek
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.391.0, AS: 1.329.391.0, NIS: 1.329.391.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2020-12-14 21:59:22
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Gamehack.F!MSR
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_F:\CRACK\steam_api.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: MarekT-NB-10\Marek
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.391.0, AS: 1.329.391.0, NIS: 1.329.391.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
CodeIntegrity:
===============
Date: 2021-11-07 11:18:13
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Ukradený účet na Steam
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Ukradený účet na Steam
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Ukradený účet na Steam
Děkuji za radu.
Píše mi to, že nemám žádné PUP a adware... Nenabídlo mi to tedy žádné čištění a opravu. Jen mi to sdělilo, že mám předinstalované od Lenova nějaké softwary, které mohu uložit do karantény a následně smazat. Celkem prý 30 položek. Log vytvořený programem přikládám.
Jak mám postupovat dále.
Velice děkuji za Vaši pomoc.
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-07-2021
# Duration: 00:02:56
# OS: Windows 10 Home
# Scanned: 32004
# Detected: 30
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1
Preinstalled.LenovoEnergyManager Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Folder C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\Marek\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0788641D-D31A-478D-BB34-C41564AE9F93}
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3117B53D-A409-4D99-A0DE-11A1A40696FA}
Preinstalled.LenovoPhoneCompanion Folder C:\Program Files (x86)\LENOVO PHONECOMPANION
Preinstalled.LenovoPhoneCompanion Folder C:\Program Files\LENOVO PHONECOMPANION
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|PhoneCompanion
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PhoneCompanion
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}
Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Preinstalled.LenovoSHAREit Folder C:\Program Files (x86)\LENOVO\SHAREIT
Preinstalled.LenovoSHAREit Folder C:\Users\Marek\AppData\Local\LENOVO\SHAREIT
Preinstalled.LenovoSHAREit Folder C:\Users\Marek\AppData\Local\Temp\LENOVO\SHAREIT
Preinstalled.LenovoSHAREit Registry HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B}
Preinstalled.LenovoSHAREit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SHAREit_is1
Preinstalled.LenovoUpdate Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\LENOVO UPDATES
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Píše mi to, že nemám žádné PUP a adware... Nenabídlo mi to tedy žádné čištění a opravu. Jen mi to sdělilo, že mám předinstalované od Lenova nějaké softwary, které mohu uložit do karantény a následně smazat. Celkem prý 30 položek. Log vytvořený programem přikládám.
Jak mám postupovat dále.
Velice děkuji za Vaši pomoc.
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-07-2021
# Duration: 00:02:56
# OS: Windows 10 Home
# Scanned: 32004
# Detected: 30
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1
Preinstalled.LenovoEnergyManager Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Folder C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\Marek\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0788641D-D31A-478D-BB34-C41564AE9F93}
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3117B53D-A409-4D99-A0DE-11A1A40696FA}
Preinstalled.LenovoPhoneCompanion Folder C:\Program Files (x86)\LENOVO PHONECOMPANION
Preinstalled.LenovoPhoneCompanion Folder C:\Program Files\LENOVO PHONECOMPANION
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|PhoneCompanion
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PhoneCompanion
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}
Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}
Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Preinstalled.LenovoSHAREit Folder C:\Program Files (x86)\LENOVO\SHAREIT
Preinstalled.LenovoSHAREit Folder C:\Users\Marek\AppData\Local\LENOVO\SHAREIT
Preinstalled.LenovoSHAREit Folder C:\Users\Marek\AppData\Local\Temp\LENOVO\SHAREIT
Preinstalled.LenovoSHAREit Registry HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B}
Preinstalled.LenovoSHAREit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SHAREit_is1
Preinstalled.LenovoUpdate Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\LENOVO UPDATES
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Ukradený účet na Steam
Preinstalled ponechte, jsou to neškodné utility od Lenova. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Marek\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-16] () [File not signed] <==== ATTENTION
Task: {380EA202-3F23-449A-8AD3-6D959A836A1E} - System32\Tasks\{49285EA4-A02A-4098-92FF-9B423F6C1703} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {608652EA-A968-43AC-B81A-BC4370C17D26} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {610ED7A1-7FFF-4453-AE20-9B8F81424CDD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {702A151C-37F4-4E45-AA71-3E6B7A561F9A} - System32\Tasks\{16EF1DEC-3104-4E16-A536-D75E518F77FE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends\"
Task: {702A151C-37F4-4E45-AA71-3E6B7A561F9A} - System32\Tasks\{16EF1DEC-3104-4E16-A536-D75E518F77FE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends\"
Task: {858B6555-5F7D-4BBF-A0C1-3B2DCAA74780} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {87FCC10D-E0AF-4F51-BF91-8C985E3FBCF7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8C726285-38F4-4211-A544-F69A285F439F} - System32\Tasks\{BE9F87BC-A384-4067-917D-744017675B95} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Marek\Desktop\Mafia\Setup.exe -d C:\Users\Marek\Desktop\Mafia
Task: {956C7486-E291-4950-8C13-C67BC24A337F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-29] (Google LLC -> Google LLC)
Task: {98CFDD2F-3524-4645-BB22-522ECCCDF219} - System32\Tasks\{59E9C808-8E28-466D-82BD-539E729093D2} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {B64E5ABF-3618-4E9A-9C9A-3C25860DA7BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-29] (Google LLC -> Google LLC)
Task: {C20349F8-45CE-4B2A-91F6-1C029A40BF1A} - System32\Tasks\{542BEC95-696A-4A26-AA7E-DEC096F87E06} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Marek\Downloads\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ\Wow.exe -d
Task: {DBF4112F-5DD1-4BEB-8C4F-2ABC443342A6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EF90EAFA-90E1-488F-B5F0-D4D072CBD59D} - System32\Tasks\{A544E525-BFF8-4517-954A-B8828A3ABF58} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {F9138DB2-E377-43AE-8F5D-861035E8F6F8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Plugin HKU\S-1-5-21-2684046251-4145855513-4240160385-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-2684046251-4145855513-4240160385-1001 -> DefaultScope {B9F25DF4-4227-461D-898E-BA786BFDAFD4} URL =
SearchScopes: HKU\S-1-5-21-2684046251-4145855513-4240160385-1001 -> {B9F25DF4-4227-461D-898E-BA786BFDAFD4} URL =
FirewallRules: [UDP Query User{1A3D9B70-46A6-447B-A8AE-8A25C650DE2A}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe => No File
FirewallRules: [TCP Query User{1A272CB2-CF7B-4AFD-98FD-3527FC826C18}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe => No File
FirewallRules: [UDP Query User{229F963E-3E10-4A8F-9244-193C56715903}C:\users\marek\desktop\diablo\diablo.exe] => (Block) C:\users\marek\desktop\diablo\diablo.exe => No File
FirewallRules: [TCP Query User{92DBA40D-E46F-4159-9F54-8A3A533311B0}C:\users\marek\desktop\diablo\diablo.exe] => (Block) C:\users\marek\desktop\diablo\diablo.exe => No File
FirewallRules: [UDP Query User{CFC80D13-ED51-42FC-A056-81716D79E85A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{34E747F9-1337-48B5-8D45-437398576CD1}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{3402CC95-1C9E-49C7-8E74-8C237A9CA182}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{B19EB3B7-C988-44F4-8BE4-128787D961E8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A89AED65-1568-4810-88B7-6165A3627737}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{ED552A77-A21D-4C89-8EC8-A194E9934321}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{7E0577EC-1D4B-4EE1-B471-A0803E3396A6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Block) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{47033250-E247-46F8-AB45-CC8135556416}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Block) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E5D9D14B-931A-4F58-BDCB-FA977AE7A840}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{806C9A9F-4AFD-4DC1-8993-5EE283C04E6A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A5169E2D-3A10-43AF-80DF-433C35D70D27}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A934827A-A0D6-4584-9B92-CBE4BF50591B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{79ECE1F6-411B-4589-9A51-1FF1D71AEEE0}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{14031D83-F43B-4263-B30A-73C66B43B63B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{12EB767A-4793-4669-AAF4-3EFB2B80296A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F3B0B5B0-8BDE-491B-A7C1-C37C8B46A48B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A57DD699-DC7A-4F11-A266-9E9CD77CE594}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{9E1DA30C-AFEA-4780-BE6F-82D817E65BA8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{F6FEE0D6-29B3-4996-9A6F-D694A77FD43C}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{031C98FD-A5A5-475D-8CBC-486A12013D9B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E2B29210-185E-4798-9F5F-CAD10480FBCF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{93EB00F6-9BC1-4924-8C0D-BE111372361F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A992342C-414A-4767-83FA-15FD8D83A93F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{00276E73-2362-4098-BA49-429EB71B35BF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{4F0523BB-767E-482D-AFC1-201C26214712}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{728440E3-DC4C-472E-9190-987BC5F7FD80}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{9A1ABED3-C5A8-4191-B136-D5344896A29F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F745DF28-C523-413E-A8AE-6373858CCEF6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E505D533-283E-4522-96E8-6E88685423CC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{ACCFF8A8-73B3-41A0-B7E2-7D492865A4EC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{43A3F859-C118-4AF7-B771-0E23A0C24173}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{CBB4995C-D4DB-4E7F-B8AA-22E594D6A93B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{68334CD7-20E9-491C-92A3-F324F8F76AFC}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe] => (Block) C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe => No File
FirewallRules: [TCP Query User{F8D841B9-1E4B-45E3-89FD-703818011127}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe] => (Block) C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe => No File
FirewallRules: [UDP Query User{83E588AC-1A0D-4A59-B250-072E5B285794}C:\users\marek\desktop\warcraft 3\war3.exe] => (Allow) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [TCP Query User{1EA0A7D7-5EF0-497B-8018-0788AE87155D}C:\users\marek\desktop\warcraft 3\war3.exe] => (Allow) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [UDP Query User{A3129948-CA15-4FAF-B5FE-89FF8A785E4E}C:\users\marek\desktop\warcraft 3\war3.exe] => (Block) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [TCP Query User{B3D22B17-35B4-4726-9B69-15F03A0F2F5A}C:\users\marek\desktop\warcraft 3\war3.exe] => (Block) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [{FB26CB9C-DFAD-4685-B84C-BC18DA2866B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{1B35E1BE-2BA4-4D75-8EDC-51E183FA016D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [TCP Query User{6EB8B282-167C-46F5-BF97-4339B27F2B4D}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe] => (Block) C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{BFB5D697-626A-44E5-8EF7-D09ECCF07710}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe] => (Block) C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe => No File
FirewallRules: [TCP Query User{0E610789-C149-4855-B6CD-39A2BE0EB36F}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{E8A4A5D0-2B0F-400D-9FE3-CF3D8635D4A6}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [TCP Query User{A9AB2BCA-CDE0-4907-B09F-BAEDE9467AD1}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{60395623-C28F-4101-AE49-89E260F6C5BC}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [{4777E459-FEDE-43B2-B1A2-607E619D6C31}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{29C00148-A2F5-4623-9DB4-831FEA4CCD3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{ACF21724-6CB8-408F-A8AF-4995D159D18E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E1ABA894-8DA1-42C4-941C-64B92DE3CBCE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{B28519FE-2829-4ABB-96C8-D619D7033EE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe => No File
FirewallRules: [{AE02DD2B-8791-4B8A-B3C4-FD4734AAB378}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe => No File
FirewallRules: [TCP Query User{23B176AD-B481-4CAF-BD8E-FA7105338D66}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{C2AAF259-27FD-4039-A84E-E5870E5D5AB8}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{D3E5885F-6168-488D-8113-FFBC75D92561}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{7EE43458-EA33-4163-9828-22AE230C10EC}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [{D5D5C2D6-D2CE-4869-8FEE-C27D534DB161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe => No File
FirewallRules: [TCP Query User{8FB7B2DD-02DA-4315-8E0E-8DE42F1C978B}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [UDP Query User{12714F8C-2983-479D-8219-1C86A998EADC}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [{3E108696-64CF-45DB-A879-98148AA2567D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe => No File
FirewallRules: [{99B51080-5225-47DF-8773-90771F3D3DF1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe => No File
FirewallRules: [{809B4D6B-4F4D-4648-9782-9911E33D0153}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe => No File
FirewallRules: [{FB6EAD2A-4D29-465A-9939-19CF2D077D4C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe => No File
FirewallRules: [{26E40E94-A96A-4EE2-8514-AA8B0F605DD4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe => No File
FirewallRules: [{2A7FAF82-B3DB-4280-9EA7-55BE645BC198}] => (Allow) F:\Install\wlan_wiz\.\wlan_assistant\waw.exe => No File
FirewallRules: [{AF07BD28-352A-4068-BDCC-DEF3674DDD88}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{655041B2-7FA1-45A2-9D86-3C4E6188B6D0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{31444480-A3B5-4BA1-94A5-E27E18D71CFC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{420E8ACA-A854-461F-855B-251691A9863F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
F:\CRACK\steam_api.dll
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Ukradený účet na Steam
Zde vkládám obsah Fixlog.txt Po restartu počítače se mi už nenačetla automaticky ta stránka adfly a giftkeys pro steam.
Co dál?
Děkuji.
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-11-2021
Ran by Marek (07-11-2021 19:31:34) Run:2
Running from C:\Users\Marek\Downloads
Loaded Profiles: Marek
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-16] () [File not signed] <==== ATTENTION
Task: {380EA202-3F23-449A-8AD3-6D959A836A1E} - System32\Tasks\{49285EA4-A02A-4098-92FF-9B423F6C1703} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {608652EA-A968-43AC-B81A-BC4370C17D26} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {610ED7A1-7FFF-4453-AE20-9B8F81424CDD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {702A151C-37F4-4E45-AA71-3E6B7A561F9A} - System32\Tasks\{16EF1DEC-3104-4E16-A536-D75E518F77FE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends\"
Task: {702A151C-37F4-4E45-AA71-3E6B7A561F9A} - System32\Tasks\{16EF1DEC-3104-4E16-A536-D75E518F77FE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends\"
Task: {858B6555-5F7D-4BBF-A0C1-3B2DCAA74780} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {87FCC10D-E0AF-4F51-BF91-8C985E3FBCF7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8C726285-38F4-4211-A544-F69A285F439F} - System32\Tasks\{BE9F87BC-A384-4067-917D-744017675B95} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Marek\Desktop\Mafia\Setup.exe -d C:\Users\Marek\Desktop\Mafia
Task: {956C7486-E291-4950-8C13-C67BC24A337F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-29] (Google LLC -> Google LLC)
Task: {98CFDD2F-3524-4645-BB22-522ECCCDF219} - System32\Tasks\{59E9C808-8E28-466D-82BD-539E729093D2} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {B64E5ABF-3618-4E9A-9C9A-3C25860DA7BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-29] (Google LLC -> Google LLC)
Task: {C20349F8-45CE-4B2A-91F6-1C029A40BF1A} - System32\Tasks\{542BEC95-696A-4A26-AA7E-DEC096F87E06} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Marek\Downloads\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ\Wow.exe -d
Task: {DBF4112F-5DD1-4BEB-8C4F-2ABC443342A6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EF90EAFA-90E1-488F-B5F0-D4D072CBD59D} - System32\Tasks\{A544E525-BFF8-4517-954A-B8828A3ABF58} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {F9138DB2-E377-43AE-8F5D-861035E8F6F8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Plugin HKU\S-1-5-21-2684046251-4145855513-4240160385-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-2684046251-4145855513-4240160385-1001 -> DefaultScope {B9F25DF4-4227-461D-898E-BA786BFDAFD4} URL =
SearchScopes: HKU\S-1-5-21-2684046251-4145855513-4240160385-1001 -> {B9F25DF4-4227-461D-898E-BA786BFDAFD4} URL =
FirewallRules: [UDP Query User{1A3D9B70-46A6-447B-A8AE-8A25C650DE2A}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe => No File
FirewallRules: [TCP Query User{1A272CB2-CF7B-4AFD-98FD-3527FC826C18}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe => No File
FirewallRules: [UDP Query User{229F963E-3E10-4A8F-9244-193C56715903}C:\users\marek\desktop\diablo\diablo.exe] => (Block) C:\users\marek\desktop\diablo\diablo.exe => No File
FirewallRules: [TCP Query User{92DBA40D-E46F-4159-9F54-8A3A533311B0}C:\users\marek\desktop\diablo\diablo.exe] => (Block) C:\users\marek\desktop\diablo\diablo.exe => No File
FirewallRules: [UDP Query User{CFC80D13-ED51-42FC-A056-81716D79E85A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{34E747F9-1337-48B5-8D45-437398576CD1}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{3402CC95-1C9E-49C7-8E74-8C237A9CA182}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{B19EB3B7-C988-44F4-8BE4-128787D961E8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A89AED65-1568-4810-88B7-6165A3627737}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{ED552A77-A21D-4C89-8EC8-A194E9934321}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{7E0577EC-1D4B-4EE1-B471-A0803E3396A6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Block) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{47033250-E247-46F8-AB45-CC8135556416}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Block) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E5D9D14B-931A-4F58-BDCB-FA977AE7A840}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{806C9A9F-4AFD-4DC1-8993-5EE283C04E6A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A5169E2D-3A10-43AF-80DF-433C35D70D27}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A934827A-A0D6-4584-9B92-CBE4BF50591B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{79ECE1F6-411B-4589-9A51-1FF1D71AEEE0}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{14031D83-F43B-4263-B30A-73C66B43B63B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{12EB767A-4793-4669-AAF4-3EFB2B80296A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F3B0B5B0-8BDE-491B-A7C1-C37C8B46A48B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A57DD699-DC7A-4F11-A266-9E9CD77CE594}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{9E1DA30C-AFEA-4780-BE6F-82D817E65BA8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{F6FEE0D6-29B3-4996-9A6F-D694A77FD43C}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{031C98FD-A5A5-475D-8CBC-486A12013D9B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E2B29210-185E-4798-9F5F-CAD10480FBCF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{93EB00F6-9BC1-4924-8C0D-BE111372361F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A992342C-414A-4767-83FA-15FD8D83A93F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{00276E73-2362-4098-BA49-429EB71B35BF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{4F0523BB-767E-482D-AFC1-201C26214712}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{728440E3-DC4C-472E-9190-987BC5F7FD80}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{9A1ABED3-C5A8-4191-B136-D5344896A29F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F745DF28-C523-413E-A8AE-6373858CCEF6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E505D533-283E-4522-96E8-6E88685423CC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{ACCFF8A8-73B3-41A0-B7E2-7D492865A4EC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{43A3F859-C118-4AF7-B771-0E23A0C24173}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{CBB4995C-D4DB-4E7F-B8AA-22E594D6A93B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{68334CD7-20E9-491C-92A3-F324F8F76AFC}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe] => (Block) C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe => No File
FirewallRules: [TCP Query User{F8D841B9-1E4B-45E3-89FD-703818011127}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe] => (Block) C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe => No File
FirewallRules: [UDP Query User{83E588AC-1A0D-4A59-B250-072E5B285794}C:\users\marek\desktop\warcraft 3\war3.exe] => (Allow) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [TCP Query User{1EA0A7D7-5EF0-497B-8018-0788AE87155D}C:\users\marek\desktop\warcraft 3\war3.exe] => (Allow) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [UDP Query User{A3129948-CA15-4FAF-B5FE-89FF8A785E4E}C:\users\marek\desktop\warcraft 3\war3.exe] => (Block) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [TCP Query User{B3D22B17-35B4-4726-9B69-15F03A0F2F5A}C:\users\marek\desktop\warcraft 3\war3.exe] => (Block) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [{FB26CB9C-DFAD-4685-B84C-BC18DA2866B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{1B35E1BE-2BA4-4D75-8EDC-51E183FA016D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [TCP Query User{6EB8B282-167C-46F5-BF97-4339B27F2B4D}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe] => (Block) C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{BFB5D697-626A-44E5-8EF7-D09ECCF07710}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe] => (Block) C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe => No File
FirewallRules: [TCP Query User{0E610789-C149-4855-B6CD-39A2BE0EB36F}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{E8A4A5D0-2B0F-400D-9FE3-CF3D8635D4A6}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [TCP Query User{A9AB2BCA-CDE0-4907-B09F-BAEDE9467AD1}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{60395623-C28F-4101-AE49-89E260F6C5BC}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [{4777E459-FEDE-43B2-B1A2-607E619D6C31}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{29C00148-A2F5-4623-9DB4-831FEA4CCD3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{ACF21724-6CB8-408F-A8AF-4995D159D18E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E1ABA894-8DA1-42C4-941C-64B92DE3CBCE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{B28519FE-2829-4ABB-96C8-D619D7033EE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe => No File
FirewallRules: [{AE02DD2B-8791-4B8A-B3C4-FD4734AAB378}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe => No File
FirewallRules: [TCP Query User{23B176AD-B481-4CAF-BD8E-FA7105338D66}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{C2AAF259-27FD-4039-A84E-E5870E5D5AB8}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{D3E5885F-6168-488D-8113-FFBC75D92561}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{7EE43458-EA33-4163-9828-22AE230C10EC}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [{D5D5C2D6-D2CE-4869-8FEE-C27D534DB161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe => No File
FirewallRules: [TCP Query User{8FB7B2DD-02DA-4315-8E0E-8DE42F1C978B}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [UDP Query User{12714F8C-2983-479D-8219-1C86A998EADC}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [{3E108696-64CF-45DB-A879-98148AA2567D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe => No File
FirewallRules: [{99B51080-5225-47DF-8773-90771F3D3DF1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe => No File
FirewallRules: [{809B4D6B-4F4D-4648-9782-9911E33D0153}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe => No File
FirewallRules: [{FB6EAD2A-4D29-465A-9939-19CF2D077D4C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe => No File
FirewallRules: [{26E40E94-A96A-4EE2-8514-AA8B0F605DD4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe => No File
FirewallRules: [{2A7FAF82-B3DB-4280-9EA7-55BE645BC198}] => (Allow) F:\Install\wlan_wiz\.\wlan_assistant\waw.exe => No File
FirewallRules: [{AF07BD28-352A-4068-BDCC-DEF3674DDD88}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{655041B2-7FA1-45A2-9D86-3C4E6188B6D0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{31444480-A3B5-4BA1-94A5-E27E18D71CFC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{420E8ACA-A854-461F-855B-251691A9863F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
F:\CRACK\steam_api.dll
EmptyTemp:
End
*****************
Processes closed successfully.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{380EA202-3F23-449A-8AD3-6D959A836A1E}" => not found
"C:\WINDOWS\System32\Tasks\{49285EA4-A02A-4098-92FF-9B423F6C1703}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{49285EA4-A02A-4098-92FF-9B423F6C1703}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{608652EA-A968-43AC-B81A-BC4370C17D26}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{610ED7A1-7FFF-4453-AE20-9B8F81424CDD}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{702A151C-37F4-4E45-AA71-3E6B7A561F9A}" => not found
"C:\WINDOWS\System32\Tasks\{16EF1DEC-3104-4E16-A536-D75E518F77FE}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{16EF1DEC-3104-4E16-A536-D75E518F77FE}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{702A151C-37F4-4E45-AA71-3E6B7A561F9A}" => not found
"C:\WINDOWS\System32\Tasks\{16EF1DEC-3104-4E16-A536-D75E518F77FE}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{16EF1DEC-3104-4E16-A536-D75E518F77FE}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{858B6555-5F7D-4BBF-A0C1-3B2DCAA74780}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{858B6555-5F7D-4BBF-A0C1-3B2DCAA74780}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87FCC10D-E0AF-4F51-BF91-8C985E3FBCF7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87FCC10D-E0AF-4F51-BF91-8C985E3FBCF7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C726285-38F4-4211-A544-F69A285F439F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C726285-38F4-4211-A544-F69A285F439F}" => removed successfully
C:\WINDOWS\System32\Tasks\{BE9F87BC-A384-4067-917D-744017675B95} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE9F87BC-A384-4067-917D-744017675B95}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{956C7486-E291-4950-8C13-C67BC24A337F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{956C7486-E291-4950-8C13-C67BC24A337F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98CFDD2F-3524-4645-BB22-522ECCCDF219}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98CFDD2F-3524-4645-BB22-522ECCCDF219}" => removed successfully
C:\WINDOWS\System32\Tasks\{59E9C808-8E28-466D-82BD-539E729093D2} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{59E9C808-8E28-466D-82BD-539E729093D2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B64E5ABF-3618-4E9A-9C9A-3C25860DA7BA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B64E5ABF-3618-4E9A-9C9A-3C25860DA7BA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C20349F8-45CE-4B2A-91F6-1C029A40BF1A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C20349F8-45CE-4B2A-91F6-1C029A40BF1A}" => removed successfully
C:\WINDOWS\System32\Tasks\{542BEC95-696A-4A26-AA7E-DEC096F87E06} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{542BEC95-696A-4A26-AA7E-DEC096F87E06}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DBF4112F-5DD1-4BEB-8C4F-2ABC443342A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBF4112F-5DD1-4BEB-8C4F-2ABC443342A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF90EAFA-90E1-488F-B5F0-D4D072CBD59D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF90EAFA-90E1-488F-B5F0-D4D072CBD59D}" => removed successfully
C:\WINDOWS\System32\Tasks\{A544E525-BFF8-4517-954A-B8828A3ABF58} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A544E525-BFF8-4517-954A-B8828A3ABF58}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9138DB2-E377-43AE-8F5D-861035E8F6F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9138DB2-E377-43AE-8F5D-861035E8F6F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\Software\MozillaPlugins\ubisoft.com/uplaypc => removed successfully
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B9F25DF4-4227-461D-898E-BA786BFDAFD4} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1A3D9B70-46A6-447B-A8AE-8A25C650DE2A}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1A272CB2-CF7B-4AFD-98FD-3527FC826C18}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{229F963E-3E10-4A8F-9244-193C56715903}C:\users\marek\desktop\diablo\diablo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{92DBA40D-E46F-4159-9F54-8A3A533311B0}C:\users\marek\desktop\diablo\diablo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CFC80D13-ED51-42FC-A056-81716D79E85A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{34E747F9-1337-48B5-8D45-437398576CD1}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3402CC95-1C9E-49C7-8E74-8C237A9CA182}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B19EB3B7-C988-44F4-8BE4-128787D961E8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A89AED65-1568-4810-88B7-6165A3627737}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ED552A77-A21D-4C89-8EC8-A194E9934321}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7E0577EC-1D4B-4EE1-B471-A0803E3396A6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{47033250-E247-46F8-AB45-CC8135556416}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E5D9D14B-931A-4F58-BDCB-FA977AE7A840}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{806C9A9F-4AFD-4DC1-8993-5EE283C04E6A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A5169E2D-3A10-43AF-80DF-433C35D70D27}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A934827A-A0D6-4584-9B92-CBE4BF50591B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{79ECE1F6-411B-4589-9A51-1FF1D71AEEE0}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{14031D83-F43B-4263-B30A-73C66B43B63B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{12EB767A-4793-4669-AAF4-3EFB2B80296A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F3B0B5B0-8BDE-491B-A7C1-C37C8B46A48B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A57DD699-DC7A-4F11-A266-9E9CD77CE594}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9E1DA30C-AFEA-4780-BE6F-82D817E65BA8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F6FEE0D6-29B3-4996-9A6F-D694A77FD43C}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{031C98FD-A5A5-475D-8CBC-486A12013D9B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E2B29210-185E-4798-9F5F-CAD10480FBCF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{93EB00F6-9BC1-4924-8C0D-BE111372361F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A992342C-414A-4767-83FA-15FD8D83A93F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00276E73-2362-4098-BA49-429EB71B35BF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4F0523BB-767E-482D-AFC1-201C26214712}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{728440E3-DC4C-472E-9190-987BC5F7FD80}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9A1ABED3-C5A8-4191-B136-D5344896A29F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F745DF28-C523-413E-A8AE-6373858CCEF6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E505D533-283E-4522-96E8-6E88685423CC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ACCFF8A8-73B3-41A0-B7E2-7D492865A4EC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{43A3F859-C118-4AF7-B771-0E23A0C24173}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CBB4995C-D4DB-4E7F-B8AA-22E594D6A93B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{68334CD7-20E9-491C-92A3-F324F8F76AFC}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F8D841B9-1E4B-45E3-89FD-703818011127}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{83E588AC-1A0D-4A59-B250-072E5B285794}C:\users\marek\desktop\warcraft 3\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1EA0A7D7-5EF0-497B-8018-0788AE87155D}C:\users\marek\desktop\warcraft 3\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A3129948-CA15-4FAF-B5FE-89FF8A785E4E}C:\users\marek\desktop\warcraft 3\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B3D22B17-35B4-4726-9B69-15F03A0F2F5A}C:\users\marek\desktop\warcraft 3\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB26CB9C-DFAD-4685-B84C-BC18DA2866B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B35E1BE-2BA4-4D75-8EDC-51E183FA016D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6EB8B282-167C-46F5-BF97-4339B27F2B4D}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BFB5D697-626A-44E5-8EF7-D09ECCF07710}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0E610789-C149-4855-B6CD-39A2BE0EB36F}C:\users\marek\desktop\borderlands\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E8A4A5D0-2B0F-400D-9FE3-CF3D8635D4A6}C:\users\marek\desktop\borderlands\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A9AB2BCA-CDE0-4907-B09F-BAEDE9467AD1}C:\users\marek\desktop\borderlands\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{60395623-C28F-4101-AE49-89E260F6C5BC}C:\users\marek\desktop\borderlands\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4777E459-FEDE-43B2-B1A2-607E619D6C31}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29C00148-A2F5-4623-9DB4-831FEA4CCD3F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ACF21724-6CB8-408F-A8AF-4995D159D18E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1ABA894-8DA1-42C4-941C-64B92DE3CBCE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B28519FE-2829-4ABB-96C8-D619D7033EE1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AE02DD2B-8791-4B8A-B3C4-FD4734AAB378}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{23B176AD-B481-4CAF-BD8E-FA7105338D66}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C2AAF259-27FD-4039-A84E-E5870E5D5AB8}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D3E5885F-6168-488D-8113-FFBC75D92561}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7EE43458-EA33-4163-9828-22AE230C10EC}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5D5C2D6-D2CE-4869-8FEE-C27D534DB161}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8FB7B2DD-02DA-4315-8E0E-8DE42F1C978B}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{12714F8C-2983-479D-8219-1C86A998EADC}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E108696-64CF-45DB-A879-98148AA2567D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99B51080-5225-47DF-8773-90771F3D3DF1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{809B4D6B-4F4D-4648-9782-9911E33D0153}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB6EAD2A-4D29-465A-9939-19CF2D077D4C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26E40E94-A96A-4EE2-8514-AA8B0F605DD4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A7FAF82-B3DB-4280-9EA7-55BE645BC198}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF07BD28-352A-4068-BDCC-DEF3674DDD88}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{655041B2-7FA1-45A2-9D86-3C4E6188B6D0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{31444480-A3B5-4BA1-94A5-E27E18D71CFC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{420E8ACA-A854-461F-855B-251691A9863F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe" => removed successfully
"F:\CRACK\steam_api.dll" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 125399422 B
Java, Flash, Steam htmlcache => 381107020 B
Windows/system/drivers => 432795 B
Edge => 2473096 B
Chrome => 365798238 B
Firefox => 594060598 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 124518 B
NetworkService => 130810922 B
Marek => 278656535 B
RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:50:38 ====
Co dál?
Děkuji.
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-11-2021
Ran by Marek (07-11-2021 19:31:34) Run:2
Running from C:\Users\Marek\Downloads
Loaded Profiles: Marek
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-16] () [File not signed] <==== ATTENTION
Task: {380EA202-3F23-449A-8AD3-6D959A836A1E} - System32\Tasks\{49285EA4-A02A-4098-92FF-9B423F6C1703} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {608652EA-A968-43AC-B81A-BC4370C17D26} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {610ED7A1-7FFF-4453-AE20-9B8F81424CDD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {702A151C-37F4-4E45-AA71-3E6B7A561F9A} - System32\Tasks\{16EF1DEC-3104-4E16-A536-D75E518F77FE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends\"
Task: {702A151C-37F4-4E45-AA71-3E6B7A561F9A} - System32\Tasks\{16EF1DEC-3104-4E16-A536-D75E518F77FE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends\"
Task: {858B6555-5F7D-4BBF-A0C1-3B2DCAA74780} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {87FCC10D-E0AF-4F51-BF91-8C985E3FBCF7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8C726285-38F4-4211-A544-F69A285F439F} - System32\Tasks\{BE9F87BC-A384-4067-917D-744017675B95} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Marek\Desktop\Mafia\Setup.exe -d C:\Users\Marek\Desktop\Mafia
Task: {956C7486-E291-4950-8C13-C67BC24A337F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-29] (Google LLC -> Google LLC)
Task: {98CFDD2F-3524-4645-BB22-522ECCCDF219} - System32\Tasks\{59E9C808-8E28-466D-82BD-539E729093D2} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {B64E5ABF-3618-4E9A-9C9A-3C25860DA7BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-29] (Google LLC -> Google LLC)
Task: {C20349F8-45CE-4B2A-91F6-1C029A40BF1A} - System32\Tasks\{542BEC95-696A-4A26-AA7E-DEC096F87E06} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Marek\Downloads\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ\World_of_Warcraft_Cataclysm_4.3.4_for_Posterus.CZ\Wow.exe -d
Task: {DBF4112F-5DD1-4BEB-8C4F-2ABC443342A6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EF90EAFA-90E1-488F-B5F0-D4D072CBD59D} - System32\Tasks\{A544E525-BFF8-4517-954A-B8828A3ABF58} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\League of Legends\lol.launcher.exe" -d "C:\Program Files (x86)\League of Legends"
Task: {F9138DB2-E377-43AE-8F5D-861035E8F6F8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Plugin HKU\S-1-5-21-2684046251-4145855513-4240160385-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-2684046251-4145855513-4240160385-1001 -> DefaultScope {B9F25DF4-4227-461D-898E-BA786BFDAFD4} URL =
SearchScopes: HKU\S-1-5-21-2684046251-4145855513-4240160385-1001 -> {B9F25DF4-4227-461D-898E-BA786BFDAFD4} URL =
FirewallRules: [UDP Query User{1A3D9B70-46A6-447B-A8AE-8A25C650DE2A}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe => No File
FirewallRules: [TCP Query User{1A272CB2-CF7B-4AFD-98FD-3527FC826C18}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe => No File
FirewallRules: [UDP Query User{229F963E-3E10-4A8F-9244-193C56715903}C:\users\marek\desktop\diablo\diablo.exe] => (Block) C:\users\marek\desktop\diablo\diablo.exe => No File
FirewallRules: [TCP Query User{92DBA40D-E46F-4159-9F54-8A3A533311B0}C:\users\marek\desktop\diablo\diablo.exe] => (Block) C:\users\marek\desktop\diablo\diablo.exe => No File
FirewallRules: [UDP Query User{CFC80D13-ED51-42FC-A056-81716D79E85A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{34E747F9-1337-48B5-8D45-437398576CD1}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{3402CC95-1C9E-49C7-8E74-8C237A9CA182}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{B19EB3B7-C988-44F4-8BE4-128787D961E8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A89AED65-1568-4810-88B7-6165A3627737}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{ED552A77-A21D-4C89-8EC8-A194E9934321}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{7E0577EC-1D4B-4EE1-B471-A0803E3396A6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Block) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{47033250-E247-46F8-AB45-CC8135556416}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Block) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E5D9D14B-931A-4F58-BDCB-FA977AE7A840}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{806C9A9F-4AFD-4DC1-8993-5EE283C04E6A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A5169E2D-3A10-43AF-80DF-433C35D70D27}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{A934827A-A0D6-4584-9B92-CBE4BF50591B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{79ECE1F6-411B-4589-9A51-1FF1D71AEEE0}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{14031D83-F43B-4263-B30A-73C66B43B63B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{12EB767A-4793-4669-AAF4-3EFB2B80296A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F3B0B5B0-8BDE-491B-A7C1-C37C8B46A48B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A57DD699-DC7A-4F11-A266-9E9CD77CE594}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{9E1DA30C-AFEA-4780-BE6F-82D817E65BA8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{F6FEE0D6-29B3-4996-9A6F-D694A77FD43C}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{031C98FD-A5A5-475D-8CBC-486A12013D9B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E2B29210-185E-4798-9F5F-CAD10480FBCF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{93EB00F6-9BC1-4924-8C0D-BE111372361F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{A992342C-414A-4767-83FA-15FD8D83A93F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{00276E73-2362-4098-BA49-429EB71B35BF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{4F0523BB-767E-482D-AFC1-201C26214712}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{728440E3-DC4C-472E-9190-987BC5F7FD80}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{9A1ABED3-C5A8-4191-B136-D5344896A29F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{F745DF28-C523-413E-A8AE-6373858CCEF6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{E505D533-283E-4522-96E8-6E88685423CC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{ACCFF8A8-73B3-41A0-B7E2-7D492865A4EC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{43A3F859-C118-4AF7-B771-0E23A0C24173}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe => No File
FirewallRules: [TCP Query User{CBB4995C-D4DB-4E7F-B8AA-22E594D6A93B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{68334CD7-20E9-491C-92A3-F324F8F76AFC}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe] => (Block) C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe => No File
FirewallRules: [TCP Query User{F8D841B9-1E4B-45E3-89FD-703818011127}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe] => (Block) C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe => No File
FirewallRules: [UDP Query User{83E588AC-1A0D-4A59-B250-072E5B285794}C:\users\marek\desktop\warcraft 3\war3.exe] => (Allow) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [TCP Query User{1EA0A7D7-5EF0-497B-8018-0788AE87155D}C:\users\marek\desktop\warcraft 3\war3.exe] => (Allow) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [UDP Query User{A3129948-CA15-4FAF-B5FE-89FF8A785E4E}C:\users\marek\desktop\warcraft 3\war3.exe] => (Block) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [TCP Query User{B3D22B17-35B4-4726-9B69-15F03A0F2F5A}C:\users\marek\desktop\warcraft 3\war3.exe] => (Block) C:\users\marek\desktop\warcraft 3\war3.exe => No File
FirewallRules: [{FB26CB9C-DFAD-4685-B84C-BC18DA2866B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{1B35E1BE-2BA4-4D75-8EDC-51E183FA016D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [TCP Query User{6EB8B282-167C-46F5-BF97-4339B27F2B4D}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe] => (Block) C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{BFB5D697-626A-44E5-8EF7-D09ECCF07710}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe] => (Block) C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe => No File
FirewallRules: [TCP Query User{0E610789-C149-4855-B6CD-39A2BE0EB36F}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{E8A4A5D0-2B0F-400D-9FE3-CF3D8635D4A6}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [TCP Query User{A9AB2BCA-CDE0-4907-B09F-BAEDE9467AD1}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{60395623-C28F-4101-AE49-89E260F6C5BC}C:\users\marek\desktop\borderlands\binaries\borderlands.exe] => (Block) C:\users\marek\desktop\borderlands\binaries\borderlands.exe => No File
FirewallRules: [{4777E459-FEDE-43B2-B1A2-607E619D6C31}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{29C00148-A2F5-4623-9DB4-831FEA4CCD3F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{ACF21724-6CB8-408F-A8AF-4995D159D18E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E1ABA894-8DA1-42C4-941C-64B92DE3CBCE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{B28519FE-2829-4ABB-96C8-D619D7033EE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe => No File
FirewallRules: [{AE02DD2B-8791-4B8A-B3C4-FD4734AAB378}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe => No File
FirewallRules: [TCP Query User{23B176AD-B481-4CAF-BD8E-FA7105338D66}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{C2AAF259-27FD-4039-A84E-E5870E5D5AB8}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{D3E5885F-6168-488D-8113-FFBC75D92561}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{7EE43458-EA33-4163-9828-22AE230C10EC}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [{D5D5C2D6-D2CE-4869-8FEE-C27D534DB161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe => No File
FirewallRules: [TCP Query User{8FB7B2DD-02DA-4315-8E0E-8DE42F1C978B}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [UDP Query User{12714F8C-2983-479D-8219-1C86A998EADC}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe => No File
FirewallRules: [{3E108696-64CF-45DB-A879-98148AA2567D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe => No File
FirewallRules: [{99B51080-5225-47DF-8773-90771F3D3DF1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe => No File
FirewallRules: [{809B4D6B-4F4D-4648-9782-9911E33D0153}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe => No File
FirewallRules: [{FB6EAD2A-4D29-465A-9939-19CF2D077D4C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe => No File
FirewallRules: [{26E40E94-A96A-4EE2-8514-AA8B0F605DD4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe => No File
FirewallRules: [{2A7FAF82-B3DB-4280-9EA7-55BE645BC198}] => (Allow) F:\Install\wlan_wiz\.\wlan_assistant\waw.exe => No File
FirewallRules: [{AF07BD28-352A-4068-BDCC-DEF3674DDD88}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{655041B2-7FA1-45A2-9D86-3C4E6188B6D0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{31444480-A3B5-4BA1-94A5-E27E18D71CFC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
FirewallRules: [UDP Query User{420E8ACA-A854-461F-855B-251691A9863F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe => No File
F:\CRACK\steam_api.dll
EmptyTemp:
End
*****************
Processes closed successfully.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{380EA202-3F23-449A-8AD3-6D959A836A1E}" => not found
"C:\WINDOWS\System32\Tasks\{49285EA4-A02A-4098-92FF-9B423F6C1703}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{49285EA4-A02A-4098-92FF-9B423F6C1703}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{608652EA-A968-43AC-B81A-BC4370C17D26}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{610ED7A1-7FFF-4453-AE20-9B8F81424CDD}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{702A151C-37F4-4E45-AA71-3E6B7A561F9A}" => not found
"C:\WINDOWS\System32\Tasks\{16EF1DEC-3104-4E16-A536-D75E518F77FE}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{16EF1DEC-3104-4E16-A536-D75E518F77FE}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{702A151C-37F4-4E45-AA71-3E6B7A561F9A}" => not found
"C:\WINDOWS\System32\Tasks\{16EF1DEC-3104-4E16-A536-D75E518F77FE}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{16EF1DEC-3104-4E16-A536-D75E518F77FE}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{858B6555-5F7D-4BBF-A0C1-3B2DCAA74780}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{858B6555-5F7D-4BBF-A0C1-3B2DCAA74780}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87FCC10D-E0AF-4F51-BF91-8C985E3FBCF7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87FCC10D-E0AF-4F51-BF91-8C985E3FBCF7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C726285-38F4-4211-A544-F69A285F439F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C726285-38F4-4211-A544-F69A285F439F}" => removed successfully
C:\WINDOWS\System32\Tasks\{BE9F87BC-A384-4067-917D-744017675B95} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE9F87BC-A384-4067-917D-744017675B95}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{956C7486-E291-4950-8C13-C67BC24A337F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{956C7486-E291-4950-8C13-C67BC24A337F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98CFDD2F-3524-4645-BB22-522ECCCDF219}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98CFDD2F-3524-4645-BB22-522ECCCDF219}" => removed successfully
C:\WINDOWS\System32\Tasks\{59E9C808-8E28-466D-82BD-539E729093D2} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{59E9C808-8E28-466D-82BD-539E729093D2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B64E5ABF-3618-4E9A-9C9A-3C25860DA7BA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B64E5ABF-3618-4E9A-9C9A-3C25860DA7BA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C20349F8-45CE-4B2A-91F6-1C029A40BF1A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C20349F8-45CE-4B2A-91F6-1C029A40BF1A}" => removed successfully
C:\WINDOWS\System32\Tasks\{542BEC95-696A-4A26-AA7E-DEC096F87E06} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{542BEC95-696A-4A26-AA7E-DEC096F87E06}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DBF4112F-5DD1-4BEB-8C4F-2ABC443342A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBF4112F-5DD1-4BEB-8C4F-2ABC443342A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF90EAFA-90E1-488F-B5F0-D4D072CBD59D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF90EAFA-90E1-488F-B5F0-D4D072CBD59D}" => removed successfully
C:\WINDOWS\System32\Tasks\{A544E525-BFF8-4517-954A-B8828A3ABF58} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A544E525-BFF8-4517-954A-B8828A3ABF58}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9138DB2-E377-43AE-8F5D-861035E8F6F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9138DB2-E377-43AE-8F5D-861035E8F6F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\Software\MozillaPlugins\ubisoft.com/uplaypc => removed successfully
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2684046251-4145855513-4240160385-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B9F25DF4-4227-461D-898E-BA786BFDAFD4} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1A3D9B70-46A6-447B-A8AE-8A25C650DE2A}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1A272CB2-CF7B-4AFD-98FD-3527FC826C18}C:\program files (x86)\total war - rome 2 - emperor edition\rome2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{229F963E-3E10-4A8F-9244-193C56715903}C:\users\marek\desktop\diablo\diablo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{92DBA40D-E46F-4159-9F54-8A3A533311B0}C:\users\marek\desktop\diablo\diablo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CFC80D13-ED51-42FC-A056-81716D79E85A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{34E747F9-1337-48B5-8D45-437398576CD1}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3402CC95-1C9E-49C7-8E74-8C237A9CA182}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B19EB3B7-C988-44F4-8BE4-128787D961E8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A89AED65-1568-4810-88B7-6165A3627737}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ED552A77-A21D-4C89-8EC8-A194E9934321}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.171\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7E0577EC-1D4B-4EE1-B471-A0803E3396A6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{47033250-E247-46F8-AB45-CC8135556416}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E5D9D14B-931A-4F58-BDCB-FA977AE7A840}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{806C9A9F-4AFD-4DC1-8993-5EE283C04E6A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A5169E2D-3A10-43AF-80DF-433C35D70D27}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A934827A-A0D6-4584-9B92-CBE4BF50591B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{79ECE1F6-411B-4589-9A51-1FF1D71AEEE0}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{14031D83-F43B-4263-B30A-73C66B43B63B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{12EB767A-4793-4669-AAF4-3EFB2B80296A}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F3B0B5B0-8BDE-491B-A7C1-C37C8B46A48B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A57DD699-DC7A-4F11-A266-9E9CD77CE594}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9E1DA30C-AFEA-4780-BE6F-82D817E65BA8}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F6FEE0D6-29B3-4996-9A6F-D694A77FD43C}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{031C98FD-A5A5-475D-8CBC-486A12013D9B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.164\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E2B29210-185E-4798-9F5F-CAD10480FBCF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{93EB00F6-9BC1-4924-8C0D-BE111372361F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A992342C-414A-4767-83FA-15FD8D83A93F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00276E73-2362-4098-BA49-429EB71B35BF}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.162\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4F0523BB-767E-482D-AFC1-201C26214712}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{728440E3-DC4C-472E-9190-987BC5F7FD80}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.161\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9A1ABED3-C5A8-4191-B136-D5344896A29F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F745DF28-C523-413E-A8AE-6373858CCEF6}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E505D533-283E-4522-96E8-6E88685423CC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ACCFF8A8-73B3-41A0-B7E2-7D492865A4EC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{43A3F859-C118-4AF7-B771-0E23A0C24173}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CBB4995C-D4DB-4E7F-B8AA-22E594D6A93B}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{68334CD7-20E9-491C-92A3-F324F8F76AFC}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F8D841B9-1E4B-45E3-89FD-703818011127}C:\users\marek\desktop\age of empires + rise of rome expansion\empires.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{83E588AC-1A0D-4A59-B250-072E5B285794}C:\users\marek\desktop\warcraft 3\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1EA0A7D7-5EF0-497B-8018-0788AE87155D}C:\users\marek\desktop\warcraft 3\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A3129948-CA15-4FAF-B5FE-89FF8A785E4E}C:\users\marek\desktop\warcraft 3\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B3D22B17-35B4-4726-9B69-15F03A0F2F5A}C:\users\marek\desktop\warcraft 3\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB26CB9C-DFAD-4685-B84C-BC18DA2866B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1B35E1BE-2BA4-4D75-8EDC-51E183FA016D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6EB8B282-167C-46F5-BF97-4339B27F2B4D}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BFB5D697-626A-44E5-8EF7-D09ECCF07710}C:\program files (x86)\borderlands game of the year edition\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0E610789-C149-4855-B6CD-39A2BE0EB36F}C:\users\marek\desktop\borderlands\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E8A4A5D0-2B0F-400D-9FE3-CF3D8635D4A6}C:\users\marek\desktop\borderlands\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A9AB2BCA-CDE0-4907-B09F-BAEDE9467AD1}C:\users\marek\desktop\borderlands\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{60395623-C28F-4101-AE49-89E260F6C5BC}C:\users\marek\desktop\borderlands\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4777E459-FEDE-43B2-B1A2-607E619D6C31}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29C00148-A2F5-4623-9DB4-831FEA4CCD3F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ACF21724-6CB8-408F-A8AF-4995D159D18E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E1ABA894-8DA1-42C4-941C-64B92DE3CBCE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B28519FE-2829-4ABB-96C8-D619D7033EE1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AE02DD2B-8791-4B8A-B3C4-FD4734AAB378}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{23B176AD-B481-4CAF-BD8E-FA7105338D66}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C2AAF259-27FD-4039-A84E-E5870E5D5AB8}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D3E5885F-6168-488D-8113-FFBC75D92561}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7EE43458-EA33-4163-9828-22AE230C10EC}C:\program files (x86)\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5D5C2D6-D2CE-4869-8FEE-C27D534DB161}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8FB7B2DD-02DA-4315-8E0E-8DE42F1C978B}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{12714F8C-2983-479D-8219-1C86A998EADC}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E108696-64CF-45DB-A879-98148AA2567D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99B51080-5225-47DF-8773-90771F3D3DF1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{809B4D6B-4F4D-4648-9782-9911E33D0153}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB6EAD2A-4D29-465A-9939-19CF2D077D4C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26E40E94-A96A-4EE2-8514-AA8B0F605DD4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A7FAF82-B3DB-4280-9EA7-55BE645BC198}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF07BD28-352A-4068-BDCC-DEF3674DDD88}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{655041B2-7FA1-45A2-9D86-3C4E6188B6D0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{31444480-A3B5-4BA1-94A5-E27E18D71CFC}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{420E8ACA-A854-461F-855B-251691A9863F}C:\program files (x86)\league of legends\rads\projects\league_client\releases\0.0.0.174\deploy\leagueclient.exe" => removed successfully
"F:\CRACK\steam_api.dll" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 125399422 B
Java, Flash, Steam htmlcache => 381107020 B
Windows/system/drivers => 432795 B
Edge => 2473096 B
Chrome => 365798238 B
Firefox => 594060598 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 124518 B
NetworkService => 130810922 B
Marek => 278656535 B
RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:50:38 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Ukradený účet na Steam
Bylo smazáno, log je již OK. To že se již nenačre se stalo díky tomuto:
Je to šmejd a my ho mažeme. Nyní si už jen změňte heslo k účtu a mělo by být vše OK.Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-16] () [File not signed] <==== ATTENTION
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Ukradený účet na Steam
Děkuji mnohokrát!
Dá se nějak zjistit odkud se mi do počítače dostal a zda se mi i někdo dostal do emailové schránky na seznamu? Oni píšou, že nearchivují seznam ip adres, takže se nemohu na rozdíl od gmailu podívat, odkud bylo do mailu vstoupeno. Jen jsem tam našel maily od Steamu s potvrzovacíma kodama na změnu emailové adresy k účtu, kterou změnil na svou ruskou, takže předpokládám, že byl u mě v mailu.
Heslo změním.
Mám antivirus od Esetu Nod32 15.0.18.0 a ten ani přes sken a maximální ochanu vůbec nic nenašel a to se pravidelně aktualizuje.
Měl byste tip, jak si lépe zabezpečit počítač?
Ještě jednou děkuji.
Dá se nějak zjistit odkud se mi do počítače dostal a zda se mi i někdo dostal do emailové schránky na seznamu? Oni píšou, že nearchivují seznam ip adres, takže se nemohu na rozdíl od gmailu podívat, odkud bylo do mailu vstoupeno. Jen jsem tam našel maily od Steamu s potvrzovacíma kodama na změnu emailové adresy k účtu, kterou změnil na svou ruskou, takže předpokládám, že byl u mě v mailu.
Heslo změním.
Mám antivirus od Esetu Nod32 15.0.18.0 a ten ani přes sken a maximální ochanu vůbec nic nenašel a to se pravidelně aktualizuje.
Měl byste tip, jak si lépe zabezpečit počítač?
Ještě jednou děkuji.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Ukradený účet na Steam
To se, bohužel jednoduše zjistit nedá. Jen Seznam by mohl vědět, zda se nějdo pokušel se dostat do vaší schránky a to pouze metodou brute force (doporučuji si změnit heslo i tam). Zebezpečení Eset Internet Security je solidní, ale jako každý talovýto produkt se dá obejít. Hackeři to dokáží, bohužel. Jediné, co ještě můžete udělat je pravidelně měnit hesla třeba čtvrtletně a použít tzv. "silné" heslo (malá/velká písmena, numer. znaky a diakritiku). Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?