Prosím o kontrolu, předem děkuji.
Napsal: 26 bře 2020 21:16
Ahoj, prosím o kontrolu. Nepozoruju žádné problémy, ale GridinSoft Anti-Malware našel dva trojské koně (mám pouze demo, takže mi to neumožní žádnou možnost řešení). Zkoušela jsem scan přes HitmanPro a Malwarebytes, ty nenašly nic, a Zabezpečení Windows též tvrdí, že nikde nic, ale chtěla bych mít jistotu, že je vše v pořádku. Moc vám děkuju.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-03-2020
Ran by dotro (26-03-2020 20:03:47)
Running from C:\Users\dotro\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-07-28 21:23:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1756291422-3896979012-1980332954-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1756291422-3896979012-1980332954-503 - Limited - Disabled)
dotro (S-1-5-21-1756291422-3896979012-1980332954-1001 - Administrator - Enabled) => C:\Users\dotro
Guest (S-1-5-21-1756291422-3896979012-1980332954-501 - Limited - Disabled)
mufmu (S-1-5-21-1756291422-3896979012-1980332954-1003 - Limited - Disabled) => C:\Users\mufmu
WDAGUtilityAccount (S-1-5-21-1756291422-3896979012-1980332954-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.99 - ICEpower a/s)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (10/21/2015 6.0.0.66) (HKLM\...\BC69268D29996F70FD79F32A561263B8537AAF34) (Version: 10/21/2015 6.0.0.66 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.55 - Conexant)
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
Daphne_x64 (HKLM\...\{D615E111-28D9-4D6D-97CB-78A64CF9D368}) (Version: 2.03.2 - DRK)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{818FF838-5FCD-4FCB-AE39-4F725EBCE2A1}) (Version: 1.1.128.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8461D908F}) (Version: 7.5.1.10334 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{e629f10b-0739-4b42-b774-fe4f4f975ad6}) (Version: 7.5.1.10334 - ExpressVPN)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 4.1.36 - Gridinsoft LLC)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.18.312 - SurfRight B.V.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{64FD4757-7186-4F12-9AA8-5EE809CAB282}) (Version: 17.1.1532.1814 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.1.4 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{4D78B137-434D-466E-A4D8-98E7EA3F73E5}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1756291422-3896979012-1980332954-1003\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1756291422-3896979012-1980332954-1005\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 74.0 (x64 cs) (HKLM\...\Mozilla Firefox 74.0 (x64 cs)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.2 - Mozilla)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.7.0 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version: - Timeslip)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.40.26928 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{1dccdcdc-b7df-41e7-8f9f-1a6bc24ba749}) (Version: latest - ppy Pty Ltd)
Ovládací panel NVIDIA 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.67 - NVIDIA Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Popcorn-Time (HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.34.603.2019 - Realtek)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Spotify (HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\Spotify) (Version: 1.1.20.510.g7d28aaaa - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{61B90E2F-2DD9-4581-8856-C2441B61571A}) (Version: 1.7.0.0 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)
Packages:
=========
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-08-25] (Flipboard)
Gameloft Games -> C:\Program Files\WindowsApps\A278AB0D.GameloftGames_1.0.2.6_x86__h6adky7gbf63m [2017-08-25] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-15] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-16] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\dotro\AppData\Local\Microsoft\OneDrive\17.3.6943.0625_1\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\dotro\AppData\Local\Microsoft\OneDrive\17.3.6943.0625_1\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\dotro\AppData\Local\Microsoft\OneDrive\17.3.6943.0625_1\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DRKShell] -> {E18C8C1B-FD35-455E-BB21-4BA26B1E751D} => -> No File
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2017-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [DRKShell] -> {E18C8C1B-FD35-455E-BB21-4BA26B1E751D} => -> No File
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\dotro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk -> C:\Users\dotro\AppData\Local\Popcorn-Time\Popcorn-Time.exe (The NWJS Community) -> --user-data-dir="C:\Users\dotro\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj
==================== Loaded Modules (Whitelisted) =============
2020-03-18 13:49 - 2020-03-18 13:49 - 000349184 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\530c362724b1556132710f2af59bb795\Interop.CxHDAudioAPILib.ni.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000124928 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 001680384 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000178688 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000164864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2017-11-29 20:26 - 2017-11-29 20:23 - 001132032 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2019-01-15 20:56 - 2018-12-30 08:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-05-22 17:26 - 2019-05-22 17:26 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-05-22 17:26 - 2019-05-22 17:26 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-05-22 17:26 - 2019-05-25 08:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-01-22 20:38 - 2020-02-25 21:13 - 000000566 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dotro\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\w9.jpg
HKU\S-1-5-21-1756291422-3896979012-1980332954-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1756291422-3896979012-1980332954-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Rainlendar2"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{10B8D559-3C94-41C7-AAC0-E9C6F67F9B9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 6\BH6.exe (QLOC S.A. -> CAPCOM U.S.A, INC.)
FirewallRules: [{886D7CF1-0C8D-4C96-80DE-96756458C170}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 6\BH6.exe (QLOC S.A. -> CAPCOM U.S.A, INC.)
FirewallRules: [UDP Query User{FBF468D0-B89C-4F81-80B5-AEE0CC044208}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{C568AE91-B044-4BD1-B429-1A66FA908AB8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A4FA8F69-7C67-4D9C-9A36-9330148B1E29}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1F1A63F1-D404-411E-BF76-C7FBD712E7BC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B55D516D-1CF6-444D-946E-26013135DB4A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9534F77C-AD80-415A-B945-8C6D771A422F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0E6BF920-A253-4AD5-AC77-B0F48B1A0CF4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{D68A1C0A-D559-4776-ABAF-0DF21A39E816}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{602A5A5A-C463-4F34-A7FF-FFE5E3200424}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F6BDE84C-54AE-4652-8D87-8FEE006A7991}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [{22A08468-4DA8-4920-A80C-37E93876232C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E519729-B0AA-420F-A20E-E6A627798588}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08CABD94-2E9E-461C-8EC5-EB7932ABC100}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{77450043-FF7E-4FAA-B60F-FB1267F9E3AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5D14D78D-EAA0-4C26-AF49-888415371A6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E811AF7D-F4B4-42F6-B7F8-023BD5505D48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{CE75EFAC-FE7A-482C-8285-3BC64A30710B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{30BB7BDA-D449-4CFE-AC63-33555047963E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C3376E6E-6903-42C3-90AC-B70F4E75830B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{146FB848-8E51-4484-BA26-EFB6D72518FA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [{7FD87513-9F2A-41E3-B41A-E3235C1DA527}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [{CD290337-BC76-4B15-A903-3901B5AB1088}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [UDP Query User{12F1D1E2-52E0-4261-8DE7-9C8C0D81A943}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Block) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{076E4CC6-2C7B-412E-9EE5-7253780CAAAE}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Block) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{9771C1EE-E93F-4920-BDB0-4C9782C52CA1}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{8EB31EB5-085A-4C5C-ACC1-F1972154E81B}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{6FC22692-569E-4245-B8B8-FFEB5789E5EC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{80C28DE1-5B69-45C4-ABE3-11799457400F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{976518B6-1BBE-4CAE-81BE-0AFF974ECD34}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{652398FE-3311-47B2-90EA-EB7CE7210960}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{48776565-E6D8-48F8-9DD9-36F37A2B64D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{DBDF2E35-C0E3-45EC-856A-A5446241F760}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{82F9545D-F4A9-4868-8536-C1274AB5F93E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9EAAADA4-75F4-4B69-9F4E-1B660A36BA8F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{78DE6CC1-B5F1-4295-BF72-2D3409C84254}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6C99BFA4-2EAA-4B2A-A1CF-A2E9AB7639D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{67BAAE03-A35E-4A13-BBF0-3AF451AA8F19}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CD50837A-BEBC-48CD-AC88-F6F43FD75AB6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B4C62CF0-7925-409C-966E-617241DFCC41}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [TCP Query User{4652710E-E9DA-4A9E-9759-8200C74870F7}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [{1D658475-241C-41B6-A21D-265CF76A01AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A3E30868-2119-44A0-AA94-09A106390250}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{494FFA83-8AB5-4C8A-A389-44122599B6A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{15BBB86E-2531-4571-8927-BA6DEBAE4B74}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BCFC64A4-F1B0-409D-96CE-098298E8FE9C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A38DE541-47DC-4CB9-955D-F9BF8C3D7D63}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{999FB491-E30C-4B8F-93EE-81D7087CD74E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{8667FEB5-B207-490E-94A7-D488A0BD7532}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C2987230-A821-48CC-96E5-C417CCEF3D0B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{05F45A18-5783-4DD9-A6A8-F33AC235FF9B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3C3FC762-FF11-43DA-AE41-A99739D87FF6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BBC6B195-D4E5-438E-BA38-4E5CD3EDBB0F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{35AEE9C0-4509-48FB-B225-B726746EDB3B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{12802B58-5E92-4D8D-B682-B43091876544}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{996DFE4A-3D0F-457F-ACF4-066D75C71AF8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F19A8C55-28AE-41F8-92B7-6BE6AFD821FC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe No File
FirewallRules: [{890A9211-8E31-42F0-8703-754F057F737B}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AA18058B-7DBA-473E-8D0A-5C5457F9E429}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{C36F5E95-6434-465F-90CC-A22864DB96D8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{79D6F840-4AB9-44C8-8A82-8C93A9888D39}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe No File
FirewallRules: [{3F8605C0-47AA-4DA4-BB60-DA5C0D0FA0A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{F0F75797-0BB2-46D1-BF38-63240816EB23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{F502C942-87A1-435B-BA2B-93C011971CB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RollerCoaster Tycoon Deluxe\RCT.EXE () [File not signed]
FirewallRules: [{0D672FD9-214E-41E2-818C-50F53227F9F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RollerCoaster Tycoon Deluxe\RCT.EXE () [File not signed]
FirewallRules: [UDP Query User{A3800C39-5C70-4A9B-A131-5C99431D2F29}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0D59D5D1-3E6F-4A39-971D-97EFD8BEBECC}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D62B8A63-7108-44D5-B784-2147CF909797}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{55A52BC3-7919-4C14-9346-EC02CEBF5A7F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{199EEC89-3B7E-4D98-90CD-02ECBEC5381A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0A993BE5-E1B8-45C5-9D28-DBA4D6A95847}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{17C64131-1E47-4FDA-8C68-4ADAF5298F31}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{488C3482-9A6A-4ED4-9B9C-5513DC1BE0BA}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{76BA2FDC-2DC1-4A5A-AEEF-8A4D831E0195}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{552C6BB1-1BE4-4464-B891-C6C55A603C0B}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BB83D69B-33CE-4C55-91AB-40F166C72DD4}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6149EC2E-74FE-4D8C-B013-9F7798A925DD}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DFE668C7-AEC2-4717-AD9F-6EA0F0864F50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ibbandobb\ibbobb.exe () [File not signed]
FirewallRules: [{D41572ED-FAE3-4F4D-82BC-D34E58748ED6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ibbandobb\ibbobb.exe () [File not signed]
FirewallRules: [{20D4A563-8172-4721-AC99-793746FD8164}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{2C53C74A-BCE5-4B10-9256-9AC069B8A6F2}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{2A6CFEF3-E5D5-42E4-AE0E-2D152EBFA756}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{ED6088E4-D000-4491-A1E2-658410D5739B}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{5D1F062E-1B25-452A-A238-50C09FD24197}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe (Intel(R) Wireless Display -> )
FirewallRules: [{7C9A7CAA-5E37-4073-86B1-5EB2413C72C3}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{E4A606F9-3F90-4118-A15B-935CA4A37CF1}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE No File
FirewallRules: [{C363D7A1-E528-46AF-91FA-8D2ECCE4666F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2EAE9BA0-A877-40D3-AAE0-5A66571601D4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{37D6BB17-0271-4995-9B88-E032A30B2776}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5090D129-9818-41F5-906F-3F506AE9B52A}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FCE6C1E7-1F62-4621-B5FC-353FA87B3AFE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{80CBCA5D-446D-47A4-8A2D-82D7F336F0ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ADC1E5C3-3E44-4A91-B18C-44335D6967D6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{05A7031D-90D0-47A2-8259-68DD90BBD48F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{322E8357-1FBF-405C-822C-4474BBFA407C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [File not signed]
FirewallRules: [{E496342C-AEEF-442F-B644-D47FA937E833}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [File not signed]
FirewallRules: [TCP Query User{4EA0A876-892A-44B0-9C71-2FFEBEAED667}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{45776CBD-2D29-41FD-8627-8470B3B6248D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF9F46A6-0028-4CD4-95D2-7F179EDCEA4C}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]
FirewallRules: [{363F573C-BB1A-4B1E-A13B-4B1537B9D3A1}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]
FirewallRules: [TCP Query User{8B64122B-771D-4693-8188-9002119BE0A6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{DFD35B70-C076-4262-9420-7EAC4BDEB917}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6128AAC6-DEC7-4978-86FC-42E871E7F6F9}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{D0078398-E1AC-4835-8775-FC8BF394D083}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{92DA1E15-D1A7-4E26-9A74-741B003E5A0A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{39583EC6-8939-4E61-B051-01B2BCD2D583}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F088AC4B-F213-49B6-8559-E165B3B3B347}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{33424736-31A7-4A78-8587-E296A401FBB1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe No File
FirewallRules: [{F44B3DE2-ABEA-4482-B58C-E219AA87559C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{62C8011D-25A2-461A-8DC5-D72E723C29DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [TCP Query User{0616DC55-9A42-4A08-91AF-82E77D545517}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{66040B4F-67EB-4770-8551-EB108F6232E6}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{CA42F039-E082-4861-A97A-8A62D13753CC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86BED0AE-A106-494F-8139-1C927D5F200C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{2A01B94C-D405-48D4-830A-EB346C26EB53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{E743611C-782C-405A-8955-7621CC2C2A84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overcooked! 2\Overcooked2.exe () [File not signed]
FirewallRules: [{A31204B0-906F-41E7-857D-14E10B787618}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overcooked! 2\Overcooked2.exe () [File not signed]
FirewallRules: [{DF69D8DD-AAC9-40E9-8F17-EE816CCD9345}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B24A23AB-BCD5-4027-97C7-98C9B58D9ECC}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{F323F4C7-4632-4878-B36E-61E701991B8B}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{AAD0D9EE-4E1D-4A4B-844F-C90CE20F237F}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DCF69512-2861-44B6-83AC-12CD61AE2971}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{ED763667-0746-43DE-A45F-D631311FEA41}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B1678D3A-4EEA-4B9B-B864-F220623802F2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{0AAA1AEB-5512-474B-9644-33C6B59F31F6}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B6FF0C31-107D-4522-9B07-27B41BBFADB0}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{FF880051-594D-4B18-8C2B-3691DC7F5669}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DD525BD0-8C2D-41CA-BF1E-DEDADAD49753}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{7DF5BFAB-F5E9-4139-AA0A-C96554CE50DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{0FD80381-2A5D-49B5-A4AD-89AA67F3638C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{251FC6D0-3718-489B-A019-DFBA21FD71F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [TCP Query User{E95BC4FA-1AE8-4367-ACD6-062CCE720E36}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
FirewallRules: [UDP Query User{4AEAEEF0-6764-4B83-BF1D-B74E6340AAA7}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
FirewallRules: [{89AD1AB8-95DB-43FF-880C-006097039398}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{210C142F-4366-484F-8AD1-079D3E23FEA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
==================== Restore Points =========================
Check "VSS" service
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/26/2020 07:53:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10676,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/26/2020 07:27:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12304,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/26/2020 07:16:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SecHealthUI.exe verze 10.0.18362.628 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2084
Čas spuštění: 01d60397fb76ebdc
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
ID hlášení: 84ae121c-352d-4b62-8776-f155d5885fb8
Úplný název balíčku s chybou: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: SecHealthUI
Typ zablokování: Cross-process
Error: (03/26/2020 07:09:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9784,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/26/2020 07:07:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (03/26/2020 07:07:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (03/26/2020 07:07:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (03/26/2020 07:07:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
System errors:
=============
Error: (03/26/2020 06:10:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Kingsoft_WPS_UpdateService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/26/2020 06:10:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Kingsoft_WPS_UpdateService bylo dosaženo časového limitu (45000 ms).
Error: (03/26/2020 05:29:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Kingsoft_WPS_UpdateService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/26/2020 05:29:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Kingsoft_WPS_UpdateService bylo dosaženo časového limitu (45000 ms).
Error: (03/26/2020 12:35:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (03/24/2020 08:13:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RSIJ9SI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/24/2020 08:13:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RSIJ9SI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/24/2020 08:13:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RSIJ9SI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2020-03-26 16:45:04.077
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-26 16:41:02.299
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-26 16:40:47.245
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-26 16:40:28.006
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-26 13:26:04.181
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EB63B39F-2240-4482-B9FD-80170A887FA1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-12 19:46:08.424
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1057.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-02-07 21:03:52.544
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.445.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-01-31 19:49:26.049
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.102.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-02-07 20:48:57.712
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.705
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.600
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.592
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.582
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.571
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.250
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.224
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. UX303UB.202 08/27/2015
Motherboard: ASUSTeK COMPUTER INC. UX303UB
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 56%
Total physical RAM: 8090.91 MB
Available physical RAM: 3510.76 MB
Total Virtual: 12698.91 MB
Available Virtual: 6762.8 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:237.32 GB) (Free:47.32 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{7954d40f-b5ed-48c2-b5f9-cd66c678da1e}\ () (Fixed) (Total:0.88 GB) (Free:0.41 GB) NTFS
\\?\Volume{eb380256-291a-4ac7-91cf-a79771fc0825}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: F2CB76F2)
Partition: GPT.
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-03-2020
Ran by dotro (26-03-2020 20:03:47)
Running from C:\Users\dotro\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-07-28 21:23:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1756291422-3896979012-1980332954-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1756291422-3896979012-1980332954-503 - Limited - Disabled)
dotro (S-1-5-21-1756291422-3896979012-1980332954-1001 - Administrator - Enabled) => C:\Users\dotro
Guest (S-1-5-21-1756291422-3896979012-1980332954-501 - Limited - Disabled)
mufmu (S-1-5-21-1756291422-3896979012-1980332954-1003 - Limited - Disabled) => C:\Users\mufmu
WDAGUtilityAccount (S-1-5-21-1756291422-3896979012-1980332954-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.99 - ICEpower a/s)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (10/21/2015 6.0.0.66) (HKLM\...\BC69268D29996F70FD79F32A561263B8537AAF34) (Version: 10/21/2015 6.0.0.66 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.55 - Conexant)
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
Daphne_x64 (HKLM\...\{D615E111-28D9-4D6D-97CB-78A64CF9D368}) (Version: 2.03.2 - DRK)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{818FF838-5FCD-4FCB-AE39-4F725EBCE2A1}) (Version: 1.1.128.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8461D908F}) (Version: 7.5.1.10334 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{e629f10b-0739-4b42-b774-fe4f4f975ad6}) (Version: 7.5.1.10334 - ExpressVPN)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 4.1.36 - Gridinsoft LLC)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.18.312 - SurfRight B.V.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{64FD4757-7186-4F12-9AA8-5EE809CAB282}) (Version: 17.1.1532.1814 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.1.4 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{4D78B137-434D-466E-A4D8-98E7EA3F73E5}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1756291422-3896979012-1980332954-1003\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1756291422-3896979012-1980332954-1005\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 74.0 (x64 cs) (HKLM\...\Mozilla Firefox 74.0 (x64 cs)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.2 - Mozilla)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.7.0 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version: - Timeslip)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.40.26928 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{1dccdcdc-b7df-41e7-8f9f-1a6bc24ba749}) (Version: latest - ppy Pty Ltd)
Ovládací panel NVIDIA 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.67 - NVIDIA Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Popcorn-Time (HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.34.603.2019 - Realtek)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Spotify (HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\Spotify) (Version: 1.1.20.510.g7d28aaaa - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{61B90E2F-2DD9-4581-8856-C2441B61571A}) (Version: 1.7.0.0 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)
Packages:
=========
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-08-25] (Flipboard)
Gameloft Games -> C:\Program Files\WindowsApps\A278AB0D.GameloftGames_1.0.2.6_x86__h6adky7gbf63m [2017-08-25] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-15] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-16] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\dotro\AppData\Local\Microsoft\OneDrive\17.3.6943.0625_1\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\dotro\AppData\Local\Microsoft\OneDrive\17.3.6943.0625_1\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\dotro\AppData\Local\Microsoft\OneDrive\17.3.6943.0625_1\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DRKShell] -> {E18C8C1B-FD35-455E-BB21-4BA26B1E751D} => -> No File
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dotro\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-25] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2017-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [DRKShell] -> {E18C8C1B-FD35-455E-BB21-4BA26B1E751D} => -> No File
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2020-03-26] (GridinSoft, LLC -> Gridinsoft LLC)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\dotro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk -> C:\Users\dotro\AppData\Local\Popcorn-Time\Popcorn-Time.exe (The NWJS Community) -> --user-data-dir="C:\Users\dotro\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj
==================== Loaded Modules (Whitelisted) =============
2020-03-18 13:49 - 2020-03-18 13:49 - 000349184 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\530c362724b1556132710f2af59bb795\Interop.CxHDAudioAPILib.ni.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000124928 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 001680384 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000178688 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 000164864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2017-11-29 20:26 - 2017-11-29 20:23 - 001132032 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2019-01-15 20:56 - 2018-12-30 08:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-05-22 17:26 - 2019-05-22 17:26 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-05-22 17:26 - 2019-05-22 17:26 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-05-22 17:26 - 2019-05-25 08:55 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-05-22 17:26 - 2019-05-25 08:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-01-22 20:38 - 2020-02-25 21:13 - 000000566 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dotro\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\w9.jpg
HKU\S-1-5-21-1756291422-3896979012-1980332954-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1756291422-3896979012-1980332954-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Rainlendar2"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1756291422-3896979012-1980332954-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{10B8D559-3C94-41C7-AAC0-E9C6F67F9B9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 6\BH6.exe (QLOC S.A. -> CAPCOM U.S.A, INC.)
FirewallRules: [{886D7CF1-0C8D-4C96-80DE-96756458C170}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 6\BH6.exe (QLOC S.A. -> CAPCOM U.S.A, INC.)
FirewallRules: [UDP Query User{FBF468D0-B89C-4F81-80B5-AEE0CC044208}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{C568AE91-B044-4BD1-B429-1A66FA908AB8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.200\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A4FA8F69-7C67-4D9C-9A36-9330148B1E29}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{1F1A63F1-D404-411E-BF76-C7FBD712E7BC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.198\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B55D516D-1CF6-444D-946E-26013135DB4A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9534F77C-AD80-415A-B945-8C6D771A422F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.197\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{0E6BF920-A253-4AD5-AC77-B0F48B1A0CF4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{D68A1C0A-D559-4776-ABAF-0DF21A39E816}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.196\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{602A5A5A-C463-4F34-A7FF-FFE5E3200424}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F6BDE84C-54AE-4652-8D87-8FEE006A7991}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.195\deploy\leagueclient.exe No File
FirewallRules: [{22A08468-4DA8-4920-A80C-37E93876232C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E519729-B0AA-420F-A20E-E6A627798588}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08CABD94-2E9E-461C-8EC5-EB7932ABC100}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{77450043-FF7E-4FAA-B60F-FB1267F9E3AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5D14D78D-EAA0-4C26-AF49-888415371A6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E811AF7D-F4B4-42F6-B7F8-023BD5505D48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{CE75EFAC-FE7A-482C-8285-3BC64A30710B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{30BB7BDA-D449-4CFE-AC63-33555047963E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.194\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C3376E6E-6903-42C3-90AC-B70F4E75830B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{146FB848-8E51-4484-BA26-EFB6D72518FA}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.193\deploy\leagueclient.exe No File
FirewallRules: [{7FD87513-9F2A-41E3-B41A-E3235C1DA527}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [{CD290337-BC76-4B15-A903-3901B5AB1088}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [UDP Query User{12F1D1E2-52E0-4261-8DE7-9C8C0D81A943}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Block) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{076E4CC6-2C7B-412E-9EE5-7253780CAAAE}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Block) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{9771C1EE-E93F-4920-BDB0-4C9782C52CA1}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{8EB31EB5-085A-4C5C-ACC1-F1972154E81B}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{6FC22692-569E-4245-B8B8-FFEB5789E5EC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{80C28DE1-5B69-45C4-ABE3-11799457400F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.178\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{976518B6-1BBE-4CAE-81BE-0AFF974ECD34}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{652398FE-3311-47B2-90EA-EB7CE7210960}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{48776565-E6D8-48F8-9DD9-36F37A2B64D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{DBDF2E35-C0E3-45EC-856A-A5446241F760}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.169\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{82F9545D-F4A9-4868-8536-C1274AB5F93E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{9EAAADA4-75F4-4B69-9F4E-1B660A36BA8F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{78DE6CC1-B5F1-4295-BF72-2D3409C84254}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6C99BFA4-2EAA-4B2A-A1CF-A2E9AB7639D1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.165\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{67BAAE03-A35E-4A13-BBF0-3AF451AA8F19}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{CD50837A-BEBC-48CD-AC88-F6F43FD75AB6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.163\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B4C62CF0-7925-409C-966E-617241DFCC41}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [TCP Query User{4652710E-E9DA-4A9E-9759-8200C74870F7}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe No File
FirewallRules: [{1D658475-241C-41B6-A21D-265CF76A01AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A3E30868-2119-44A0-AA94-09A106390250}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{494FFA83-8AB5-4C8A-A389-44122599B6A9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{15BBB86E-2531-4571-8927-BA6DEBAE4B74}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{BCFC64A4-F1B0-409D-96CE-098298E8FE9C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{A38DE541-47DC-4CB9-955D-F9BF8C3D7D63}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{999FB491-E30C-4B8F-93EE-81D7087CD74E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{8667FEB5-B207-490E-94A7-D488A0BD7532}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C2987230-A821-48CC-96E5-C417CCEF3D0B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{05F45A18-5783-4DD9-A6A8-F33AC235FF9B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{3C3FC762-FF11-43DA-AE41-A99739D87FF6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{BBC6B195-D4E5-438E-BA38-4E5CD3EDBB0F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.156\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{35AEE9C0-4509-48FB-B225-B726746EDB3B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{12802B58-5E92-4D8D-B682-B43091876544}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{996DFE4A-3D0F-457F-ACF4-066D75C71AF8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F19A8C55-28AE-41F8-92B7-6BE6AFD821FC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.153\deploy\leagueclient.exe No File
FirewallRules: [{890A9211-8E31-42F0-8703-754F057F737B}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AA18058B-7DBA-473E-8D0A-5C5457F9E429}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{C36F5E95-6434-465F-90CC-A22864DB96D8}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{79D6F840-4AB9-44C8-8A82-8C93A9888D39}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.149\deploy\leagueclient.exe No File
FirewallRules: [{3F8605C0-47AA-4DA4-BB60-DA5C0D0FA0A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{F0F75797-0BB2-46D1-BF38-63240816EB23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe No File
FirewallRules: [{F502C942-87A1-435B-BA2B-93C011971CB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RollerCoaster Tycoon Deluxe\RCT.EXE () [File not signed]
FirewallRules: [{0D672FD9-214E-41E2-818C-50F53227F9F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RollerCoaster Tycoon Deluxe\RCT.EXE () [File not signed]
FirewallRules: [UDP Query User{A3800C39-5C70-4A9B-A131-5C99431D2F29}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0D59D5D1-3E6F-4A39-971D-97EFD8BEBECC}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D62B8A63-7108-44D5-B784-2147CF909797}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{55A52BC3-7919-4C14-9346-EC02CEBF5A7F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{199EEC89-3B7E-4D98-90CD-02ECBEC5381A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0A993BE5-E1B8-45C5-9D28-DBA4D6A95847}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{17C64131-1E47-4FDA-8C68-4ADAF5298F31}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{488C3482-9A6A-4ED4-9B9C-5513DC1BE0BA}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{76BA2FDC-2DC1-4A5A-AEEF-8A4D831E0195}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{552C6BB1-1BE4-4464-B891-C6C55A603C0B}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BB83D69B-33CE-4C55-91AB-40F166C72DD4}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6149EC2E-74FE-4D8C-B013-9F7798A925DD}] => (Allow) C:\Users\dotro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DFE668C7-AEC2-4717-AD9F-6EA0F0864F50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ibbandobb\ibbobb.exe () [File not signed]
FirewallRules: [{D41572ED-FAE3-4F4D-82BC-D34E58748ED6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ibbandobb\ibbobb.exe () [File not signed]
FirewallRules: [{20D4A563-8172-4721-AC99-793746FD8164}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{2C53C74A-BCE5-4B10-9256-9AC069B8A6F2}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{2A6CFEF3-E5D5-42E4-AE0E-2D152EBFA756}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{ED6088E4-D000-4491-A1E2-658410D5739B}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{5D1F062E-1B25-452A-A238-50C09FD24197}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe (Intel(R) Wireless Display -> )
FirewallRules: [{7C9A7CAA-5E37-4073-86B1-5EB2413C72C3}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{E4A606F9-3F90-4118-A15B-935CA4A37CF1}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE No File
FirewallRules: [{C363D7A1-E528-46AF-91FA-8D2ECCE4666F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2EAE9BA0-A877-40D3-AAE0-5A66571601D4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{37D6BB17-0271-4995-9B88-E032A30B2776}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5090D129-9818-41F5-906F-3F506AE9B52A}C:\users\dotro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dotro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FCE6C1E7-1F62-4621-B5FC-353FA87B3AFE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{80CBCA5D-446D-47A4-8A2D-82D7F336F0ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ADC1E5C3-3E44-4A91-B18C-44335D6967D6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{05A7031D-90D0-47A2-8259-68DD90BBD48F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{322E8357-1FBF-405C-822C-4474BBFA407C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [File not signed]
FirewallRules: [{E496342C-AEEF-442F-B644-D47FA937E833}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Chicken Horse\UltimateChickenHorse.exe () [File not signed]
FirewallRules: [TCP Query User{4EA0A876-892A-44B0-9C71-2FFEBEAED667}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{45776CBD-2D29-41FD-8627-8470B3B6248D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF9F46A6-0028-4CD4-95D2-7F179EDCEA4C}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]
FirewallRules: [{363F573C-BB1A-4B1E-A13B-4B1537B9D3A1}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]
FirewallRules: [TCP Query User{8B64122B-771D-4693-8188-9002119BE0A6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{DFD35B70-C076-4262-9420-7EAC4BDEB917}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{6128AAC6-DEC7-4978-86FC-42E871E7F6F9}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{D0078398-E1AC-4835-8775-FC8BF394D083}C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\dotro\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{92DA1E15-D1A7-4E26-9A74-741B003E5A0A}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{39583EC6-8939-4E61-B051-01B2BCD2D583}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.144\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{F088AC4B-F213-49B6-8559-E165B3B3B347}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{33424736-31A7-4A78-8587-E296A401FBB1}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.148\deploy\leagueclient.exe No File
FirewallRules: [{F44B3DE2-ABEA-4482-B58C-E219AA87559C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{62C8011D-25A2-461A-8DC5-D72E723C29DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [TCP Query User{0616DC55-9A42-4A08-91AF-82E77D545517}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{66040B4F-67EB-4770-8551-EB108F6232E6}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{CA42F039-E082-4861-A97A-8A62D13753CC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86BED0AE-A106-494F-8139-1C927D5F200C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{2A01B94C-D405-48D4-830A-EB346C26EB53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{E743611C-782C-405A-8955-7621CC2C2A84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overcooked! 2\Overcooked2.exe () [File not signed]
FirewallRules: [{A31204B0-906F-41E7-857D-14E10B787618}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Overcooked! 2\Overcooked2.exe () [File not signed]
FirewallRules: [{DF69D8DD-AAC9-40E9-8F17-EE816CCD9345}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B24A23AB-BCD5-4027-97C7-98C9B58D9ECC}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{F323F4C7-4632-4878-B36E-61E701991B8B}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{AAD0D9EE-4E1D-4A4B-844F-C90CE20F237F}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DCF69512-2861-44B6-83AC-12CD61AE2971}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{ED763667-0746-43DE-A45F-D631311FEA41}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B1678D3A-4EEA-4B9B-B864-F220623802F2}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{0AAA1AEB-5512-474B-9644-33C6B59F31F6}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B6FF0C31-107D-4522-9B07-27B41BBFADB0}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{FF880051-594D-4B18-8C2B-3691DC7F5669}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{DD525BD0-8C2D-41CA-BF1E-DEDADAD49753}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{7DF5BFAB-F5E9-4139-AA0A-C96554CE50DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{0FD80381-2A5D-49B5-A4AD-89AA67F3638C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{251FC6D0-3718-489B-A019-DFBA21FD71F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [TCP Query User{E95BC4FA-1AE8-4367-ACD6-062CCE720E36}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
FirewallRules: [UDP Query User{4AEAEEF0-6764-4B83-BF1D-B74E6340AAA7}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
FirewallRules: [{89AD1AB8-95DB-43FF-880C-006097039398}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{210C142F-4366-484F-8AD1-079D3E23FEA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
==================== Restore Points =========================
Check "VSS" service
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/26/2020 07:53:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10676,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/26/2020 07:27:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12304,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/26/2020 07:16:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SecHealthUI.exe verze 10.0.18362.628 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2084
Čas spuštění: 01d60397fb76ebdc
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
ID hlášení: 84ae121c-352d-4b62-8776-f155d5885fb8
Úplný název balíčku s chybou: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: SecHealthUI
Typ zablokování: Cross-process
Error: (03/26/2020 07:09:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9784,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/26/2020 07:07:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (03/26/2020 07:07:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (03/26/2020 07:07:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (03/26/2020 07:07:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000308,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000114517E0A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
System errors:
=============
Error: (03/26/2020 06:10:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Kingsoft_WPS_UpdateService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/26/2020 06:10:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Kingsoft_WPS_UpdateService bylo dosaženo časového limitu (45000 ms).
Error: (03/26/2020 05:29:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Kingsoft_WPS_UpdateService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/26/2020 05:29:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Kingsoft_WPS_UpdateService bylo dosaženo časového limitu (45000 ms).
Error: (03/26/2020 12:35:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (03/24/2020 08:13:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RSIJ9SI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/24/2020 08:13:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RSIJ9SI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/24/2020 08:13:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RSIJ9SI)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2020-03-26 16:45:04.077
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-26 16:41:02.299
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-26 16:40:47.245
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-26 16:40:28.006
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!MSR
ID: 2147742967
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-RSIJ9SI\dotro
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.313.42.0, AS: 1.313.42.0, NIS: 1.313.42.0
Verze modulu: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-03-26 13:26:04.181
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EB63B39F-2240-4482-B9FD-80170A887FA1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-12 19:46:08.424
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.311.1057.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16800.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-02-07 21:03:52.544
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.445.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-01-31 19:49:26.049
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.102.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-02-07 20:48:57.712
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.705
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.600
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.592
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.582
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.571
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.250
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-02-07 20:48:57.224
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: American Megatrends Inc. UX303UB.202 08/27/2015
Motherboard: ASUSTeK COMPUTER INC. UX303UB
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 56%
Total physical RAM: 8090.91 MB
Available physical RAM: 3510.76 MB
Total Virtual: 12698.91 MB
Available Virtual: 6762.8 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:237.32 GB) (Free:47.32 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{7954d40f-b5ed-48c2-b5f9-cd66c678da1e}\ () (Fixed) (Total:0.88 GB) (Free:0.41 GB) NTFS
\\?\Volume{eb380256-291a-4ac7-91cf-a79771fc0825}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: F2CB76F2)
Partition: GPT.
==================== End of Addition.txt =======================