Zdravím, prosím o kontrolu logu z FRST z důvodu problémů s PC - nelze připojit přílohu k e-mailu. Děkuji
Log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by petkr (administrator) on DESKTOP-DK56E1E (MSI MS-7971) (16-06-2020 19:30:11)
Running from C:\Users\petkr\OneDrive\Desktop
Loaded Profiles: petkr
Platform: Windows 10 Home Version 1903 18362.836 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\petkr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petkr\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petkr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.148.0.4\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.148.0.4\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe <3>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [185648 2020-04-04] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-06-05] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Run: [Gaijin.Net Updater] => C:\Users\petkr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Run: [Gaijin.Net Agent] => C:\Users\petkr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1752408 2020-05-24] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\MountPoints2: {7354eb2b-9ca0-11e9-8b82-806e6f6e6963} - "F:\autorun.exe"
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\Windows\system32\CNAB4LMD.DLL [58880 2012-10-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\Installer\setup.exe [2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2019-08-26]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2558891A-CB3A-410B-A6A1-ACB2E124BFF5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {395208E2-A814-4BE8-A9D9-3448B56EDE37} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45A51919-4EB3-4980-90CE-7A0172BAA2E0} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {537AE81C-E922-48A4-BF69-5C771D4DC6B8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6142A20D-AC74-4E75-BDBD-3C48FE0D3BDB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6793DB96-1BA2-4C6F-B35A-39516901BD8C} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2467160 2020-05-24] (Overwolf Ltd -> Overwolf LTD)
Task: {75BC0FE3-02D4-4EC6-8154-643A4D82AB3E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {760A8047-BEC4-4BB2-BE53-8A08A9252B6F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {887B8367-24CA-416A-B232-C5104A9D8DAF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92E6173C-89C3-412E-A22A-C96B6D0F689C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {95F848AD-7577-4A65-A688-48ED1A2972B6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CCB62266-F953-47E5-A636-6AB042BCAFBD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D9961A23-CC36-477A-84A6-16A96086FE9E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E1B88F44-6C0D-4458-81C8-CB9B90F0E0E7} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.100.1.234 8.8.8.8
Tcpip\..\Interfaces\{4c99f53c-bb15-4965-862a-ad379735beb4}: [DhcpNameServer] 10.100.1.234 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hal3000.cz/
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.hal3000.cz
Edge:
======
DownloadDir: C:\Users\petkr\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\petkr\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-16]
Edge DownloadDir: C:\Users\petkr\Downloads
FireFox:
========
FF DefaultProfile: drvx619k.default
FF ProfilePath: C:\Users\petkr\AppData\Roaming\Mozilla\Firefox\Profiles\drvx619k.default [2019-07-07]
FF ProfilePath: C:\Users\petkr\AppData\Roaming\Mozilla\Firefox\Profiles\g2u8jhl9.default-release [2020-06-16]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2020-04-30] (Adobe Systems Incorporated -> )
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-06-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-04-21] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-05-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\elevation_service.exe [1507208 2020-06-04] (Microsoft Corporation -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [873272 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2496816 2020-05-06] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3449656 2020-05-06] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2467160 2020-05-24] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2020-04-02] (Even Balance, Inc. -> )
S3 Rockstar Service; D:\Rockstar\Launcher\RockstarService.exe [1776768 2020-06-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-02-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9851648 2020-06-05] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-25] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [154336 2020-04-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106840 2020-03-19] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188872 2020-03-19] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [53048 2020-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79520 2020-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [115960 2020-03-19] (ESET, spol. s r.o. -> ESET)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_55e7fb10ab85a7c2\nvlddmkm.sys [23454448 2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6314736 2020-06-05] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-02-08] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-16 19:29 - 2020-06-16 19:30 - 000000000 ____D C:\FRST
2020-06-12 19:20 - 2020-06-12 19:20 - 000004382 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2020-06-12 19:20 - 2020-06-12 19:20 - 000000000 ____D C:\Users\petkr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2020-06-12 19:20 - 2020-06-12 19:20 - 000000000 ____D C:\ProgramData\Overwolf
2020-06-12 19:20 - 2020-06-12 19:20 - 000000000 ____D C:\Program Files (x86)\Overwolf
2020-06-12 19:18 - 2020-06-16 19:20 - 000000000 ____D C:\Users\petkr\AppData\Local\Overwolf
2020-06-11 17:32 - 2020-06-11 17:32 - 000000000 ____D C:\Users\petkr\AppData\Local\VALORANT
2020-06-11 09:36 - 2020-06-16 19:22 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2020-06-10 23:27 - 2020-06-10 23:27 - 000000000 ____D C:\Program Files\Riot Vanguard
2020-06-10 23:22 - 2020-06-10 23:22 - 068120744 _____ (Riot Games, Inc.) C:\Users\petkr\Downloads\Install VALORANT.exe
2020-06-10 23:18 - 2020-06-10 23:38 - 304450513 _____ (AGOT TEAM ) C:\Users\petkr\Downloads\CK2-icefiremod setup 2.2.exe
2020-06-10 10:19 - 2020-06-10 10:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-06-09 19:45 - 2020-06-11 09:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-07 08:23 - 2020-06-07 18:36 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-07 08:23 - 2020-06-07 18:36 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-07 08:23 - 2020-06-07 18:29 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-07 08:23 - 2020-06-07 18:29 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-05 19:18 - 2020-06-05 19:43 - 476389707 _____ C:\Users\petkr\Downloads\WH-Geheimnisnacht-Legacy_Setup.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001729240 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001729240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001329368 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001329368 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001079008 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 001079008 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000937688 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000937688 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000451480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000348056 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-06-02 21:45 - 2020-05-18 23:20 - 011944864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-06-02 21:45 - 2020-05-18 23:20 - 010286480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 005856664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 002072992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001722096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444614.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001566096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001484184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444614.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001482128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001350560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001141992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001048480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000816880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000811240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000680848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000676248 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000655080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000546720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000543144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-06-02 21:45 - 2020-05-18 23:18 - 017600240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-06-02 21:45 - 2020-05-18 23:18 - 015158000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-06-02 21:45 - 2020-05-18 23:18 - 005159320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-06-02 21:45 - 2020-05-18 23:17 - 004195656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-05-31 10:48 - 2020-05-31 10:48 - 000013267 _____ C:\Users\petkr\Downloads\1734393415_two_units_per_tile.zip
2020-05-31 09:58 - 2020-05-31 09:58 - 000000979 _____ C:\Users\petkr\Downloads\887394840_unit_stacking.zip
2020-05-31 09:57 - 2020-05-31 09:57 - 000025039 _____ C:\Users\petkr\Downloads\1784669003_collateral_damage.zip
2020-05-31 09:57 - 2020-05-31 09:57 - 000001876 _____ C:\Users\petkr\Downloads\1832546250_steel_and_thunder_everything_enabled.zip
2020-05-31 09:56 - 2020-05-31 09:57 - 298330067 _____ C:\Users\petkr\Downloads\1362931045_steel_and_thunder_unique_units.zip
2020-05-31 09:56 - 2020-05-31 09:56 - 075021802 _____ C:\Users\petkr\Downloads\1292617460_steel_and_thunder_unit_expansion.zip
2020-05-31 09:46 - 2020-05-31 09:46 - 000565224 _____ C:\Users\petkr\Downloads\1684010848_plenty_of_time_civic_technology_and_era_x_2.zip
2020-05-31 09:33 - 2020-05-31 09:33 - 000004057 _____ C:\Users\petkr\Downloads\1486770820_greatwall_forts_buff.zip
2020-05-31 09:29 - 2020-05-31 09:29 - 000001259 _____ C:\Users\petkr\Downloads\871506431_take_your_time_civic_x1_5.zip
2020-05-31 09:26 - 2020-05-31 09:26 - 000006095 _____ C:\Users\petkr\Downloads\2109972468_city_state_defender.zip
2020-05-31 09:26 - 2020-05-31 09:26 - 000001291 _____ C:\Users\petkr\Downloads\871506772_take_your_time_technology_x1_5.zip
2020-05-30 21:25 - 2020-05-30 21:25 - 000002987 _____ C:\Users\petkr\Downloads\973640366_better_great_wall_tile_improvement.zip
2020-05-30 21:19 - 2020-05-30 21:19 - 000002071 _____ C:\Users\petkr\Downloads\1231129696_greatwall_triggers_culturebomb_build_outside_of_territory.zip
2020-05-30 20:50 - 2020-05-30 20:50 - 000004465 _____ C:\Users\petkr\Downloads\1888955367_wmd_city_razing.zip
2020-05-30 20:45 - 2020-05-30 20:45 - 000407225 _____ C:\Users\petkr\Downloads\1142306094_strategic_forts.zip
2020-05-30 17:00 - 2020-05-30 17:00 - 000005371 _____ C:\Users\petkr\Downloads\894934462_larger_map_sizes.zip
2020-05-28 11:12 - 2020-05-28 11:12 - 000204093 _____ C:\Users\petkr\Downloads\(Part 2) Engine Fixes - skse64 Preloader and TBB Lib-17230-2-0-1547916672.7z
2020-05-28 11:07 - 2020-05-28 11:07 - 000755625 _____ C:\Users\petkr\Downloads\skse64_2_00_17.7z
2020-05-22 17:23 - 2020-05-29 21:54 - 000000000 ____D C:\Users\petkr\AppData\Roaming\FiraxisLive
2020-05-22 16:45 - 2020-05-30 17:04 - 000000000 ____D C:\Users\petkr\AppData\Roaming\2K
2020-05-22 16:45 - 2020-05-22 16:45 - 000000000 ____D C:\Users\petkr\AppData\Local\2K
2020-05-22 12:55 - 2020-05-30 09:04 - 042886902 _____ C:\Users\petkr\AppData\Roaming\gta5_patch.bin
2020-05-22 12:55 - 2020-05-22 12:55 - 000332800 _____ C:\Users\petkr\AppData\Roaming\patcher.dll
2020-05-22 12:41 - 2020-05-22 12:41 - 000000000 ____D C:\Users\petkr\AppData\Local\GTA_5_CZ_Manager
2020-05-20 19:55 - 2020-05-20 19:57 - 000000000 ____D C:\ProgramData\Epic
2020-05-20 19:55 - 2020-05-20 19:55 - 000000891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2020-05-20 19:55 - 2020-05-20 19:55 - 000000000 ____D C:\Users\petkr\AppData\Local\UnrealEngineLauncher
2020-05-20 19:55 - 2020-05-20 19:55 - 000000000 ____D C:\Users\petkr\AppData\Local\EpicGamesLauncher
2020-05-20 19:53 - 2020-05-20 19:53 - 044081152 _____ C:\Users\petkr\Downloads\EpicInstaller-10.15.2-e206aabf183e41a3a5ba19cc17405f14.msi
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-16 19:30 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-16 19:25 - 2019-09-25 18:26 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-16 19:25 - 2019-03-19 13:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-06-16 19:25 - 2019-03-19 13:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-06-16 19:25 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-16 19:21 - 2019-07-01 17:31 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-16 19:20 - 2019-07-07 14:09 - 000000000 ____D C:\Users\petkr\AppData\LocalLow\Mozilla
2020-06-16 19:20 - 2019-07-07 13:52 - 000000000 ___RD C:\Users\petkr\OneDrive
2020-06-16 19:19 - 2019-09-25 18:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-16 19:19 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-06-16 17:28 - 2019-07-12 22:26 - 000000000 ____D C:\Users\petkr\AppData\Local\Ubisoft Game Launcher
2020-06-16 17:26 - 2019-09-25 18:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-16 16:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-16 13:33 - 2019-09-25 18:26 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{ADBC676F-94A1-4F35-BC68-14C024A23243}
2020-06-16 09:59 - 2019-07-29 19:40 - 000000000 ____D C:\Users\petkr\AppData\Roaming\TS3Client
2020-06-14 14:59 - 2019-08-04 15:32 - 000000000 ____D C:\Users\petkr\AppData\Local\CrashDumps
2020-06-12 23:34 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-12 22:05 - 2019-07-08 20:35 - 000000000 ____D C:\Users\petkr\AppData\Roaming\Discord
2020-06-12 19:25 - 2019-08-24 16:39 - 000000000 ____D C:\Users\petkr\AppData\Local\D3DSCache
2020-06-11 17:32 - 2020-01-07 18:55 - 000000000 ____D C:\Users\petkr\AppData\Local\Riot Games
2020-06-11 15:00 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-11 09:36 - 2019-07-07 14:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-10 23:26 - 2020-01-07 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-06-10 15:59 - 2020-01-11 14:41 - 000000000 ___RD C:\Users\petkr\OneDrive\Dokumenty\Scanned Documents
2020-06-10 10:19 - 2019-07-07 14:09 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-06 23:41 - 2019-07-13 13:17 - 000000000 ____D C:\Users\petkr\OneDrive\Dokumenty\Paradox Interactive
2020-06-05 23:03 - 2019-03-19 06:56 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2019-03-19 06:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-04 21:02 - 2019-07-07 13:50 - 000000000 ____D C:\Users\petkr\AppData\Local\Packages
2020-06-04 13:39 - 2019-09-19 17:28 - 000000000 ____D C:\Program Files\Rockstar Games
2020-06-04 13:39 - 2019-09-19 17:28 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-06-04 07:54 - 2019-12-28 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2020-06-03 10:07 - 2019-07-28 14:26 - 000000000 ____D C:\Users\petkr\AppData\Local\NVIDIA
2020-06-01 17:31 - 2019-09-01 17:16 - 000000000 ____D C:\Program Files (x86)\Origin
2020-06-01 17:31 - 2019-09-01 17:13 - 000000000 ____D C:\Users\petkr\AppData\Local\Origin
2020-06-01 17:31 - 2019-09-01 17:13 - 000000000 ____D C:\ProgramData\Origin
2020-05-30 09:07 - 2019-08-25 08:40 - 000000000 ____D C:\Program Files\UNP
2020-05-27 19:59 - 2019-09-25 18:26 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2452798473-3973055187-1235544945-1001
2020-05-27 19:59 - 2019-09-25 18:20 - 000002372 _____ C:\Users\petkr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-26 17:01 - 2019-08-20 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2020-05-26 17:01 - 2019-08-20 18:37 - 000000000 ____D C:\Program Files\Nexus Mod Manager
2020-05-22 17:23 - 2019-07-09 14:16 - 000000000 ____D C:\Users\petkr\OneDrive\Dokumenty\My Games
2020-05-21 18:57 - 2019-09-19 17:28 - 000000000 ____D C:\Users\petkr\OneDrive\Dokumenty\Rockstar Games
2020-05-21 18:57 - 2019-09-19 17:28 - 000000000 ____D C:\Users\petkr\AppData\Local\Rockstar Games
2020-05-20 19:57 - 2019-07-02 09:53 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-20 19:55 - 2019-07-07 20:41 - 000000000 ____D C:\Users\petkr\AppData\Local\UnrealEngine
2020-05-18 23:17 - 2020-02-04 16:39 - 004928256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
==================== Files in the root of some directories ========
2020-05-22 12:55 - 2020-05-30 09:04 - 042886902 _____ () C:\Users\petkr\AppData\Roaming\gta5_patch.bin
2020-05-22 12:55 - 2020-05-22 12:55 - 000332800 _____ () C:\Users\petkr\AppData\Roaming\patcher.dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by petkr (16-06-2020 19:30:57)
Running from C:\Users\petkr\OneDrive\Desktop
Windows 10 Home Version 1903 18362.836 (X64) (2019-09-25 16:26:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2452798473-3973055187-1235544945-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2452798473-3973055187-1235544945-503 - Limited - Disabled)
Guest (S-1-5-21-2452798473-3973055187-1235544945-501 - Limited - Disabled)
petkr (S-1-5-21-2452798473-3973055187-1235544945-1001 - Administrator - Enabled) => C:\Users\petkr
WDAGUtilityAccount (S-1-5-21-2452798473-3973055187-1235544945-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
A Game of Thrones version 2.1 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\{7C82709E-75FE-4C3A-976A-8C97908DDD7B}_is1) (Version: 2.1 - AGOT TEAM)
A Way Out (HKLM-x32\...\{E8D752CF-2FCC-470D-B0C5-4BFC6F42ACCE}) (Version: 1.0.62.0 - Electronic Arts, Inc.)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts)
Battlestate Games Launcher 10.2.0.1139 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 10.2.0.1139 - Battlestate Games)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Crossout Launcher 1.0.3.110 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\CrossOutLauncher_is1) (Version: - )
Discord (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.6.7765 - Battlestate Games)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 13.1.21.0 - ESET, spol. s r.o.)
Fallout 4 - Čeština (HKLM-x32\...\{8995E8E7-1793-402E-87B7-F1E106783F84}) (Version: 0.9.8 - prekladyher.eu)
Farming Simulator 19 (HKLM-x32\...\FarmingSimulator2019_is1) (Version: 1.5.1 - GIANTS Software)
Floris Evolved (HKLM-x32\...\Floris Evolved) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Teams) (Version: 1.3.00.8663 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Middle Earth Project Installer - Easy way to install MEP for CK2 (HKLM-x32\...\Brojan Middle Earth Project Installer) (Version: 0.8.291 - Brojan)
Minecraft Launcher (HKLM-x32\...\{CFF44AE9-2908-4D7D-B48B-1CB5139015C7}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 77.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 77.0.1 (x64 cs)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.71.4 - Black Tree Gaming)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 446.14 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.70.40362 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.148.0.4 - Overwolf Ltd.)
Ovládací panel NVIDIA 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 446.14 - NVIDIA Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{3D662AC5-4616-4A1C-912E-BD5BF9C9F4C8}) (Version: 2.0.0.0 - Paradox Interactive)
PlanetSide 2 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.24.258 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.0.0 - Black Tree Gaming Ltd.)
War Thunder Launcher 1.0.3.171 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-08] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.37.4.0_x86__kgqvnymyfvs32 [2020-05-15] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1781.1.0_x86__kgqvnymyfvs32 [2020-06-11] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-30] (HP Inc.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-07] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-15] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-04] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2452798473-3973055187-1235544945-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\petkr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2452798473-3973055187-1235544945-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\petkr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-10-28] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\petkr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2019-07-14 00:10 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-09-01 17:16 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-09-01 17:16 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-09-01 17:16 - 2019-10-08 14:41 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\petkr\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\petkr\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\petkr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.100.1.234 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DBBCA6EE-336A-4E1B-BFF9-45DF4FE47940}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{71F1AB73-FDE6-491F-B9FD-102111C50590}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{D0E1BD2B-6EB9-48B8-9B32-ECF876310297}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{01CC598C-89DB-46BA-BA80-9FCB898EC45E}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9FC103C0-88CD-4645-B2C2-F9A2E616110B}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F257936D-83FD-49C7-A248-89A74B97FB79}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{2A027BB7-9BF9-4E58-9BC7-89DE944EA377}] => (Allow) E:\Origin SR\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{872F37D3-767A-4239-A364-12C77556DBD9}] => (Allow) E:\Origin SR\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{CA8E851A-D241-43A9-85DD-191CA7F08893}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{C009BC7F-1600-4562-B142-708FB2D65FFF}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{F4A9DCFC-079E-4429-9DE6-804E2211C1D1}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{DD2F67B7-B504-4FEF-8860-051A9C8CC6E7}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{8239559A-8D9D-4147-922E-71E79249A2A4}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{228EF431-AC71-4716-A8DA-72C269CD6E79}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{55600F63-1031-40B6-A7EC-B0004CEE2660}] => (Allow) D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{298B9D44-0FB3-4536-9237-BA7F60E12A8D}] => (Allow) D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{143B986A-705E-4028-B5BC-24B3AF5A262E}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{09C315D9-378C-45A8-AEEB-CF7E3FFB768B}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{6C54C782-91E2-4D48-8C43-D1B7C64C0B4E}] => (Allow) D:\Steam\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{CE3E5712-61A9-4DC4-A344-196C5A9F21EF}] => (Allow) D:\Steam\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{D5BF907D-8C46-443E-93AC-66D656585187}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{555ECED4-AC9C-40DB-AC97-2C429E26D0FB}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{5F55F04D-6D0C-4156-9B08-79258A8BB876}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{C22A3F77-CF9C-4E82-9344-3131405A380D}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{385FA2FC-B6D1-49E6-8270-AE0E95E0E554}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{38EC9883-A499-4BB9-A5D5-06339F59EA06}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{AEFD2FFD-809A-4B67-9A43-0666366F76C5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1A0361D2-E013-46AA-9FCB-E60FBAC79E80}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3FB6D456-071C-4C1C-B740-D6BA484B212A}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{88EDAC1C-3E3A-4468-918A-B416478C0F1D}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BF098AD8-FE5A-4E33-AB14-20845F8237DE}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A943D7DC-8B39-4888-B875-B52D383EFB61}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0F4FD65B-CBE8-40A3-9080-28919381E79A}] => (Allow) D:\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D2D923D9-8EC4-44A1-8E41-203ECD550644}] => (Allow) D:\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{03E0BB43-DBE1-446C-8965-6E0CC1BA13AB}] => (Allow) D:\Steam\steamapps\common\Kenshi\kenshi_x64.exe () [File not signed]
FirewallRules: [{A93C29E3-65A8-4E54-9ED6-B81AB12F70EA}] => (Allow) D:\Steam\steamapps\common\Kenshi\kenshi_x64.exe () [File not signed]
FirewallRules: [{D87B17C2-C634-47A1-BC4E-63C822F513AE}] => (Allow) D:\Steam\steamapps\common\Kenshi\forgotten construction set.exe (LoFi Games) [File not signed]
FirewallRules: [{0FA908CA-C1B3-4948-AF42-74D6C0F3E280}] => (Allow) D:\Steam\steamapps\common\Kenshi\forgotten construction set.exe (LoFi Games) [File not signed]
FirewallRules: [{507E9E61-375A-474C-9610-D129830A2D41}] => (Allow) E:\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{7ABA67F1-1846-4664-B3A8-6F9AACF65802}] => (Allow) E:\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{3A56E896-D843-4F05-BD18-0C6FB045AE0D}] => (Allow) E:\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{FEF82F11-7CDA-42EB-81E1-15F9888BBC13}] => (Allow) E:\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{64055EA3-011E-4432-8739-E808972DFB3B}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{7A2DBF53-BE5C-4212-928B-4DD651A26F71}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{7FC14DE0-69CE-42D9-8F91-5E4E4515ED43}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{DE09427D-65C5-4710-BFF5-5C460AF88357}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{64C2DC68-AD6C-42E1-9C3E-2DB052C31CA6}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{AAB9CCF8-B0A6-4249-8EE0-0F8C9D30BB21}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{3056FA58-8AEC-4163-853A-EB28754E1C07}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{4A36A3FA-F0FD-481B-A9D6-2D6198B5C0ED}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8FA2D668-5FBC-4E43-A0C1-5B9690C49F51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E8A09DF1-F310-4EDC-93CC-9C8D00D5CC21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{404A7905-CA3A-4BDB-BBF3-D85AC17436FA}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{718B3B89-CDAF-44A9-8CD0-8C37FC17875B}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{C5BBE57A-2A16-4630-877B-0E7DADE81295}] => (Allow) D:\Steam\steamapps\common\Holdfast Nations At War\Holdfast NaW.exe () [File not signed]
FirewallRules: [{9C8C5BDC-B9F5-49AE-8003-73FB694DE3C4}] => (Allow) D:\Steam\steamapps\common\Holdfast Nations At War\Holdfast NaW.exe () [File not signed]
FirewallRules: [{D76FC6E5-9860-4A8F-BA65-9FC5DFF5604C}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{5FD47D25-9DD5-4FE5-9EF4-0071E01EB8D4}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{0F374929-80B0-4398-9C15-F99273F17C59}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{3A7A1ABA-0A6A-42F4-B850-A7E61C463074}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{BFB6DDA0-779B-4794-A942-3425D93B8D91}] => (Allow) D:\Steam\steamapps\common\Sniper Ghost Warrior Contracts\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{7DAFFC2F-C47C-4A6F-9AFF-5BCF82CD226F}] => (Allow) D:\Steam\steamapps\common\Sniper Ghost Warrior Contracts\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{8C788F98-32BF-495A-99CB-6B1A26A3BB62}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6428C6D1-3BD6-4858-9B71-25A842166ACD}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{BDF75493-485C-4F05-9114-23211486156E}] => (Allow) D:\Steam\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{3D5D1B62-A69D-4361-A101-38D96A768802}] => (Allow) D:\Steam\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{D1FC208C-9420-436C-9ABC-FC062D94848B}] => (Allow) E:\SteamLibrary SR\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{9DDFE7D4-F904-474F-B800-FE8BAE76B4D9}] => (Allow) E:\SteamLibrary SR\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{5A611E72-3F25-46EA-8591-F24BA6294C50}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{BBBCC332-7B27-464D-A5F5-7806909730D2}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{DDCE37A6-748C-4FC4-A500-818637CDB9C3}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{2A416B3C-F3CA-4251-9F87-3261796E55F0}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{6DF17E3D-BCD0-4FBA-A4C6-9D2EEFAE77CF}] => (Allow) D:\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B6F9DE9C-91E7-4E3F-818E-5AE15E79B81D}] => (Allow) D:\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{AF027B47-1101-4187-95E6-E3E3344C0F8C}] => (Allow) E:\SteamLibrary SR\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
FirewallRules: [{162196B0-32EE-4C50-B080-C10B042008FE}] => (Allow) E:\SteamLibrary SR\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
FirewallRules: [{78722813-A025-4022-BDD5-7BA0AA70BAE2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E04C4E66-E4B2-46E8-A639-F9812F6C03AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A4DC325C-E25B-4B3A-86D3-F4810F5903FA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{95356841-5415-4721-B74F-667C5517FF28}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{ABE0E631-86BE-4CE4-82C7-99A1B0DD1B00}] => (Allow) D:\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{D082302C-DDC0-415C-92DC-5E0B2FA7DBB4}] => (Allow) D:\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{268AD3B8-E6C4-4F66-BA17-8878484458E2}] => (Allow) E:\SteamLibrary SR\steamapps\common\Goat of Duty\GoatOfDuty.exe () [File not signed]
FirewallRules: [{637C286F-703C-4D7E-81F6-370E91FE9EC6}] => (Allow) E:\SteamLibrary SR\steamapps\common\Goat of Duty\GoatOfDuty.exe () [File not signed]
FirewallRules: [{6A339F5B-D513-461C-BADF-3068B588F46A}] => (Allow) D:\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{98FA4CD9-BA61-4292-B4B7-E7093DB06E80}] => (Allow) D:\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{C8160EA8-8A63-4557-B9A5-AAEB5BC20913}] => (Allow) E:\SteamLibrary SR\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{7B001C9F-8C60-41A0-B3F9-EB9C6CB71705}] => (Allow) E:\SteamLibrary SR\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{163E5504-B156-40FB-B62E-C2FDAB60DFC1}] => (Allow) E:\SteamLibrary SR\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments)
FirewallRules: [{097D66C8-80FE-4337-93D0-FC7214A3F3D6}] => (Allow) E:\SteamLibrary SR\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments)
FirewallRules: [{DDE524CB-3CCF-49C9-81A6-9C7974AB7F23}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{54F0F32B-C3FF-481A-AC3B-C61788867B67}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{D83A8D21-B934-4DF4-A6F3-577DA3E70349}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\LaunchWinterWar.exe () [File not signed]
FirewallRules: [{2EAA5C85-41AF-40D8-876D-880CCC71FE37}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\LaunchWinterWar.exe () [File not signed]
FirewallRules: [{C97D33C6-5B93-4E0A-AFE9-1FD86A73F072}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{604CE472-C8AE-43CF-BD29-7A605360BE93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5A773CD8-1E00-47BC-B96F-E862BB723A2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D73CA0C-EFE1-428C-AF12-504BBD4A2E2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F05F407F-AF37-442B-85BE-9E8EF505227B}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Tannenberg\Tannenberg.exe () [File not signed]
FirewallRules: [{08B3E69A-FD8D-4D83-BE7B-BD0641795DA7}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Tannenberg\Tannenberg.exe () [File not signed]
FirewallRules: [{9BBDD070-C03C-478A-9CDF-BDE992D3B827}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{33C8C4EB-FB4D-485F-B122-F5CD2B6CEBF2}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{EF92EE69-F44E-448D-8371-74A84F7382D0}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War SHOGUN 2\Shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{F74DA13E-8A61-40DF-8A6B-A116D697BF15}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War SHOGUN 2\Shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{AEF396BB-BBE8-42D9-A4D5-F9C9C7A8A7CD}] => (Allow) E:\SteamLibrary SR\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{FFD1C606-CD15-45B8-81D7-6304117F82DF}] => (Allow) E:\SteamLibrary SR\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9C2D3670-7DF9-4B3E-A444-6F25A2D80D4E}] => (Allow) E:\SteamLibrary SR\steamapps\common\LEGONinjago\LEGONINJAGO_DX11.exe (Travellers Tales (UK) Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{F5FB750D-1E8A-4988-82A9-5E5053126C6C}] => (Allow) E:\SteamLibrary SR\steamapps\common\LEGONinjago\LEGONINJAGO_DX11.exe (Travellers Tales (UK) Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{980485BD-8082-48CC-8F60-6F8B339C6E27}] => (Allow) E:\SteamLibrary SR\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{211293E3-60C6-4BDF-B0E4-2480458F33E5}] => (Allow) E:\SteamLibrary SR\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{627CB391-30D0-4480-9E88-50CF35212A55}] => (Allow) E:\SteamLibrary SR\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{090E161D-945B-4AA7-8AB0-7886E978D89E}] => (Allow) E:\SteamLibrary SR\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{5BC0DA56-4D42-4C83-9441-DE7DF5F4E4C5}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{3B77F57A-B485-4BD8-9F1D-FB96EBA46052}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{C6205BE2-BEF0-4CA6-9669-6EFBC5CE7515}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A425459C-D393-417C-8BD1-C48BB02C923E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{930C7984-5F52-48C5-929F-36CA51C3DD62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C82DD3B-2AD5-4608-A6E3-B9A4FCAC2226}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C235D78-E046-46AE-82B0-2FA54E87FBD2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{05E30497-2FB6-470C-BA94-16E4850F41BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F3FBB24F-08C6-446D-84ED-A7D26A042314}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{96EE39F0-045C-4EDC-9A8E-CE072E105D6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F76E365-0DF1-48AA-BB84-85791E2DC1A0}] => (Allow) E:\Games\Escape from Tarkov\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{C64A529D-0E5B-4D1F-9CF7-2CD80D11682B}] => (Allow) E:\Games\Escape from Tarkov\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{51AF8364-1EFD-49ED-818B-56E5A91DC3CC}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{3A13AE4E-C8C8-4902-8EC1-FFAD72E1D95D}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{42D8D95D-B9C7-49F1-BA3F-0FBE5CCDA0AA}] => (Allow) D:\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{48A8BBE4-DE13-48B5-8561-873B2C1EED07}] => (Allow) D:\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{D667669F-DD5C-48EB-80C6-9E74636AA196}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A59F1C9A-D423-41C4-8CE9-F9B9328268AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12827.20268.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{62A1DC7E-20EB-4051-8D52-616A48812F96}] => (Allow) D:\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{1E08FA38-3AC2-42B6-8EE6-18673E34DA93}] => (Allow) D:\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{73A999E7-708D-4C4B-B54E-98B5D310384D}] => (Allow) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1755F5AA-C768-4D5B-AD2C-FD0F3DF4B1B1}] => (Allow) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1465433C-7E76-479D-9759-1BB870904787}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DEB15019-CFED-4BFA-AA4D-B5D3D107DC0B}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FAC96C56-9B71-4D8C-99BA-E1A47EC9D228}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{91BE87F7-E0AD-43F2-8097-DEF643ECB9A8}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{593F19D5-D8BC-4945-AF4C-B54DED707011}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{7F525BAC-E0A9-4420-9861-959DF4854CAB}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
==================== Restore Points =========================
10-06-2020 23:27:45 Nainstalováno rozhraní DirectX
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/16/2020 07:10:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3168,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/16/2020 07:04:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14004,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/16/2020 06:57:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5156,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/16/2020 06:52:18 PM) (Source: Firefox) (EventID: 13) (User: )
Description: Event-ID 13
Error: (06/16/2020 06:50:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.18362.1, časové razítko: 0x32d6c210
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.815, časové razítko: 0xb29ecf52
Kód výjimky: 0xc0000008
Posun chyby: 0x000000000009feba
ID chybujícího procesu: 0xf44
Čas spuštění chybující aplikace: 0x01d643fe3bab02e9
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 443e3c0c-2bbb-4065-91f0-294973f0955e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/16/2020 06:44:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4436,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/16/2020 06:21:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.18362.1, časové razítko: 0x32d6c210
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.815, časové razítko: 0xb29ecf52
Kód výjimky: 0xc0000008
Posun chyby: 0x000000000009feba
ID chybujícího procesu: 0xed0
Čas spuštění chybující aplikace: 0x01d643fa3a5dc81e
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 68edf12f-2939-4afc-bdf1-f90b526992ae
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/16/2020 06:14:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 77.0.1.7458 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2e98
Čas spuštění: 01d643f90e44b302
Čas ukončení: 10
Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
ID hlášení: d16c872b-2952-4524-b7b6-2a928166cc02
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Cross-process
System errors:
=============
Error: (06/16/2020 06:50:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Načítání obrázků (WIA) byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/16/2020 06:21:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Načítání obrázků (WIA) byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/16/2020 06:21:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-DK56E1E)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_183a1ee8 s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (06/16/2020 06:21:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Uživatelská služba pro GameDVR a vysílání her_183a1ee8 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (06/16/2020 06:21:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Uživatelská služba pro GameDVR a vysílání her_183a1ee8 bylo dosaženo časového limitu (30000 ms).
Error: (06/16/2020 07:26:11 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 07:26:11 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 07:26:11 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2020-06-16 19:22:04.434
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-16 19:22:04.419
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-16 19:22:04.320
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-16 19:22:04.310
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-16 19:22:03.353
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-16 19:22:03.349
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-16 19:22:03.342
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-16 19:03:33.680
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. C.70 05/23/2016
Motherboard: MSI B150 PC MATE (MS-7971)
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 26%
Total physical RAM: 16346.73 MB
Available physical RAM: 11989.24 MB
Total Virtual: 23002.73 MB
Available Virtual: 16879.23 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:222.58 GB) (Free:116.73 GB) NTFS
Drive d: (Petrik) (Fixed) (Total:931.51 GB) (Free:186 GB) NTFS
Drive e: (Petr) (Fixed) (Total:931.51 GB) (Free:295.06 GB) NTFS
\\?\Volume{bd2b7066-0000-0000-0000-100000000000}\ (Boot) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{bd2b7066-0000-0000-0000-90c437000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: BD2B7066)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=509 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4374420A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 75B7C2EC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu - problém s PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - problém s PC
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - problém s PC
Zasílám log:
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 16.06.20
Čas skenování: 19:57
Logovací soubor: d98bfcde-affa-11ea-bab7-4ccc6a63ed89.json
-Informace o softwaru-
Verze: 4.1.0.56
Verze komponentů: 1.0.955
Aktualizovat verzi balíku komponent: 1.0.25594
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 18362.836)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-DK56E1E\petkr
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 286425
Zjištěné hrozby: 2
Hrozby umístěné do karantény: 0
Uplynulý čas: 0 min, 49 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU, Žádná uživatelská akce, 624, 472300, 1.0.25594, , ame,
Hodnota v registru: 1
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU|CLIENTID, Žádná uživatelská akce, 624, 472300, 1.0.25594, , ame,
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 16.06.20
Čas skenování: 19:57
Logovací soubor: d98bfcde-affa-11ea-bab7-4ccc6a63ed89.json
-Informace o softwaru-
Verze: 4.1.0.56
Verze komponentů: 1.0.955
Aktualizovat verzi balíku komponent: 1.0.25594
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 18362.836)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-DK56E1E\petkr
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 286425
Zjištěné hrozby: 2
Hrozby umístěné do karantény: 0
Uplynulý čas: 0 min, 49 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU, Žádná uživatelská akce, 624, 472300, 1.0.25594, , ame,
Hodnota v registru: 1
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU|CLIENTID, Žádná uživatelská akce, 624, 472300, 1.0.25594, , ame,
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Re: Prosím o kontrolu logu - problém s PC
Ještě log z AdwCleaner:
# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-16-2020
# Duration: 00:00:15
# OS: Windows 10 Home
# Scanned: 31836
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.TweakBit HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tweakbit.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-16-2020
# Duration: 00:00:15
# OS: Windows 10 Home
# Scanned: 31836
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.TweakBit HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tweakbit.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Re: Prosím o kontrolu logu - problém s PC
Tuhletu možnost: Cisteni a opravy (Clean and Repair) mi program nenabídnul
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - problém s PC
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - problém s PC
Nové logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by petkr (administrator) on DESKTOP-DK56E1E (MSI MS-7971) (17-06-2020 10:56:04)
Running from C:\Users\petkr\OneDrive\Desktop
Loaded Profiles: petkr
Platform: Windows 10 Home Version 1903 18362.836 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petkr\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petkr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.148.0.4\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.148.0.4\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe <3>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [185648 2020-04-04] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-06-05] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Run: [Gaijin.Net Updater] => C:\Users\petkr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Run: [Gaijin.Net Agent] => C:\Users\petkr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1752408 2020-05-24] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\MountPoints2: {7354eb2b-9ca0-11e9-8b82-806e6f6e6963} - "F:\autorun.exe"
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\Windows\system32\CNAB4LMD.DLL [58880 2012-10-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\Installer\setup.exe [2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2019-08-26]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2558891A-CB3A-410B-A6A1-ACB2E124BFF5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {395208E2-A814-4BE8-A9D9-3448B56EDE37} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45A51919-4EB3-4980-90CE-7A0172BAA2E0} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {537AE81C-E922-48A4-BF69-5C771D4DC6B8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6142A20D-AC74-4E75-BDBD-3C48FE0D3BDB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6793DB96-1BA2-4C6F-B35A-39516901BD8C} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2467160 2020-05-24] (Overwolf Ltd -> Overwolf LTD)
Task: {75BC0FE3-02D4-4EC6-8154-643A4D82AB3E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {760A8047-BEC4-4BB2-BE53-8A08A9252B6F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {887B8367-24CA-416A-B232-C5104A9D8DAF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92E6173C-89C3-412E-A22A-C96B6D0F689C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {95F848AD-7577-4A65-A688-48ED1A2972B6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CCB62266-F953-47E5-A636-6AB042BCAFBD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D9961A23-CC36-477A-84A6-16A96086FE9E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E1B88F44-6C0D-4458-81C8-CB9B90F0E0E7} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.100.1.234 8.8.8.8
Tcpip\..\Interfaces\{4c99f53c-bb15-4965-862a-ad379735beb4}: [DhcpNameServer] 10.100.1.234 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hal3000.cz/
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.hal3000.cz
Edge:
======
DownloadDir: C:\Users\petkr\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\petkr\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-16]
Edge DownloadDir: C:\Users\petkr\Downloads
FireFox:
========
FF DefaultProfile: drvx619k.default
FF ProfilePath: C:\Users\petkr\AppData\Roaming\Mozilla\Firefox\Profiles\drvx619k.default [2019-07-07]
FF ProfilePath: C:\Users\petkr\AppData\Roaming\Mozilla\Firefox\Profiles\g2u8jhl9.default-release [2020-06-17]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2020-04-30] (Adobe Systems Incorporated -> )
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-06-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8630808 2020-06-14] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-05-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe [1507216 2020-06-12] (Microsoft Corporation -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [873272 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2496816 2020-05-06] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3449656 2020-05-06] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2467160 2020-05-24] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2020-04-02] (Even Balance, Inc. -> )
S3 Rockstar Service; D:\Rockstar\Launcher\RockstarService.exe [1776768 2020-06-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-02-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9851648 2020-06-05] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-25] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [154336 2020-04-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106840 2020-03-19] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188872 2020-03-19] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [53048 2020-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79520 2020-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [115960 2020-03-19] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-06-16] (Malwarebytes Corporation -> Malwarebytes)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [196456 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131728 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_55e7fb10ab85a7c2\nvlddmkm.sys [23454448 2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6314736 2020-06-05] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-02-08] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-16 20:05 - 2020-06-16 20:05 - 000000000 ____D C:\AdwCleaner
2020-06-16 19:57 - 2020-06-16 19:57 - 000196456 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-06-16 19:57 - 2020-06-16 19:57 - 000131728 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-06-16 19:57 - 2020-06-16 19:57 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-06-16 19:57 - 2020-06-16 19:57 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-16 19:57 - 2020-06-16 19:57 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-16 19:57 - 2020-06-16 19:57 - 000000000 ____D C:\Users\petkr\AppData\Local\mbam
2020-06-16 19:56 - 2020-06-16 19:56 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-16 19:56 - 2020-06-16 19:56 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-06-16 19:56 - 2020-06-16 19:56 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-16 19:56 - 2020-06-16 19:56 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-16 19:56 - 2020-06-16 19:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-16 19:56 - 2020-06-16 19:56 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-16 19:56 - 2020-06-16 19:56 - 000000000 ____D C:\Malwarebytes
2020-06-16 19:29 - 2020-06-17 10:56 - 000000000 ____D C:\FRST
2020-06-12 19:20 - 2020-06-12 19:20 - 000004382 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2020-06-12 19:20 - 2020-06-12 19:20 - 000000000 ____D C:\Users\petkr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2020-06-12 19:20 - 2020-06-12 19:20 - 000000000 ____D C:\ProgramData\Overwolf
2020-06-12 19:20 - 2020-06-12 19:20 - 000000000 ____D C:\Program Files (x86)\Overwolf
2020-06-12 19:18 - 2020-06-17 06:38 - 000000000 ____D C:\Users\petkr\AppData\Local\Overwolf
2020-06-11 17:32 - 2020-06-11 17:32 - 000000000 ____D C:\Users\petkr\AppData\Local\VALORANT
2020-06-11 09:36 - 2020-06-16 19:55 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2020-06-10 23:27 - 2020-06-10 23:27 - 000000000 ____D C:\Program Files\Riot Vanguard
2020-06-10 10:19 - 2020-06-10 10:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-06-09 19:45 - 2020-06-11 09:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-07 08:23 - 2020-06-17 06:39 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-07 08:23 - 2020-06-17 06:39 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-07 08:23 - 2020-06-07 18:29 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-07 08:23 - 2020-06-07 18:29 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-02 21:45 - 2020-05-18 23:21 - 001729240 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001729240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001329368 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001329368 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001079008 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 001079008 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000937688 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000937688 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000451480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000348056 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-06-02 21:45 - 2020-05-18 23:20 - 011944864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-06-02 21:45 - 2020-05-18 23:20 - 010286480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 005856664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 002072992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001722096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444614.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001566096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001484184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444614.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001482128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001350560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001141992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001048480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000816880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000811240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000680848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000676248 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000655080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000546720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000543144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-06-02 21:45 - 2020-05-18 23:18 - 017600240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-06-02 21:45 - 2020-05-18 23:18 - 015158000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-06-02 21:45 - 2020-05-18 23:18 - 005159320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-06-02 21:45 - 2020-05-18 23:17 - 004195656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-05-22 17:23 - 2020-05-29 21:54 - 000000000 ____D C:\Users\petkr\AppData\Roaming\FiraxisLive
2020-05-22 16:45 - 2020-05-30 17:04 - 000000000 ____D C:\Users\petkr\AppData\Roaming\2K
2020-05-22 16:45 - 2020-05-22 16:45 - 000000000 ____D C:\Users\petkr\AppData\Local\2K
2020-05-22 12:55 - 2020-05-30 09:04 - 042886902 _____ C:\Users\petkr\AppData\Roaming\gta5_patch.bin
2020-05-22 12:55 - 2020-05-22 12:55 - 000332800 _____ C:\Users\petkr\AppData\Roaming\patcher.dll
2020-05-22 12:41 - 2020-05-22 12:41 - 000000000 ____D C:\Users\petkr\AppData\Local\GTA_5_CZ_Manager
2020-05-20 19:55 - 2020-05-20 19:57 - 000000000 ____D C:\ProgramData\Epic
2020-05-20 19:55 - 2020-05-20 19:55 - 000000891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2020-05-20 19:55 - 2020-05-20 19:55 - 000000000 ____D C:\Users\petkr\AppData\Local\UnrealEngineLauncher
2020-05-20 19:55 - 2020-05-20 19:55 - 000000000 ____D C:\Users\petkr\AppData\Local\EpicGamesLauncher
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-17 10:54 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-17 07:23 - 2019-09-25 18:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-17 06:54 - 2019-07-01 17:31 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-17 06:52 - 2019-07-07 14:09 - 000000000 ____D C:\Users\petkr\AppData\LocalLow\Mozilla
2020-06-17 06:48 - 2020-01-10 18:06 - 000000000 ____D C:\Users\petkr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AGOT
2020-06-17 06:41 - 2019-09-25 18:26 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{ADBC676F-94A1-4F35-BC68-14C024A23243}
2020-06-17 06:38 - 2019-07-07 13:52 - 000000000 ___RD C:\Users\petkr\OneDrive
2020-06-16 21:03 - 2019-09-27 21:52 - 000000000 ____D C:\Users\petkr\AppData\Roaming\Twitch
2020-06-16 21:02 - 2019-07-29 19:40 - 000000000 ____D C:\Users\petkr\AppData\Roaming\TS3Client
2020-06-16 19:56 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-16 19:25 - 2019-09-25 18:26 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-16 19:25 - 2019-03-19 13:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-06-16 19:25 - 2019-03-19 13:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-06-16 19:25 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-16 19:19 - 2019-09-25 18:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-16 19:19 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-06-16 17:28 - 2019-07-12 22:26 - 000000000 ____D C:\Users\petkr\AppData\Local\Ubisoft Game Launcher
2020-06-16 16:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-14 14:59 - 2019-08-04 15:32 - 000000000 ____D C:\Users\petkr\AppData\Local\CrashDumps
2020-06-12 23:34 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-12 22:05 - 2019-07-08 20:35 - 000000000 ____D C:\Users\petkr\AppData\Roaming\Discord
2020-06-12 19:25 - 2019-08-24 16:39 - 000000000 ____D C:\Users\petkr\AppData\Local\D3DSCache
2020-06-11 17:32 - 2020-01-07 18:55 - 000000000 ____D C:\Users\petkr\AppData\Local\Riot Games
2020-06-11 15:00 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-11 09:36 - 2019-07-07 14:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-10 23:26 - 2020-01-07 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-06-10 15:59 - 2020-01-11 14:41 - 000000000 ___RD C:\Users\petkr\OneDrive\Dokumenty\Scanned Documents
2020-06-10 10:19 - 2019-07-07 14:09 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-06 23:41 - 2019-07-13 13:17 - 000000000 ____D C:\Users\petkr\OneDrive\Dokumenty\Paradox Interactive
2020-06-05 23:03 - 2019-03-19 06:56 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2019-03-19 06:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-04 21:02 - 2019-07-07 13:50 - 000000000 ____D C:\Users\petkr\AppData\Local\Packages
2020-06-04 13:39 - 2019-09-19 17:28 - 000000000 ____D C:\Program Files\Rockstar Games
2020-06-04 13:39 - 2019-09-19 17:28 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-06-04 07:54 - 2019-12-28 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2020-06-03 10:07 - 2019-07-28 14:26 - 000000000 ____D C:\Users\petkr\AppData\Local\NVIDIA
2020-06-01 17:31 - 2019-09-01 17:16 - 000000000 ____D C:\Program Files (x86)\Origin
2020-06-01 17:31 - 2019-09-01 17:13 - 000000000 ____D C:\Users\petkr\AppData\Local\Origin
2020-06-01 17:31 - 2019-09-01 17:13 - 000000000 ____D C:\ProgramData\Origin
2020-05-30 09:07 - 2019-08-25 08:40 - 000000000 ____D C:\Program Files\UNP
2020-05-27 19:59 - 2019-09-25 18:26 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2452798473-3973055187-1235544945-1001
2020-05-27 19:59 - 2019-09-25 18:20 - 000002372 _____ C:\Users\petkr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-26 17:01 - 2019-08-20 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2020-05-26 17:01 - 2019-08-20 18:37 - 000000000 ____D C:\Program Files\Nexus Mod Manager
2020-05-22 17:23 - 2019-07-09 14:16 - 000000000 ____D C:\Users\petkr\OneDrive\Dokumenty\My Games
2020-05-21 18:57 - 2019-09-19 17:28 - 000000000 ____D C:\Users\petkr\OneDrive\Dokumenty\Rockstar Games
2020-05-21 18:57 - 2019-09-19 17:28 - 000000000 ____D C:\Users\petkr\AppData\Local\Rockstar Games
2020-05-20 19:57 - 2019-07-02 09:53 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-20 19:55 - 2019-07-07 20:41 - 000000000 ____D C:\Users\petkr\AppData\Local\UnrealEngine
2020-05-18 23:17 - 2020-02-04 16:39 - 004928256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
==================== Files in the root of some directories ========
2020-05-22 12:55 - 2020-05-30 09:04 - 042886902 _____ () C:\Users\petkr\AppData\Roaming\gta5_patch.bin
2020-05-22 12:55 - 2020-05-22 12:55 - 000332800 _____ () C:\Users\petkr\AppData\Roaming\patcher.dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by petkr (17-06-2020 10:56:59)
Running from C:\Users\petkr\OneDrive\Desktop
Windows 10 Home Version 1903 18362.836 (X64) (2019-09-25 16:26:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2452798473-3973055187-1235544945-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2452798473-3973055187-1235544945-503 - Limited - Disabled)
Guest (S-1-5-21-2452798473-3973055187-1235544945-501 - Limited - Disabled)
petkr (S-1-5-21-2452798473-3973055187-1235544945-1001 - Administrator - Enabled) => C:\Users\petkr
WDAGUtilityAccount (S-1-5-21-2452798473-3973055187-1235544945-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
A Game of Thrones version 2.2 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\{7C82709E-75FE-4C3A-976A-8C97908DDD7B}_is1) (Version: 2.2 - AGOT TEAM)
A Way Out (HKLM-x32\...\{E8D752CF-2FCC-470D-B0C5-4BFC6F42ACCE}) (Version: 1.0.62.0 - Electronic Arts, Inc.)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts)
Battlestate Games Launcher 10.2.0.1139 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 10.2.0.1139 - Battlestate Games)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Crossout Launcher 1.0.3.110 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\CrossOutLauncher_is1) (Version: - )
Discord (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.6.7765 - Battlestate Games)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 13.1.21.0 - ESET, spol. s r.o.)
Fallout 4 - Čeština (HKLM-x32\...\{8995E8E7-1793-402E-87B7-F1E106783F84}) (Version: 0.9.8 - prekladyher.eu)
Farming Simulator 19 (HKLM-x32\...\FarmingSimulator2019_is1) (Version: 1.5.1 - GIANTS Software)
Floris Evolved (HKLM-x32\...\Floris Evolved) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Teams) (Version: 1.3.00.8663 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Middle Earth Project Installer - Easy way to install MEP for CK2 (HKLM-x32\...\Brojan Middle Earth Project Installer) (Version: 0.8.291 - Brojan)
Minecraft Launcher (HKLM-x32\...\{CFF44AE9-2908-4D7D-B48B-1CB5139015C7}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 77.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 77.0.1 (x64 cs)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.71.4 - Black Tree Gaming)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 446.14 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.70.40362 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.148.0.4 - Overwolf Ltd.)
Ovládací panel NVIDIA 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 446.14 - NVIDIA Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{3D662AC5-4616-4A1C-912E-BD5BF9C9F4C8}) (Version: 2.0.0.0 - Paradox Interactive)
PlanetSide 2 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.24.258 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.0.0 - Black Tree Gaming Ltd.)
War Thunder Launcher 1.0.3.171 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-08] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.37.4.0_x86__kgqvnymyfvs32 [2020-05-15] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1781.1.0_x86__kgqvnymyfvs32 [2020-06-11] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-30] (HP Inc.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-07] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-15] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-04] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2452798473-3973055187-1235544945-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\petkr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2452798473-3973055187-1235544945-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\petkr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-10-28] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\petkr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2019-07-14 00:10 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-09-01 17:16 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-09-01 17:16 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-09-01 17:16 - 2019-10-08 14:41 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\petkr\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\petkr\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\petkr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.100.1.234 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DBBCA6EE-336A-4E1B-BFF9-45DF4FE47940}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{71F1AB73-FDE6-491F-B9FD-102111C50590}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{D0E1BD2B-6EB9-48B8-9B32-ECF876310297}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{01CC598C-89DB-46BA-BA80-9FCB898EC45E}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9FC103C0-88CD-4645-B2C2-F9A2E616110B}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F257936D-83FD-49C7-A248-89A74B97FB79}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{2A027BB7-9BF9-4E58-9BC7-89DE944EA377}] => (Allow) E:\Origin SR\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{872F37D3-767A-4239-A364-12C77556DBD9}] => (Allow) E:\Origin SR\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{CA8E851A-D241-43A9-85DD-191CA7F08893}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{C009BC7F-1600-4562-B142-708FB2D65FFF}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{F4A9DCFC-079E-4429-9DE6-804E2211C1D1}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{DD2F67B7-B504-4FEF-8860-051A9C8CC6E7}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{8239559A-8D9D-4147-922E-71E79249A2A4}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{228EF431-AC71-4716-A8DA-72C269CD6E79}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{55600F63-1031-40B6-A7EC-B0004CEE2660}] => (Allow) D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{298B9D44-0FB3-4536-9237-BA7F60E12A8D}] => (Allow) D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{143B986A-705E-4028-B5BC-24B3AF5A262E}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{09C315D9-378C-45A8-AEEB-CF7E3FFB768B}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{6C54C782-91E2-4D48-8C43-D1B7C64C0B4E}] => (Allow) D:\Steam\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{CE3E5712-61A9-4DC4-A344-196C5A9F21EF}] => (Allow) D:\Steam\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{D5BF907D-8C46-443E-93AC-66D656585187}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{555ECED4-AC9C-40DB-AC97-2C429E26D0FB}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{5F55F04D-6D0C-4156-9B08-79258A8BB876}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{C22A3F77-CF9C-4E82-9344-3131405A380D}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{385FA2FC-B6D1-49E6-8270-AE0E95E0E554}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{38EC9883-A499-4BB9-A5D5-06339F59EA06}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{AEFD2FFD-809A-4B67-9A43-0666366F76C5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1A0361D2-E013-46AA-9FCB-E60FBAC79E80}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3FB6D456-071C-4C1C-B740-D6BA484B212A}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{88EDAC1C-3E3A-4468-918A-B416478C0F1D}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BF098AD8-FE5A-4E33-AB14-20845F8237DE}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A943D7DC-8B39-4888-B875-B52D383EFB61}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0F4FD65B-CBE8-40A3-9080-28919381E79A}] => (Allow) D:\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D2D923D9-8EC4-44A1-8E41-203ECD550644}] => (Allow) D:\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{03E0BB43-DBE1-446C-8965-6E0CC1BA13AB}] => (Allow) D:\Steam\steamapps\common\Kenshi\kenshi_x64.exe () [File not signed]
FirewallRules: [{A93C29E3-65A8-4E54-9ED6-B81AB12F70EA}] => (Allow) D:\Steam\steamapps\common\Kenshi\kenshi_x64.exe () [File not signed]
FirewallRules: [{D87B17C2-C634-47A1-BC4E-63C822F513AE}] => (Allow) D:\Steam\steamapps\common\Kenshi\forgotten construction set.exe (LoFi Games) [File not signed]
FirewallRules: [{0FA908CA-C1B3-4948-AF42-74D6C0F3E280}] => (Allow) D:\Steam\steamapps\common\Kenshi\forgotten construction set.exe (LoFi Games) [File not signed]
FirewallRules: [{507E9E61-375A-474C-9610-D129830A2D41}] => (Allow) E:\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{7ABA67F1-1846-4664-B3A8-6F9AACF65802}] => (Allow) E:\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{3A56E896-D843-4F05-BD18-0C6FB045AE0D}] => (Allow) E:\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{FEF82F11-7CDA-42EB-81E1-15F9888BBC13}] => (Allow) E:\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{64055EA3-011E-4432-8739-E808972DFB3B}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{7A2DBF53-BE5C-4212-928B-4DD651A26F71}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{7FC14DE0-69CE-42D9-8F91-5E4E4515ED43}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{DE09427D-65C5-4710-BFF5-5C460AF88357}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{64C2DC68-AD6C-42E1-9C3E-2DB052C31CA6}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{AAB9CCF8-B0A6-4249-8EE0-0F8C9D30BB21}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{3056FA58-8AEC-4163-853A-EB28754E1C07}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{4A36A3FA-F0FD-481B-A9D6-2D6198B5C0ED}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8FA2D668-5FBC-4E43-A0C1-5B9690C49F51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E8A09DF1-F310-4EDC-93CC-9C8D00D5CC21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{404A7905-CA3A-4BDB-BBF3-D85AC17436FA}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{718B3B89-CDAF-44A9-8CD0-8C37FC17875B}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{C5BBE57A-2A16-4630-877B-0E7DADE81295}] => (Allow) D:\Steam\steamapps\common\Holdfast Nations At War\Holdfast NaW.exe () [File not signed]
FirewallRules: [{9C8C5BDC-B9F5-49AE-8003-73FB694DE3C4}] => (Allow) D:\Steam\steamapps\common\Holdfast Nations At War\Holdfast NaW.exe () [File not signed]
FirewallRules: [{D76FC6E5-9860-4A8F-BA65-9FC5DFF5604C}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{5FD47D25-9DD5-4FE5-9EF4-0071E01EB8D4}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{0F374929-80B0-4398-9C15-F99273F17C59}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{3A7A1ABA-0A6A-42F4-B850-A7E61C463074}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{BFB6DDA0-779B-4794-A942-3425D93B8D91}] => (Allow) D:\Steam\steamapps\common\Sniper Ghost Warrior Contracts\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{7DAFFC2F-C47C-4A6F-9AFF-5BCF82CD226F}] => (Allow) D:\Steam\steamapps\common\Sniper Ghost Warrior Contracts\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{8C788F98-32BF-495A-99CB-6B1A26A3BB62}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6428C6D1-3BD6-4858-9B71-25A842166ACD}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{BDF75493-485C-4F05-9114-23211486156E}] => (Allow) D:\Steam\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{3D5D1B62-A69D-4361-A101-38D96A768802}] => (Allow) D:\Steam\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{D1FC208C-9420-436C-9ABC-FC062D94848B}] => (Allow) E:\SteamLibrary SR\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{9DDFE7D4-F904-474F-B800-FE8BAE76B4D9}] => (Allow) E:\SteamLibrary SR\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{5A611E72-3F25-46EA-8591-F24BA6294C50}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{BBBCC332-7B27-464D-A5F5-7806909730D2}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{DDCE37A6-748C-4FC4-A500-818637CDB9C3}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{2A416B3C-F3CA-4251-9F87-3261796E55F0}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{6DF17E3D-BCD0-4FBA-A4C6-9D2EEFAE77CF}] => (Allow) D:\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B6F9DE9C-91E7-4E3F-818E-5AE15E79B81D}] => (Allow) D:\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{AF027B47-1101-4187-95E6-E3E3344C0F8C}] => (Allow) E:\SteamLibrary SR\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
FirewallRules: [{162196B0-32EE-4C50-B080-C10B042008FE}] => (Allow) E:\SteamLibrary SR\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
FirewallRules: [{78722813-A025-4022-BDD5-7BA0AA70BAE2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E04C4E66-E4B2-46E8-A639-F9812F6C03AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A4DC325C-E25B-4B3A-86D3-F4810F5903FA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{95356841-5415-4721-B74F-667C5517FF28}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{ABE0E631-86BE-4CE4-82C7-99A1B0DD1B00}] => (Allow) D:\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{D082302C-DDC0-415C-92DC-5E0B2FA7DBB4}] => (Allow) D:\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{268AD3B8-E6C4-4F66-BA17-8878484458E2}] => (Allow) E:\SteamLibrary SR\steamapps\common\Goat of Duty\GoatOfDuty.exe () [File not signed]
FirewallRules: [{637C286F-703C-4D7E-81F6-370E91FE9EC6}] => (Allow) E:\SteamLibrary SR\steamapps\common\Goat of Duty\GoatOfDuty.exe () [File not signed]
FirewallRules: [{6A339F5B-D513-461C-BADF-3068B588F46A}] => (Allow) D:\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{98FA4CD9-BA61-4292-B4B7-E7093DB06E80}] => (Allow) D:\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{C8160EA8-8A63-4557-B9A5-AAEB5BC20913}] => (Allow) E:\SteamLibrary SR\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{7B001C9F-8C60-41A0-B3F9-EB9C6CB71705}] => (Allow) E:\SteamLibrary SR\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{163E5504-B156-40FB-B62E-C2FDAB60DFC1}] => (Allow) E:\SteamLibrary SR\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments)
FirewallRules: [{097D66C8-80FE-4337-93D0-FC7214A3F3D6}] => (Allow) E:\SteamLibrary SR\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments)
FirewallRules: [{DDE524CB-3CCF-49C9-81A6-9C7974AB7F23}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{54F0F32B-C3FF-481A-AC3B-C61788867B67}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{D83A8D21-B934-4DF4-A6F3-577DA3E70349}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\LaunchWinterWar.exe () [File not signed]
FirewallRules: [{2EAA5C85-41AF-40D8-876D-880CCC71FE37}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\LaunchWinterWar.exe () [File not signed]
FirewallRules: [{C97D33C6-5B93-4E0A-AFE9-1FD86A73F072}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{604CE472-C8AE-43CF-BD29-7A605360BE93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5A773CD8-1E00-47BC-B96F-E862BB723A2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D73CA0C-EFE1-428C-AF12-504BBD4A2E2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F05F407F-AF37-442B-85BE-9E8EF505227B}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Tannenberg\Tannenberg.exe () [File not signed]
FirewallRules: [{08B3E69A-FD8D-4D83-BE7B-BD0641795DA7}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Tannenberg\Tannenberg.exe () [File not signed]
FirewallRules: [{9BBDD070-C03C-478A-9CDF-BDE992D3B827}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{33C8C4EB-FB4D-485F-B122-F5CD2B6CEBF2}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{EF92EE69-F44E-448D-8371-74A84F7382D0}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War SHOGUN 2\Shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{F74DA13E-8A61-40DF-8A6B-A116D697BF15}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War SHOGUN 2\Shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{AEF396BB-BBE8-42D9-A4D5-F9C9C7A8A7CD}] => (Allow) E:\SteamLibrary SR\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{FFD1C606-CD15-45B8-81D7-6304117F82DF}] => (Allow) E:\SteamLibrary SR\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9C2D3670-7DF9-4B3E-A444-6F25A2D80D4E}] => (Allow) E:\SteamLibrary SR\steamapps\common\LEGONinjago\LEGONINJAGO_DX11.exe (Travellers Tales (UK) Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{F5FB750D-1E8A-4988-82A9-5E5053126C6C}] => (Allow) E:\SteamLibrary SR\steamapps\common\LEGONinjago\LEGONINJAGO_DX11.exe (Travellers Tales (UK) Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{980485BD-8082-48CC-8F60-6F8B339C6E27}] => (Allow) E:\SteamLibrary SR\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{211293E3-60C6-4BDF-B0E4-2480458F33E5}] => (Allow) E:\SteamLibrary SR\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{627CB391-30D0-4480-9E88-50CF35212A55}] => (Allow) E:\SteamLibrary SR\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{090E161D-945B-4AA7-8AB0-7886E978D89E}] => (Allow) E:\SteamLibrary SR\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{5BC0DA56-4D42-4C83-9441-DE7DF5F4E4C5}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{3B77F57A-B485-4BD8-9F1D-FB96EBA46052}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{C6205BE2-BEF0-4CA6-9669-6EFBC5CE7515}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A425459C-D393-417C-8BD1-C48BB02C923E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{930C7984-5F52-48C5-929F-36CA51C3DD62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C82DD3B-2AD5-4608-A6E3-B9A4FCAC2226}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C235D78-E046-46AE-82B0-2FA54E87FBD2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{05E30497-2FB6-470C-BA94-16E4850F41BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F3FBB24F-08C6-446D-84ED-A7D26A042314}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{96EE39F0-045C-4EDC-9A8E-CE072E105D6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F76E365-0DF1-48AA-BB84-85791E2DC1A0}] => (Allow) E:\Games\Escape from Tarkov\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{C64A529D-0E5B-4D1F-9CF7-2CD80D11682B}] => (Allow) E:\Games\Escape from Tarkov\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{51AF8364-1EFD-49ED-818B-56E5A91DC3CC}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{3A13AE4E-C8C8-4902-8EC1-FFAD72E1D95D}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{42D8D95D-B9C7-49F1-BA3F-0FBE5CCDA0AA}] => (Allow) D:\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{48A8BBE4-DE13-48B5-8561-873B2C1EED07}] => (Allow) D:\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{A59F1C9A-D423-41C4-8CE9-F9B9328268AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12827.20268.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{62A1DC7E-20EB-4051-8D52-616A48812F96}] => (Allow) D:\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{1E08FA38-3AC2-42B6-8EE6-18673E34DA93}] => (Allow) D:\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{73A999E7-708D-4C4B-B54E-98B5D310384D}] => (Allow) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1755F5AA-C768-4D5B-AD2C-FD0F3DF4B1B1}] => (Allow) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1465433C-7E76-479D-9759-1BB870904787}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DEB15019-CFED-4BFA-AA4D-B5D3D107DC0B}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FAC96C56-9B71-4D8C-99BA-E1A47EC9D228}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{91BE87F7-E0AD-43F2-8097-DEF643ECB9A8}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{593F19D5-D8BC-4945-AF4C-B54DED707011}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{7F525BAC-E0A9-4420-9861-959DF4854CAB}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{1E3CCD26-2F53-43C2-8816-867678002770}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
10-06-2020 23:27:45 Nainstalováno rozhraní DirectX
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/17/2020 10:36:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6152,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/17/2020 10:00:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13604,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/17/2020 08:24:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (520,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/17/2020 07:44:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11484,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/17/2020 06:58:56 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16176,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/16/2020 08:59:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4240,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/16/2020 08:49:10 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-DK56E1E)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (06/16/2020 08:44:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12300,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2020-06-17 06:53:48.433
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:53:48.426
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:53:48.418
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:53:48.411
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:52:54.759
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:52:54.751
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:52:54.744
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:52:54.692
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. C.70 05/23/2016
Motherboard: MSI B150 PC MATE (MS-7971)
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 28%
Total physical RAM: 16346.73 MB
Available physical RAM: 11680.73 MB
Total Virtual: 23002.73 MB
Available Virtual: 16474.21 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:222.58 GB) (Free:119.72 GB) NTFS
Drive d: (Petrik) (Fixed) (Total:931.51 GB) (Free:185.99 GB) NTFS
Drive e: (Petr) (Fixed) (Total:931.51 GB) (Free:295.06 GB) NTFS
\\?\Volume{bd2b7066-0000-0000-0000-100000000000}\ (Boot) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{bd2b7066-0000-0000-0000-90c437000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: BD2B7066)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=509 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4374420A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 75B7C2EC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by petkr (administrator) on DESKTOP-DK56E1E (MSI MS-7971) (17-06-2020 10:56:04)
Running from C:\Users\petkr\OneDrive\Desktop
Loaded Profiles: petkr
Platform: Windows 10 Home Version 1903 18362.836 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petkr\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\petkr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.148.0.4\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.148.0.4\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe <3>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [185648 2020-04-04] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-06-05] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Run: [Gaijin.Net Updater] => C:\Users\petkr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Run: [Gaijin.Net Agent] => C:\Users\petkr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1752408 2020-05-24] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\MountPoints2: {7354eb2b-9ca0-11e9-8b82-806e6f6e6963} - "F:\autorun.exe"
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\Windows\system32\CNAB4LMD.DLL [58880 2012-10-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\Installer\setup.exe [2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2019-08-26]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2558891A-CB3A-410B-A6A1-ACB2E124BFF5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {395208E2-A814-4BE8-A9D9-3448B56EDE37} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45A51919-4EB3-4980-90CE-7A0172BAA2E0} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {537AE81C-E922-48A4-BF69-5C771D4DC6B8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6142A20D-AC74-4E75-BDBD-3C48FE0D3BDB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6793DB96-1BA2-4C6F-B35A-39516901BD8C} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2467160 2020-05-24] (Overwolf Ltd -> Overwolf LTD)
Task: {75BC0FE3-02D4-4EC6-8154-643A4D82AB3E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {760A8047-BEC4-4BB2-BE53-8A08A9252B6F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {887B8367-24CA-416A-B232-C5104A9D8DAF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92E6173C-89C3-412E-A22A-C96B6D0F689C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {95F848AD-7577-4A65-A688-48ED1A2972B6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CCB62266-F953-47E5-A636-6AB042BCAFBD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D9961A23-CC36-477A-84A6-16A96086FE9E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E1B88F44-6C0D-4458-81C8-CB9B90F0E0E7} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.100.1.234 8.8.8.8
Tcpip\..\Interfaces\{4c99f53c-bb15-4965-862a-ad379735beb4}: [DhcpNameServer] 10.100.1.234 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hal3000.cz/
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.hal3000.cz
Edge:
======
DownloadDir: C:\Users\petkr\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\petkr\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-16]
Edge DownloadDir: C:\Users\petkr\Downloads
FireFox:
========
FF DefaultProfile: drvx619k.default
FF ProfilePath: C:\Users\petkr\AppData\Roaming\Mozilla\Firefox\Profiles\drvx619k.default [2019-07-07]
FF ProfilePath: C:\Users\petkr\AppData\Roaming\Mozilla\Firefox\Profiles\g2u8jhl9.default-release [2020-06-17]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2020-04-30] (Adobe Systems Incorporated -> )
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-06-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8630808 2020-06-14] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-05-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe [1507216 2020-06-12] (Microsoft Corporation -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [873272 2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2496816 2020-05-06] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3449656 2020-05-06] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2467160 2020-05-24] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2020-04-02] (Even Balance, Inc. -> )
S3 Rockstar Service; D:\Rockstar\Launcher\RockstarService.exe [1776768 2020-06-12] (Rockstar Games, Inc. -> Rockstar Games)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-02-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9851648 2020-06-05] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-25] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [154336 2020-04-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106840 2020-03-19] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188872 2020-03-19] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [53048 2020-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79520 2020-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [115960 2020-03-19] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-06-16] (Malwarebytes Corporation -> Malwarebytes)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [196456 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131728 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_55e7fb10ab85a7c2\nvlddmkm.sys [23454448 2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [6314736 2020-06-05] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-02-08] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-16 20:05 - 2020-06-16 20:05 - 000000000 ____D C:\AdwCleaner
2020-06-16 19:57 - 2020-06-16 19:57 - 000196456 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-06-16 19:57 - 2020-06-16 19:57 - 000131728 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-06-16 19:57 - 2020-06-16 19:57 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-06-16 19:57 - 2020-06-16 19:57 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-16 19:57 - 2020-06-16 19:57 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-16 19:57 - 2020-06-16 19:57 - 000000000 ____D C:\Users\petkr\AppData\Local\mbam
2020-06-16 19:56 - 2020-06-16 19:56 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-16 19:56 - 2020-06-16 19:56 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-06-16 19:56 - 2020-06-16 19:56 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-16 19:56 - 2020-06-16 19:56 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-16 19:56 - 2020-06-16 19:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-16 19:56 - 2020-06-16 19:56 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-16 19:56 - 2020-06-16 19:56 - 000000000 ____D C:\Malwarebytes
2020-06-16 19:29 - 2020-06-17 10:56 - 000000000 ____D C:\FRST
2020-06-12 19:20 - 2020-06-12 19:20 - 000004382 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2020-06-12 19:20 - 2020-06-12 19:20 - 000000000 ____D C:\Users\petkr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2020-06-12 19:20 - 2020-06-12 19:20 - 000000000 ____D C:\ProgramData\Overwolf
2020-06-12 19:20 - 2020-06-12 19:20 - 000000000 ____D C:\Program Files (x86)\Overwolf
2020-06-12 19:18 - 2020-06-17 06:38 - 000000000 ____D C:\Users\petkr\AppData\Local\Overwolf
2020-06-11 17:32 - 2020-06-11 17:32 - 000000000 ____D C:\Users\petkr\AppData\Local\VALORANT
2020-06-11 09:36 - 2020-06-16 19:55 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2020-06-10 23:27 - 2020-06-10 23:27 - 000000000 ____D C:\Program Files\Riot Vanguard
2020-06-10 10:19 - 2020-06-10 10:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-06-09 19:45 - 2020-06-11 09:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-07 08:23 - 2020-06-17 06:39 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-07 08:23 - 2020-06-17 06:39 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-07 08:23 - 2020-06-07 18:29 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-07 08:23 - 2020-06-07 18:29 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-02 21:45 - 2020-05-18 23:21 - 001729240 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001729240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001329368 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001329368 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-06-02 21:45 - 2020-05-18 23:21 - 001079008 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 001079008 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000937688 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000937688 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000451480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-06-02 21:45 - 2020-05-18 23:21 - 000348056 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-06-02 21:45 - 2020-05-18 23:20 - 011944864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-06-02 21:45 - 2020-05-18 23:20 - 010286480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 005856664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 002072992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001722096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444614.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001566096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001484184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444614.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001482128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001350560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001141992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 001048480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000816880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000811240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000680848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000676248 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000655080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000546720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-06-02 21:45 - 2020-05-18 23:19 - 000543144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-06-02 21:45 - 2020-05-18 23:18 - 017600240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-06-02 21:45 - 2020-05-18 23:18 - 015158000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-06-02 21:45 - 2020-05-18 23:18 - 005159320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-06-02 21:45 - 2020-05-18 23:17 - 004195656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-05-22 17:23 - 2020-05-29 21:54 - 000000000 ____D C:\Users\petkr\AppData\Roaming\FiraxisLive
2020-05-22 16:45 - 2020-05-30 17:04 - 000000000 ____D C:\Users\petkr\AppData\Roaming\2K
2020-05-22 16:45 - 2020-05-22 16:45 - 000000000 ____D C:\Users\petkr\AppData\Local\2K
2020-05-22 12:55 - 2020-05-30 09:04 - 042886902 _____ C:\Users\petkr\AppData\Roaming\gta5_patch.bin
2020-05-22 12:55 - 2020-05-22 12:55 - 000332800 _____ C:\Users\petkr\AppData\Roaming\patcher.dll
2020-05-22 12:41 - 2020-05-22 12:41 - 000000000 ____D C:\Users\petkr\AppData\Local\GTA_5_CZ_Manager
2020-05-20 19:55 - 2020-05-20 19:57 - 000000000 ____D C:\ProgramData\Epic
2020-05-20 19:55 - 2020-05-20 19:55 - 000000891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2020-05-20 19:55 - 2020-05-20 19:55 - 000000000 ____D C:\Users\petkr\AppData\Local\UnrealEngineLauncher
2020-05-20 19:55 - 2020-05-20 19:55 - 000000000 ____D C:\Users\petkr\AppData\Local\EpicGamesLauncher
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-17 10:54 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-17 07:23 - 2019-09-25 18:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-17 06:54 - 2019-07-01 17:31 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-17 06:52 - 2019-07-07 14:09 - 000000000 ____D C:\Users\petkr\AppData\LocalLow\Mozilla
2020-06-17 06:48 - 2020-01-10 18:06 - 000000000 ____D C:\Users\petkr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AGOT
2020-06-17 06:41 - 2019-09-25 18:26 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{ADBC676F-94A1-4F35-BC68-14C024A23243}
2020-06-17 06:38 - 2019-07-07 13:52 - 000000000 ___RD C:\Users\petkr\OneDrive
2020-06-16 21:03 - 2019-09-27 21:52 - 000000000 ____D C:\Users\petkr\AppData\Roaming\Twitch
2020-06-16 21:02 - 2019-07-29 19:40 - 000000000 ____D C:\Users\petkr\AppData\Roaming\TS3Client
2020-06-16 19:56 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-16 19:25 - 2019-09-25 18:26 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-16 19:25 - 2019-03-19 13:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-06-16 19:25 - 2019-03-19 13:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-06-16 19:25 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-16 19:19 - 2019-09-25 18:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-16 19:19 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-06-16 17:28 - 2019-07-12 22:26 - 000000000 ____D C:\Users\petkr\AppData\Local\Ubisoft Game Launcher
2020-06-16 16:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-14 14:59 - 2019-08-04 15:32 - 000000000 ____D C:\Users\petkr\AppData\Local\CrashDumps
2020-06-12 23:34 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-12 22:05 - 2019-07-08 20:35 - 000000000 ____D C:\Users\petkr\AppData\Roaming\Discord
2020-06-12 19:25 - 2019-08-24 16:39 - 000000000 ____D C:\Users\petkr\AppData\Local\D3DSCache
2020-06-11 17:32 - 2020-01-07 18:55 - 000000000 ____D C:\Users\petkr\AppData\Local\Riot Games
2020-06-11 15:00 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-11 09:36 - 2019-07-07 14:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-10 23:26 - 2020-01-07 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-06-10 15:59 - 2020-01-11 14:41 - 000000000 ___RD C:\Users\petkr\OneDrive\Dokumenty\Scanned Documents
2020-06-10 10:19 - 2019-07-07 14:09 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-06 23:41 - 2019-07-13 13:17 - 000000000 ____D C:\Users\petkr\OneDrive\Dokumenty\Paradox Interactive
2020-06-05 23:03 - 2019-03-19 06:56 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2019-03-19 06:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-04 21:02 - 2019-07-07 13:50 - 000000000 ____D C:\Users\petkr\AppData\Local\Packages
2020-06-04 13:39 - 2019-09-19 17:28 - 000000000 ____D C:\Program Files\Rockstar Games
2020-06-04 13:39 - 2019-09-19 17:28 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-06-04 07:54 - 2019-12-28 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2020-06-03 10:07 - 2019-07-28 14:26 - 000000000 ____D C:\Users\petkr\AppData\Local\NVIDIA
2020-06-01 17:31 - 2019-09-01 17:16 - 000000000 ____D C:\Program Files (x86)\Origin
2020-06-01 17:31 - 2019-09-01 17:13 - 000000000 ____D C:\Users\petkr\AppData\Local\Origin
2020-06-01 17:31 - 2019-09-01 17:13 - 000000000 ____D C:\ProgramData\Origin
2020-05-30 09:07 - 2019-08-25 08:40 - 000000000 ____D C:\Program Files\UNP
2020-05-27 19:59 - 2019-09-25 18:26 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2452798473-3973055187-1235544945-1001
2020-05-27 19:59 - 2019-09-25 18:20 - 000002372 _____ C:\Users\petkr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-26 17:01 - 2019-08-20 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2020-05-26 17:01 - 2019-08-20 18:37 - 000000000 ____D C:\Program Files\Nexus Mod Manager
2020-05-22 17:23 - 2019-07-09 14:16 - 000000000 ____D C:\Users\petkr\OneDrive\Dokumenty\My Games
2020-05-21 18:57 - 2019-09-19 17:28 - 000000000 ____D C:\Users\petkr\OneDrive\Dokumenty\Rockstar Games
2020-05-21 18:57 - 2019-09-19 17:28 - 000000000 ____D C:\Users\petkr\AppData\Local\Rockstar Games
2020-05-20 19:57 - 2019-07-02 09:53 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-20 19:55 - 2019-07-07 20:41 - 000000000 ____D C:\Users\petkr\AppData\Local\UnrealEngine
2020-05-18 23:17 - 2020-02-04 16:39 - 004928256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
==================== Files in the root of some directories ========
2020-05-22 12:55 - 2020-05-30 09:04 - 042886902 _____ () C:\Users\petkr\AppData\Roaming\gta5_patch.bin
2020-05-22 12:55 - 2020-05-22 12:55 - 000332800 _____ () C:\Users\petkr\AppData\Roaming\patcher.dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by petkr (17-06-2020 10:56:59)
Running from C:\Users\petkr\OneDrive\Desktop
Windows 10 Home Version 1903 18362.836 (X64) (2019-09-25 16:26:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2452798473-3973055187-1235544945-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2452798473-3973055187-1235544945-503 - Limited - Disabled)
Guest (S-1-5-21-2452798473-3973055187-1235544945-501 - Limited - Disabled)
petkr (S-1-5-21-2452798473-3973055187-1235544945-1001 - Administrator - Enabled) => C:\Users\petkr
WDAGUtilityAccount (S-1-5-21-2452798473-3973055187-1235544945-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
A Game of Thrones version 2.2 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\{7C82709E-75FE-4C3A-976A-8C97908DDD7B}_is1) (Version: 2.2 - AGOT TEAM)
A Way Out (HKLM-x32\...\{E8D752CF-2FCC-470D-B0C5-4BFC6F42ACCE}) (Version: 1.0.62.0 - Electronic Arts, Inc.)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts)
Battlestate Games Launcher 10.2.0.1139 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 10.2.0.1139 - Battlestate Games)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Crossout Launcher 1.0.3.110 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\CrossOutLauncher_is1) (Version: - )
Discord (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.6.7765 - Battlestate Games)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 13.1.21.0 - ESET, spol. s r.o.)
Fallout 4 - Čeština (HKLM-x32\...\{8995E8E7-1793-402E-87B7-F1E106783F84}) (Version: 0.9.8 - prekladyher.eu)
Farming Simulator 19 (HKLM-x32\...\FarmingSimulator2019_is1) (Version: 1.5.1 - GIANTS Software)
Floris Evolved (HKLM-x32\...\Floris Evolved) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Teams) (Version: 1.3.00.8663 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Middle Earth Project Installer - Easy way to install MEP for CK2 (HKLM-x32\...\Brojan Middle Earth Project Installer) (Version: 0.8.291 - Brojan)
Minecraft Launcher (HKLM-x32\...\{CFF44AE9-2908-4D7D-B48B-1CB5139015C7}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 77.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 77.0.1 (x64 cs)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.71.4 - Black Tree Gaming)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 446.14 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.70.40362 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.148.0.4 - Overwolf Ltd.)
Ovládací panel NVIDIA 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 446.14 - NVIDIA Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{3D662AC5-4616-4A1C-912E-BD5BF9C9F4C8}) (Version: 2.0.0.0 - Paradox Interactive)
PlanetSide 2 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.24.258 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.0.0 - Black Tree Gaming Ltd.)
War Thunder Launcher 1.0.3.171 (HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-08] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.37.4.0_x86__kgqvnymyfvs32 [2020-05-15] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1781.1.0_x86__kgqvnymyfvs32 [2020-06-11] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-30] (HP Inc.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-07] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-15] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12827.20268.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation)
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-04] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2452798473-3973055187-1235544945-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\petkr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2452798473-3973055187-1235544945-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\petkr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-10-28] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-05-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\petkr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2019-07-14 00:10 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-09-01 17:16 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-09-01 17:16 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-09-01 17:16 - 2019-10-08 14:41 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-06-01 17:31 - 2019-10-08 14:41 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\petkr\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\petkr\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\petkr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.100.1.234 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DBBCA6EE-336A-4E1B-BFF9-45DF4FE47940}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{71F1AB73-FDE6-491F-B9FD-102111C50590}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{D0E1BD2B-6EB9-48B8-9B32-ECF876310297}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{01CC598C-89DB-46BA-BA80-9FCB898EC45E}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9FC103C0-88CD-4645-B2C2-F9A2E616110B}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F257936D-83FD-49C7-A248-89A74B97FB79}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{2A027BB7-9BF9-4E58-9BC7-89DE944EA377}] => (Allow) E:\Origin SR\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{872F37D3-767A-4239-A364-12C77556DBD9}] => (Allow) E:\Origin SR\BFH\BFHWebHelper.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{CA8E851A-D241-43A9-85DD-191CA7F08893}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{C009BC7F-1600-4562-B142-708FB2D65FFF}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{F4A9DCFC-079E-4429-9DE6-804E2211C1D1}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{DD2F67B7-B504-4FEF-8860-051A9C8CC6E7}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{8239559A-8D9D-4147-922E-71E79249A2A4}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{228EF431-AC71-4716-A8DA-72C269CD6E79}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{55600F63-1031-40B6-A7EC-B0004CEE2660}] => (Allow) D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{298B9D44-0FB3-4536-9237-BA7F60E12A8D}] => (Allow) D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{143B986A-705E-4028-B5BC-24B3AF5A262E}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{09C315D9-378C-45A8-AEEB-CF7E3FFB768B}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe () [File not signed]
FirewallRules: [{6C54C782-91E2-4D48-8C43-D1B7C64C0B4E}] => (Allow) D:\Steam\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{CE3E5712-61A9-4DC4-A344-196C5A9F21EF}] => (Allow) D:\Steam\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{D5BF907D-8C46-443E-93AC-66D656585187}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{555ECED4-AC9C-40DB-AC97-2C429E26D0FB}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut_friend.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{5F55F04D-6D0C-4156-9B08-79258A8BB876}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{C22A3F77-CF9C-4E82-9344-3131405A380D}] => (Allow) D:\Origin\AWayOut\Haze1\Binaries\Win64\AWayOut.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [{385FA2FC-B6D1-49E6-8270-AE0E95E0E554}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{38EC9883-A499-4BB9-A5D5-06339F59EA06}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{AEFD2FFD-809A-4B67-9A43-0666366F76C5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1A0361D2-E013-46AA-9FCB-E60FBAC79E80}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3FB6D456-071C-4C1C-B740-D6BA484B212A}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{88EDAC1C-3E3A-4468-918A-B416478C0F1D}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BF098AD8-FE5A-4E33-AB14-20845F8237DE}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A943D7DC-8B39-4888-B875-B52D383EFB61}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0F4FD65B-CBE8-40A3-9080-28919381E79A}] => (Allow) D:\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D2D923D9-8EC4-44A1-8E41-203ECD550644}] => (Allow) D:\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{03E0BB43-DBE1-446C-8965-6E0CC1BA13AB}] => (Allow) D:\Steam\steamapps\common\Kenshi\kenshi_x64.exe () [File not signed]
FirewallRules: [{A93C29E3-65A8-4E54-9ED6-B81AB12F70EA}] => (Allow) D:\Steam\steamapps\common\Kenshi\kenshi_x64.exe () [File not signed]
FirewallRules: [{D87B17C2-C634-47A1-BC4E-63C822F513AE}] => (Allow) D:\Steam\steamapps\common\Kenshi\forgotten construction set.exe (LoFi Games) [File not signed]
FirewallRules: [{0FA908CA-C1B3-4948-AF42-74D6C0F3E280}] => (Allow) D:\Steam\steamapps\common\Kenshi\forgotten construction set.exe (LoFi Games) [File not signed]
FirewallRules: [{507E9E61-375A-474C-9610-D129830A2D41}] => (Allow) E:\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{7ABA67F1-1846-4664-B3A8-6F9AACF65802}] => (Allow) E:\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{3A56E896-D843-4F05-BD18-0C6FB045AE0D}] => (Allow) E:\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{FEF82F11-7CDA-42EB-81E1-15F9888BBC13}] => (Allow) E:\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{64055EA3-011E-4432-8739-E808972DFB3B}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{7A2DBF53-BE5C-4212-928B-4DD651A26F71}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{7FC14DE0-69CE-42D9-8F91-5E4E4515ED43}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{DE09427D-65C5-4710-BFF5-5C460AF88357}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{64C2DC68-AD6C-42E1-9C3E-2DB052C31CA6}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{AAB9CCF8-B0A6-4249-8EE0-0F8C9D30BB21}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{3056FA58-8AEC-4163-853A-EB28754E1C07}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{4A36A3FA-F0FD-481B-A9D6-2D6198B5C0ED}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8FA2D668-5FBC-4E43-A0C1-5B9690C49F51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E8A09DF1-F310-4EDC-93CC-9C8D00D5CC21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{404A7905-CA3A-4BDB-BBF3-D85AC17436FA}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{718B3B89-CDAF-44A9-8CD0-8C37FC17875B}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{C5BBE57A-2A16-4630-877B-0E7DADE81295}] => (Allow) D:\Steam\steamapps\common\Holdfast Nations At War\Holdfast NaW.exe () [File not signed]
FirewallRules: [{9C8C5BDC-B9F5-49AE-8003-73FB694DE3C4}] => (Allow) D:\Steam\steamapps\common\Holdfast Nations At War\Holdfast NaW.exe () [File not signed]
FirewallRules: [{D76FC6E5-9860-4A8F-BA65-9FC5DFF5604C}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{5FD47D25-9DD5-4FE5-9EF4-0071E01EB8D4}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{0F374929-80B0-4398-9C15-F99273F17C59}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{3A7A1ABA-0A6A-42F4-B850-A7E61C463074}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{BFB6DDA0-779B-4794-A942-3425D93B8D91}] => (Allow) D:\Steam\steamapps\common\Sniper Ghost Warrior Contracts\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{7DAFFC2F-C47C-4A6F-9AFF-5BCF82CD226F}] => (Allow) D:\Steam\steamapps\common\Sniper Ghost Warrior Contracts\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{8C788F98-32BF-495A-99CB-6B1A26A3BB62}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6428C6D1-3BD6-4858-9B71-25A842166ACD}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{BDF75493-485C-4F05-9114-23211486156E}] => (Allow) D:\Steam\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{3D5D1B62-A69D-4361-A101-38D96A768802}] => (Allow) D:\Steam\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{D1FC208C-9420-436C-9ABC-FC062D94848B}] => (Allow) E:\SteamLibrary SR\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{9DDFE7D4-F904-474F-B800-FE8BAE76B4D9}] => (Allow) E:\SteamLibrary SR\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{5A611E72-3F25-46EA-8591-F24BA6294C50}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{BBBCC332-7B27-464D-A5F5-7806909730D2}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{DDCE37A6-748C-4FC4-A500-818637CDB9C3}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{2A416B3C-F3CA-4251-9F87-3261796E55F0}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{6DF17E3D-BCD0-4FBA-A4C6-9D2EEFAE77CF}] => (Allow) D:\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{B6F9DE9C-91E7-4E3F-818E-5AE15E79B81D}] => (Allow) D:\Steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{AF027B47-1101-4187-95E6-E3E3344C0F8C}] => (Allow) E:\SteamLibrary SR\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
FirewallRules: [{162196B0-32EE-4C50-B080-C10B042008FE}] => (Allow) E:\SteamLibrary SR\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)
FirewallRules: [{78722813-A025-4022-BDD5-7BA0AA70BAE2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{E04C4E66-E4B2-46E8-A639-F9812F6C03AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A4DC325C-E25B-4B3A-86D3-F4810F5903FA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{95356841-5415-4721-B74F-667C5517FF28}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{ABE0E631-86BE-4CE4-82C7-99A1B0DD1B00}] => (Allow) D:\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{D082302C-DDC0-415C-92DC-5E0B2FA7DBB4}] => (Allow) D:\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{268AD3B8-E6C4-4F66-BA17-8878484458E2}] => (Allow) E:\SteamLibrary SR\steamapps\common\Goat of Duty\GoatOfDuty.exe () [File not signed]
FirewallRules: [{637C286F-703C-4D7E-81F6-370E91FE9EC6}] => (Allow) E:\SteamLibrary SR\steamapps\common\Goat of Duty\GoatOfDuty.exe () [File not signed]
FirewallRules: [{6A339F5B-D513-461C-BADF-3068B588F46A}] => (Allow) D:\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{98FA4CD9-BA61-4292-B4B7-E7093DB06E80}] => (Allow) D:\Steam\steamapps\common\Crossout\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{C8160EA8-8A63-4557-B9A5-AAEB5BC20913}] => (Allow) E:\SteamLibrary SR\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{7B001C9F-8C60-41A0-B3F9-EB9C6CB71705}] => (Allow) E:\SteamLibrary SR\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{163E5504-B156-40FB-B62E-C2FDAB60DFC1}] => (Allow) E:\SteamLibrary SR\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments)
FirewallRules: [{097D66C8-80FE-4337-93D0-FC7214A3F3D6}] => (Allow) E:\SteamLibrary SR\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments)
FirewallRules: [{DDE524CB-3CCF-49C9-81A6-9C7974AB7F23}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{54F0F32B-C3FF-481A-AC3B-C61788867B67}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{D83A8D21-B934-4DF4-A6F3-577DA3E70349}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\LaunchWinterWar.exe () [File not signed]
FirewallRules: [{2EAA5C85-41AF-40D8-876D-880CCC71FE37}] => (Allow) D:\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\LaunchWinterWar.exe () [File not signed]
FirewallRules: [{C97D33C6-5B93-4E0A-AFE9-1FD86A73F072}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{604CE472-C8AE-43CF-BD29-7A605360BE93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5A773CD8-1E00-47BC-B96F-E862BB723A2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D73CA0C-EFE1-428C-AF12-504BBD4A2E2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F05F407F-AF37-442B-85BE-9E8EF505227B}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Tannenberg\Tannenberg.exe () [File not signed]
FirewallRules: [{08B3E69A-FD8D-4D83-BE7B-BD0641795DA7}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Tannenberg\Tannenberg.exe () [File not signed]
FirewallRules: [{9BBDD070-C03C-478A-9CDF-BDE992D3B827}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{33C8C4EB-FB4D-485F-B122-F5CD2B6CEBF2}] => (Allow) E:\SteamLibrary SR\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{EF92EE69-F44E-448D-8371-74A84F7382D0}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War SHOGUN 2\Shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{F74DA13E-8A61-40DF-8A6B-A116D697BF15}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War SHOGUN 2\Shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{AEF396BB-BBE8-42D9-A4D5-F9C9C7A8A7CD}] => (Allow) E:\SteamLibrary SR\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{FFD1C606-CD15-45B8-81D7-6304117F82DF}] => (Allow) E:\SteamLibrary SR\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9C2D3670-7DF9-4B3E-A444-6F25A2D80D4E}] => (Allow) E:\SteamLibrary SR\steamapps\common\LEGONinjago\LEGONINJAGO_DX11.exe (Travellers Tales (UK) Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{F5FB750D-1E8A-4988-82A9-5E5053126C6C}] => (Allow) E:\SteamLibrary SR\steamapps\common\LEGONinjago\LEGONINJAGO_DX11.exe (Travellers Tales (UK) Limited -> Warner Bros. Interactive Entertainment)
FirewallRules: [{980485BD-8082-48CC-8F60-6F8B339C6E27}] => (Allow) E:\SteamLibrary SR\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{211293E3-60C6-4BDF-B0E4-2480458F33E5}] => (Allow) E:\SteamLibrary SR\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{627CB391-30D0-4480-9E88-50CF35212A55}] => (Allow) E:\SteamLibrary SR\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{090E161D-945B-4AA7-8AB0-7886E978D89E}] => (Allow) E:\SteamLibrary SR\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{5BC0DA56-4D42-4C83-9441-DE7DF5F4E4C5}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{3B77F57A-B485-4BD8-9F1D-FB96EBA46052}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{C6205BE2-BEF0-4CA6-9669-6EFBC5CE7515}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A425459C-D393-417C-8BD1-C48BB02C923E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{930C7984-5F52-48C5-929F-36CA51C3DD62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C82DD3B-2AD5-4608-A6E3-B9A4FCAC2226}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C235D78-E046-46AE-82B0-2FA54E87FBD2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{05E30497-2FB6-470C-BA94-16E4850F41BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F3FBB24F-08C6-446D-84ED-A7D26A042314}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{96EE39F0-045C-4EDC-9A8E-CE072E105D6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F76E365-0DF1-48AA-BB84-85791E2DC1A0}] => (Allow) E:\Games\Escape from Tarkov\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{C64A529D-0E5B-4D1F-9CF7-2CD80D11682B}] => (Allow) E:\Games\Escape from Tarkov\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{51AF8364-1EFD-49ED-818B-56E5A91DC3CC}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{3A13AE4E-C8C8-4902-8EC1-FFAD72E1D95D}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{42D8D95D-B9C7-49F1-BA3F-0FBE5CCDA0AA}] => (Allow) D:\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{48A8BBE4-DE13-48B5-8561-873B2C1EED07}] => (Allow) D:\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive Ab (Publ) -> )
FirewallRules: [{A59F1C9A-D423-41C4-8CE9-F9B9328268AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12827.20268.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{62A1DC7E-20EB-4051-8D52-616A48812F96}] => (Allow) D:\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{1E08FA38-3AC2-42B6-8EE6-18673E34DA93}] => (Allow) D:\Steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{73A999E7-708D-4C4B-B54E-98B5D310384D}] => (Allow) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1755F5AA-C768-4D5B-AD2C-FD0F3DF4B1B1}] => (Allow) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1465433C-7E76-479D-9759-1BB870904787}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DEB15019-CFED-4BFA-AA4D-B5D3D107DC0B}] => (Block) C:\Program Files (x86)\Overwolf\0.148.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FAC96C56-9B71-4D8C-99BA-E1A47EC9D228}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{91BE87F7-E0AD-43F2-8097-DEF643ECB9A8}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{593F19D5-D8BC-4945-AF4C-B54DED707011}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{7F525BAC-E0A9-4420-9861-959DF4854CAB}] => (Allow) E:\SteamLibrary SR\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{1E3CCD26-2F53-43C2-8816-867678002770}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
10-06-2020 23:27:45 Nainstalováno rozhraní DirectX
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/17/2020 10:36:21 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6152,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/17/2020 10:00:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13604,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/17/2020 08:24:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (520,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/17/2020 07:44:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11484,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/17/2020 06:58:56 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16176,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/16/2020 08:59:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4240,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (06/16/2020 08:49:10 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-DK56E1E)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (06/16/2020 08:44:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12300,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/16/2020 09:03:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DK56E1E)
Description: Server {021E4F06-9DCC-49AD-88CF-ECC2DA314C8A} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2020-06-17 06:53:48.433
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:53:48.426
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:53:48.418
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:53:48.411
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:52:54.759
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:52:54.751
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:52:54.744
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-17 06:52:54.692
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\petkr\AppData\Local\Programs\Paradox Interactive\launcher-v2.2020.7\Paradox Launcher.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Overwolf\0.148.0.4\OWExplorer.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. C.70 05/23/2016
Motherboard: MSI B150 PC MATE (MS-7971)
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 28%
Total physical RAM: 16346.73 MB
Available physical RAM: 11680.73 MB
Total Virtual: 23002.73 MB
Available Virtual: 16474.21 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:222.58 GB) (Free:119.72 GB) NTFS
Drive d: (Petrik) (Fixed) (Total:931.51 GB) (Free:185.99 GB) NTFS
Drive e: (Petr) (Fixed) (Total:931.51 GB) (Free:295.06 GB) NTFS
\\?\Volume{bd2b7066-0000-0000-0000-100000000000}\ (Boot) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{bd2b7066-0000-0000-0000-90c437000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: BD2B7066)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=509 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4374420A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 75B7C2EC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Re: Prosím o kontrolu logu - problém s PC
Ještě mi pořád program Malwarebytes blokuje Vaši stránku jako Trojského koně...
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - problém s PC
MBAM odinstalujte. Zřejmě se mu nelíbíme, i když jej doporučujeme ve specifických případech. 
Je zbytečný, jako antivir máte ESET. Zbytečně navozujete sw kolize.
Otevřte poznámkový blok a zkopírujte do něj:
Je zbytečný, jako antivir máte ESET. Zbytečně navozujete sw kolize. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\petkr\OneDrive\Desktop jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\MountPoints2: {7354eb2b-9ca0-11e9-8b82-806e6f6e6963} - "F:\autorun.exe"
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\petkr\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\petkr\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
FirewallRules: [{DBBCA6EE-336A-4E1B-BFF9-45DF4FE47940}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{71F1AB73-FDE6-491F-B9FD-102111C50590}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{0F374929-80B0-4398-9C15-F99273F17C59}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{3A7A1ABA-0A6A-42F4-B850-A7E61C463074}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{DDE524CB-3CCF-49C9-81A6-9C7974AB7F23}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{54F0F32B-C3FF-481A-AC3B-C61788867B67}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - problém s PC
Zasílám log po fixlistu:
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by petkr (17-06-2020 16:05:45) Run:1
Running from C:\Users\petkr\OneDrive\Desktop
Loaded Profiles: petkr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\MountPoints2: {7354eb2b-9ca0-11e9-8b82-806e6f6e6963} - "F:\autorun.exe"
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\petkr\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\petkr\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
FirewallRules: [{DBBCA6EE-336A-4E1B-BFF9-45DF4FE47940}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{71F1AB73-FDE6-491F-B9FD-102111C50590}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{0F374929-80B0-4398-9C15-F99273F17C59}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{3A7A1ABA-0A6A-42F4-B850-A7E61C463074}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{DDE524CB-3CCF-49C9-81A6-9C7974AB7F23}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{54F0F32B-C3FF-481A-AC3B-C61788867B67}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7354eb2b-9ca0-11e9-8b82-806e6f6e6963} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\Users\petkr\Data aplikací => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS removed successfully
"C:\Users\petkr\AppData\Roaming" => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBBCA6EE-336A-4E1B-BFF9-45DF4FE47940}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{71F1AB73-FDE6-491F-B9FD-102111C50590}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F374929-80B0-4398-9C15-F99273F17C59}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A7A1ABA-0A6A-42F4-B850-A7E61C463074}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DDE524CB-3CCF-49C9-81A6-9C7974AB7F23}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{54F0F32B-C3FF-481A-AC3B-C61788867B67}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16976918 B
Java, Flash, Steam htmlcache => 920511514 B
Windows/system/drivers => 5231001 B
Edge => 4936534 B
Chrome => 0 B
Firefox => 988795498 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 416240 B
NetworkService => 428692 B
petkr => 113884541 B
RecycleBin => 1988280 B
EmptyTemp: => 1.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:07:48 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by petkr (17-06-2020 16:05:45) Run:1
Running from C:\Users\petkr\OneDrive\Desktop
Loaded Profiles: petkr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\...\MountPoints2: {7354eb2b-9ca0-11e9-8b82-806e6f6e6963} - "F:\autorun.exe"
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\petkr\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\petkr\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
FirewallRules: [{DBBCA6EE-336A-4E1B-BFF9-45DF4FE47940}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{71F1AB73-FDE6-491F-B9FD-102111C50590}] => (Allow) D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{0F374929-80B0-4398-9C15-F99273F17C59}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{3A7A1ABA-0A6A-42F4-B850-A7E61C463074}] => (Allow) D:\Steam\steamapps\common\Total War Saga Thrones of Britannia\launcher\launcher.exe => No File
FirewallRules: [{DDE524CB-3CCF-49C9-81A6-9C7974AB7F23}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
FirewallRules: [{54F0F32B-C3FF-481A-AC3B-C61788867B67}] => (Allow) E:\SteamLibrary SR\steamapps\common\Total War Rome II\launcher\launcher.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-2452798473-3973055187-1235544945-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7354eb2b-9ca0-11e9-8b82-806e6f6e6963} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\Users\petkr\Data aplikací => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS removed successfully
"C:\Users\petkr\AppData\Roaming" => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBBCA6EE-336A-4E1B-BFF9-45DF4FE47940}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{71F1AB73-FDE6-491F-B9FD-102111C50590}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F374929-80B0-4398-9C15-F99273F17C59}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A7A1ABA-0A6A-42F4-B850-A7E61C463074}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DDE524CB-3CCF-49C9-81A6-9C7974AB7F23}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{54F0F32B-C3FF-481A-AC3B-C61788867B67}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16976918 B
Java, Flash, Steam htmlcache => 920511514 B
Windows/system/drivers => 5231001 B
Edge => 4936534 B
Chrome => 0 B
Firefox => 988795498 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 416240 B
NetworkService => 428692 B
petkr => 113884541 B
RecycleBin => 1988280 B
EmptyTemp: => 1.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:07:48 ====
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - problém s PC
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - problém s PC
PC se chová lépe. Bohužel mi pořád nejdou připojit přílohy z plochy do e-mailu na senamu.
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - problém s PC
Možná to bude nastavením. Pro jistotu ještě proskenujte PC pomocí MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - problém s PC
Log z MBAM:
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 16.06.20
Čas skenování: 19:57
Logovací soubor: d98bfcde-affa-11ea-bab7-4ccc6a63ed89.json
-Informace o softwaru-
Verze: 4.1.0.56
Verze komponentů: 1.0.955
Aktualizovat verzi balíku komponent: 1.0.25594
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 18362.836)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-DK56E1E\petkr
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 286425
Zjištěné hrozby: 2
Hrozby umístěné do karantény: 0
Uplynulý čas: 0 min, 49 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU, Žádná uživatelská akce, 624, 472300, 1.0.25594, , ame,
Hodnota v registru: 1
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU|CLIENTID, Žádná uživatelská akce, 624, 472300, 1.0.25594, , ame,
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 16.06.20
Čas skenování: 19:57
Logovací soubor: d98bfcde-affa-11ea-bab7-4ccc6a63ed89.json
-Informace o softwaru-
Verze: 4.1.0.56
Verze komponentů: 1.0.955
Aktualizovat verzi balíku komponent: 1.0.25594
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 18362.836)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-DK56E1E\petkr
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 286425
Zjištěné hrozby: 2
Hrozby umístěné do karantény: 0
Uplynulý čas: 0 min, 49 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU, Žádná uživatelská akce, 624, 472300, 1.0.25594, , ame,
Hodnota v registru: 1
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU|CLIENTID, Žádná uživatelská akce, 624, 472300, 1.0.25594, , ame,
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - problém s PC
Nalezené položky smažte. Pokud se pak nic nezmění, není problém v malware, ale zřejmě v nastavení.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?