Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Po zapnutí prohlížeče vyskakuje nechtěná reklama

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
f4ky
Návštěvník
Návštěvník
Příspěvky: 32
Registrován: 20 led 2008 14:15

Po zapnutí prohlížeče vyskakuje nechtěná reklama

#1 Příspěvek od f4ky »

Dobrý den,
nejspíše sem někde klikl na něco co jsem neměl a při zapnutí prohlížeče mi vyskakuje záložka se stránkou na Aporasal.net. Zkoušel jsem to nějak smazal v google chrome, ale nenašel jsem to.
Moc Vás teda prosím o radu, jak se toho zbavit a kontrolu logu.
Děkuji.


==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [ZELOTES C-12] => C:\Program Files (x86)\ZELOTES C-12\Monitor.exe [770048 2019-01-23] () [File not signed]
HKLM-x32\...\Run: [V0770Mon.exe] => C:\WINDOWS\V0770Mon.exe
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\Run: [Discord] => C:\Users\drEd\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\Run: [Steam] => E:\steam\steam.exe [4087528 2021-04-12] (Valve -> Valve Corporation)
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90952552 2020-11-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\Run: [Facebook.MessengerDesktop] => C:\Users\drEd\AppData\Local\Programs\Messenger\Messenger.exe [110793448 2021-04-06] (Facebook, Inc. -> Facebook, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\updateSteam.bat [2018-02-04] () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2E14EFB0-309E-4794-B7B3-B76BFA2C2FDF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {536680FF-032C-4802-AE57-AE6130731225} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {580E915C-21B4-4EF8-BF97-6B087760B221} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002240 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {60704DC3-5F9F-4553-80DA-190FF81CDE55} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {77903F29-A1FA-46BF-9357-B0A295BFD50A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {91AC261D-289B-4BA3-AB4D-15CF8715D485} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A906EEEF-E708-4485-ACEE-F23B584DAC5A} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
Task: {B0175340-17D9-45B1-A78A-AC82B6363988} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C0A3EC81-FF77-4870-A168-43D12CFD045C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB8E6FEB-1C8B-4E90-BD4F-47E1AAB29C45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {D22E559D-A975-40F0-AD90-26BD81127960} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D2D95BAD-4D4E-4AFA-96FE-28E20A46ED8E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D7408E6B-1F5B-4A46-977A-94D24AF7B378} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-29] (Google LLC -> Google LLC)
Task: {ED1865D0-C53F-4FC4-AC3F-DC3680B77DBF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002240 2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F68B69AF-CA50-424E-A257-7913287EE857} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 46.28.109.117 master.gamespy.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c80269c4-30e3-4f35-b975-b622b49e8bf1}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\drEd\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-13]

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default [2021-04-14]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-29]
CHR Extension: (Dokumenty) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-29]
CHR Extension: (Disk Google) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-29]
CHR Extension: (YouTube) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-29]
CHR Extension: (Tabulky) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Gmail) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\drEd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-14]
CHR Profile: C:\Users\drEd\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2021-04-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2533952 2021-02-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3479624 2021-02-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13273104 2020-10-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] (ASUSTeK Computer Inc. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
S3 CtClsFlt; C:\WINDOWS\system32\DRIVERS\CtClsFlt.sys [188408 2015-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-14 11:55 - 2021-04-14 11:56 - 000013090 _____ C:\Users\drEd\Desktop\FRST.txt
2021-04-14 11:55 - 2021-04-14 11:55 - 000000000 ____D C:\FRST
2021-04-14 11:53 - 2021-04-14 11:53 - 002297856 _____ (Farbar) C:\Users\drEd\Desktop\FRST64.exe
2021-04-14 11:43 - 2021-04-14 11:43 - 000388608 _____ (Trend Micro Inc.) C:\Users\drEd\Desktop\hijackthis.exe
2021-04-14 09:26 - 2021-04-14 09:26 - 013534314 _____ C:\Users\drEd\Downloads\Parker.rar
2021-04-14 09:26 - 2021-04-14 09:26 - 000000000 ____D C:\Users\drEd\Downloads\Parker
2021-04-13 17:20 - 2021-04-13 16:28 - 000000000 ____D C:\Windows.old
2021-04-13 17:16 - 2021-04-13 17:20 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-04-13 17:15 - 2021-04-13 17:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-04-13 17:15 - 2021-04-13 17:15 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-04-13 17:13 - 2021-04-13 17:13 - 000000000 ____D C:\ProgramData\ssh
2021-04-13 17:09 - 2021-04-13 17:09 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-04-13 17:09 - 2021-04-13 17:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-04-13 17:09 - 2021-04-13 17:09 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-04-13 17:09 - 2021-04-13 17:09 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-04-13 17:09 - 2021-04-13 17:09 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-04-13 17:09 - 2021-04-13 17:09 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-04-13 17:09 - 2021-04-13 17:09 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-04-13 17:09 - 2021-04-13 17:09 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-04-13 17:09 - 2021-04-13 17:09 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe
2021-04-13 17:09 - 2021-04-13 17:09 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-04-13 17:09 - 2021-04-13 17:09 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-04-13 17:09 - 2021-04-13 17:09 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-04-13 17:09 - 2021-04-13 17:09 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-04-13 17:09 - 2021-04-13 17:09 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-13 17:08 - 2021-04-13 17:08 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-13 17:08 - 2021-04-13 17:08 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-04-13 17:08 - 2021-04-13 17:08 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-04-13 17:08 - 2021-04-13 17:08 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-04-13 17:08 - 2021-04-13 17:08 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-04-13 17:08 - 2021-04-13 17:08 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-04-13 17:08 - 2021-04-13 17:08 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-04-13 17:08 - 2021-04-13 17:08 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-04-13 17:08 - 2021-04-13 17:08 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-04-13 17:08 - 2021-04-13 17:08 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-04-13 17:08 - 2021-04-13 17:08 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-04-13 17:08 - 2021-04-13 17:08 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-04-13 17:08 - 2021-04-13 17:08 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-04-13 17:08 - 2021-04-13 17:08 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-04-13 17:07 - 2021-04-13 17:07 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-04-13 17:07 - 2021-04-13 17:07 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-04-13 17:07 - 2021-04-13 17:07 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-04-13 17:07 - 2021-04-13 17:07 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-04-13 17:07 - 2021-04-13 17:07 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-04-13 17:07 - 2021-04-13 17:07 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-04-13 17:07 - 2021-04-13 17:07 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-04-13 16:59 - 2021-04-13 16:59 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-04-13 16:59 - 2021-04-13 16:59 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-04-13 16:59 - 2021-04-13 16:59 - 000000000 ____D C:\Program Files\MSBuild
2021-04-13 16:59 - 2021-04-13 16:59 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-04-13 16:59 - 2021-04-13 16:59 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-04-13 16:30 - 2021-04-14 11:48 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-13 16:30 - 2021-04-13 16:30 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-04-13 16:28 - 2021-04-14 11:41 - 000003124 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-04-13 16:28 - 2021-04-14 11:41 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-04-13 16:28 - 2021-04-14 11:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-13 16:28 - 2021-04-13 16:28 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-04-13 16:28 - 2021-04-13 16:28 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-04-13 16:28 - 2021-04-13 16:28 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-13 16:28 - 2021-04-13 16:28 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-13 16:28 - 2021-04-13 16:28 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-13 16:28 - 2021-04-13 16:28 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-13 16:28 - 2021-04-13 16:28 - 000003042 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-13 16:28 - 2021-04-13 16:28 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2407153952-1791725706-3334685836-1001
2021-04-13 16:28 - 2021-04-13 16:28 - 000002388 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-04-13 16:28 - 2021-04-13 16:28 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-04-13 16:28 - 2021-04-13 16:28 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-04-13 16:28 - 2021-04-13 16:28 - 000000020 ___SH C:\Users\drEd\ntuser.ini
2021-04-13 16:28 - 2021-04-13 16:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-04-13 16:21 - 2021-04-13 16:28 - 000000000 ____D C:\Users\drEd
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Šablony
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Soubory cookie
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Poslední
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Okolní tiskárny
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Okolní síť
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Nabídka Start
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Dokumenty
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Documents\Obrázky
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Documents\Hudba
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Documents\Filmy
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\Data aplikací
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-04-13 16:21 - 2021-04-13 16:21 - 000000000 _SHDL C:\Users\drEd\AppData\Local\Data aplikací
2021-04-13 16:21 - 2019-12-07 11:10 - 000001105 _____ C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-13 16:20 - 2021-04-14 11:41 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-13 16:20 - 2021-04-14 10:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-13 16:20 - 2021-04-13 16:20 - 000444936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-13 12:42 - 2021-04-13 14:48 - 2274557952 _____ C:\Users\drEd\Downloads\Vietcong-(Zlatá-edice).iso
2021-04-13 12:33 - 2021-04-13 12:33 - 004285100 _____ C:\Users\drEd\Downloads\(wf)starwarsMaze.rar
2021-04-13 09:12 - 2021-04-13 09:12 - 000000000 ____D C:\ProgramData\Caphyon
2021-04-13 09:11 - 2021-04-13 09:12 - 000000000 ____D C:\Program Files (x86)\Warcraft III - The Frozen Throne
2021-04-13 09:10 - 2021-04-13 09:10 - 000000000 ___HD C:\$AV_ASW
2021-04-13 09:08 - 2021-04-13 09:08 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Blizzard
2021-04-12 18:15 - 2021-04-12 18:15 - 000009397 _____ C:\Users\drEd\Desktop\hry.xlsx
2021-04-12 17:33 - 2021-04-12 17:34 - 318974275 _____ C:\Users\drEd\Downloads\Čeština do Age of Empires II Definitive Edition 1.13.rar
2021-04-07 16:41 - 2021-04-13 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CZC
2021-04-07 16:41 - 2021-04-07 16:41 - 000000000 ____D C:\Program Files (x86)\CZC
2021-04-05 15:31 - 2021-04-13 16:28 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-05 15:24 - 2021-04-05 15:24 - 000000000 ___HD C:\$WinREAgent
2021-03-25 17:22 - 2021-03-25 17:22 - 007180024 _____ (FastStone Soft) C:\Users\drEd\Downloads\FSViewerSetup75.exe
2021-03-25 15:09 - 2021-03-25 15:09 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-25 15:09 - 2021-03-25 15:09 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-03-23 14:00 - 2021-03-23 14:00 - 000000695 _____ C:\Users\drEd\Desktop\vietcong_old – zástupce.lnk
2021-03-23 13:53 - 2021-03-23 13:53 - 002017840 _____ C:\Users\drEd\Downloads\vcstarterv1.65.1_cz.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-14 11:58 - 2020-12-14 13:47 - 000000000 ____D C:\Users\drEd\AppData\Local\Messenger
2021-04-14 11:57 - 2020-12-14 13:47 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Messenger
2021-04-14 11:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-14 11:53 - 2020-10-29 17:50 - 000000000 ____D C:\ProgramData\Avast Software
2021-04-14 11:48 - 2019-12-07 16:43 - 000716726 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-14 11:48 - 2019-12-07 16:43 - 000144904 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-14 11:45 - 2020-10-29 17:41 - 000000000 ____D C:\Users\drEd\AppData\Local\ClassicShell
2021-04-14 11:43 - 2020-10-29 16:58 - 000000000 ____D C:\Users\drEd\AppData\Local\VirtualStore
2021-04-14 11:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-14 11:41 - 2020-11-23 11:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-04-14 11:41 - 2020-10-29 17:03 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-04-14 11:41 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-14 09:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-14 00:05 - 2020-11-11 21:00 - 000000000 ____D C:\Users\drEd\AppData\Roaming\TS3Client
2021-04-13 23:44 - 2020-10-29 17:14 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-13 18:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-13 17:26 - 2020-10-29 17:00 - 000000000 ____D C:\Users\drEd\AppData\Local\PlaceholderTileLogoFolder
2021-04-13 17:20 - 2021-01-03 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II
2021-04-13 17:20 - 2020-11-12 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2021-04-13 17:20 - 2020-11-10 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-04-13 17:20 - 2020-11-02 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2021-04-13 17:20 - 2020-10-30 15:40 - 000000000 ____D C:\Program Files\UNP
2021-04-13 17:20 - 2020-10-29 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-13 17:20 - 2020-10-29 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-04-13 17:20 - 2020-10-29 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-04-13 17:20 - 2020-10-29 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2021-04-13 17:20 - 2020-10-29 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-04-13 17:20 - 2020-10-29 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-04-13 17:20 - 2020-10-29 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZELOTES C-12
2021-04-13 17:20 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-04-13 17:20 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-04-13 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-04-13 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-04-13 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-13 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-13 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-04-13 17:20 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-04-13 17:20 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-04-13 17:16 - 2020-11-06 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Line 6
2021-04-13 17:16 - 2020-10-29 17:03 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-04-13 17:13 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-04-13 17:13 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-04-13 17:13 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-13 17:13 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-04-13 17:13 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-04-13 17:13 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-04-13 17:12 - 2019-12-07 16:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-04-13 17:12 - 2019-12-07 16:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-04-13 16:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-04-13 16:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-04-13 16:45 - 2020-10-29 16:58 - 000000000 ____D C:\Users\drEd\AppData\Local\Packages
2021-04-13 16:45 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-04-13 16:29 - 2020-10-29 17:06 - 000000000 ____D C:\ProgramData\Packages
2021-04-13 16:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-13 16:28 - 2020-10-29 17:05 - 000000000 ____D C:\Users\drEd\AppData\Local\D3DSCache
2021-04-13 16:28 - 2020-10-29 16:58 - 000000000 ___RD C:\Users\drEd\3D Objects
2021-04-13 16:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-13 16:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-13 16:28 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-04-13 16:28 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-04-13 16:28 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-13 16:25 - 2020-11-12 23:06 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-13 16:22 - 2021-02-10 10:56 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ascaron Entertainment
2021-04-13 16:22 - 2020-11-21 15:43 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2021-04-13 16:22 - 2020-10-29 19:08 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-13 16:22 - 2020-10-29 18:24 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-04-13 16:22 - 2020-10-29 17:44 - 000000000 ____D C:\Users\drEd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-04-13 15:46 - 2020-11-21 15:42 - 000000000 ____D C:\Users\drEd\AppData\Local\JDownloader 2.0
2021-04-13 08:58 - 2020-11-01 12:57 - 000000000 ____D C:\Users\drEd\AppData\Local\CrashDumps
2021-04-12 20:18 - 2020-10-29 17:00 - 000000000 ___RD C:\Users\drEd\OneDrive
2021-04-12 20:00 - 2020-10-29 17:44 - 000000000 ____D C:\Users\drEd\AppData\Roaming\discord
2021-04-11 15:13 - 2020-11-10 15:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-06 10:21 - 2020-12-14 13:47 - 000002324 _____ C:\Users\drEd\Desktop\Messenger.lnk
2021-04-06 10:21 - 2020-11-11 18:56 - 000011415 _____ C:\Users\drEd\Desktop\platby zk.xlsx
2021-04-06 10:10 - 2020-12-03 18:54 - 000011127 _____ C:\Users\drEd\Desktop\vánoce2020.xlsx
2021-04-05 16:19 - 2020-10-29 20:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-25 15:09 - 2020-10-29 17:51 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-03-25 15:09 - 2020-10-29 17:51 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-03-25 15:08 - 2020-10-29 17:51 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-03-25 15:08 - 2020-10-29 17:51 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-03-25 15:08 - 2020-10-29 17:51 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-03-25 15:08 - 2020-10-29 17:51 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-03-23 02:28 - 2020-10-29 20:17 - 000916304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-03-23 02:28 - 2020-10-29 20:17 - 000437072 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-03-22 11:48 - 2020-10-29 18:27 - 000000000 ____D C:\Users\drEd\AppData\Local\Battle.net

==================== Files in the root of some directories ========

2020-11-01 13:12 - 2020-11-01 13:12 - 018081280 _____ (Luigi Auriemma, e-mail: me@aluigi.org, web: aluigi.org) C:\Users\drEd\AppData\Roaming\extractor.exe
2021-02-09 15:48 - 2021-02-09 15:48 - 000000099 _____ () C:\Users\drEd\AppData\Roaming\LauncherSettings_live.cfg
2020-11-01 13:12 - 2020-11-01 13:12 - 000008999 _____ () C:\Users\drEd\AppData\Roaming\script.bms
2021-02-09 15:42 - 2021-02-09 15:42 - 000002577 _____ () C:\Users\drEd\AppData\Roaming\TheHunterSettings_live.bin
2020-11-12 23:48 - 2020-11-12 23:48 - 000003584 _____ () C:\Users\drEd\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-06 18:18 - 2020-11-06 18:19 - 000000071 _____ () C:\Users\drEd\AppData\Local\userPresetInfo.json

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

f4ky
Návštěvník
Návštěvník
Příspěvky: 32
Registrován: 20 led 2008 14:15

Re: Po zapnutí prohlížeče vyskakuje nechtěná reklama

#2 Příspěvek od f4ky »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-04-2021
Ran by drEd (14-04-2021 11:59:04)
Running from C:\Users\drEd\Desktop
Windows 10 Pro Version 20H2 19042.867 (X64) (2021-04-13 14:28:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2407153952-1791725706-3334685836-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2407153952-1791725706-3334685836-503 - Limited - Disabled)
drEd (S-1-5-21-2407153952-1791725706-3334685836-1001 - Administrator - Enabled) => C:\Users\drEd
Guest (S-1-5-21-2407153952-1791725706-3334685836-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2407153952-1791725706-3334685836-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ableton Live 9 Suite (HKLM\...\{7AF3ACA2-C6F3-4D19-B8D4-72D45CC240B4}) (Version: 9.0.0.0 - Ableton)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.9.1 - Advanced Micro Devices, Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CZC Guardian GK950 (HKLM-x32\...\CZC Guardian GK950_is1) (Version: 1.0 - CZC.cz s.r.o.)
Discord (HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.128 - Google LLC)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Line 6 Spider V Remote Uninstaller (HKLM-x32\...\Line 6 Spider V Remote Uninstaller) (Version: 2.00 - Line 6)
Live! Cam Sync HD VF0770 Driver (1.00.07.00) (HKLM\...\Creative VF0770) (Version: - Creative Technology Ltd.)
Messenger 97.11.116 (HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 97.11.116 - Facebook, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.75 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E6BD8D0F-BA0D-4A4B-A5A8-C74DEB8365F9}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.93.46608 - Electronic Arts, Inc.)
Port Royale 2 (HKLM-x32\...\Port Royale 2) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Skype verze 8.66 (HKLM-x32\...\Skype_is1) (Version: 8.66 - Skype Technologies S.A.)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.11.6 - TeamViewer)
Warcraft III - The Frozen Throne v1.26 (HKLM-x32\...\Warcraft III - The Frozen Throne v1.26 1.26) (Version: 1.26 - Blizzard)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
ZELOTES C-12 (HKLM-x32\...\{AC33C3DF-FE4C-4DE5-B72F-20271845456D}_is1) (Version: 1.0 - )

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-04-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-04-13] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0 [2021-04-05] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-04-06 10:21 - 2021-04-06 00:08 - 054230528 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\addon.node
2021-04-06 10:21 - 2021-04-06 00:08 - 000763392 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\keytar.node
2021-04-06 10:21 - 2021-04-06 00:08 - 000750080 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\logging.node
2021-04-06 10:21 - 2021-04-06 00:08 - 001037824 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\spellchecker_win.node
2021-04-06 10:21 - 2021-04-06 00:08 - 001218560 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\systeminfo.node
2021-04-06 10:21 - 2021-04-06 00:08 - 000681984 _____ () [File not signed] \\?\C:\Users\drEd\AppData\Local\Programs\Messenger\resources\app.asar.unpacked\build\windows.ui.notifications.node
2020-10-29 17:10 - 2015-05-08 14:26 - 000104448 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2020-10-29 17:10 - 2021-04-14 11:41 - 000033792 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2020-10-29 17:30 - 2018-08-06 19:06 - 000049152 _____ () [File not signed] C:\Program Files (x86)\ZELOTES C-12\hiddriver.dll
2020-10-29 17:30 - 2018-11-02 15:22 - 000057344 _____ () [File not signed] C:\Program Files (x86)\ZELOTES C-12\lan.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-09-09 21:49 - 2020-09-09 21:49 - 001583104 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 14:15 - 2018-07-15 14:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2021-01-03 14:59 - 2021-01-03 14:59 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Origin\LIBEAY32.dll
2021-01-03 14:59 - 2021-01-03 14:59 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Origin\ssleay32.dll
2021-01-03 14:59 - 2021-01-03 14:59 - 001611264 _____ (The Qt Company Ltd) [File not signed] E:\Origin\platforms\qwindows.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 005487104 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Core.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 005841920 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Gui.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 001179136 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Network.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 000146432 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5WebSockets.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 005089792 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Widgets.dll
2021-03-01 23:28 - 2021-01-03 14:59 - 000184832 _____ (The Qt Company Ltd) [File not signed] E:\Origin\Qt5Xml.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-09-09 21:57 - 2020-09-09 21:57 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 15:57 - 2020-07-27 15:57 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-09-09 21:57 - 2020-09-09 21:57 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2021-03-23 13:59 - 000000858 _____ C:\WINDOWS\system32\drivers\etc\hosts
46.28.109.117 master.gamespy.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\drEd\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\kai-oberhauser-UnWYxJ_0WnM-unsplash.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "V0770Mon.exe"
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2407153952-1791725706-3334685836-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{CB4CF2DC-32C8-49C5-90EE-614F9E3758F1}G:\games\vietcong\vcded.exe] => (Allow) G:\games\vietcong\vcded.exe () [File not signed]
FirewallRules: [TCP Query User{9E24B78E-D80A-420F-AC56-02A4D0CA0873}G:\games\vietcong\vcded.exe] => (Allow) G:\games\vietcong\vcded.exe () [File not signed]
FirewallRules: [UDP Query User{EBB44F8E-E096-4191-862B-E3F825F32571}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{42C39D80-4AE3-415A-BBE4-128DD6E8B8F8}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{EF347867-E5F3-4637-9A0E-5C49C76637FA}E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable - cz\empires2.exe] => (Allow) E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable - cz\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{4341F791-F620-4ED8-B638-1F1C12A333CB}E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable - cz\empires2.exe] => (Allow) E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable - cz\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{3F506879-2198-4696-A914-A80D42B12B73}E:\q3a\quake3\quake3.exe] => (Allow) E:\q3a\quake3\quake3.exe => No File
FirewallRules: [TCP Query User{466EEC3D-D6AB-4B99-B1C7-6204C5CD35CD}E:\q3a\quake3\quake3.exe] => (Allow) E:\q3a\quake3\quake3.exe => No File
FirewallRules: [UDP Query User{C356EC9A-89BE-457D-96F0-FF34B3C2A001}E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable en, cz + voobly mods + patches\empires2.exe] => (Allow) E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable en, cz + voobly mods + patches\empires2.exe => No File
FirewallRules: [TCP Query User{9774D12C-60EA-4703-9D95-48896AF3FA5E}E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable en, cz + voobly mods + patches\empires2.exe] => (Allow) E:\stahované\lan\age of empires 2 portable en, cz voobly mods patches\age of empires 2 portable en, cz + voobly mods + patches\empires2.exe => No File
FirewallRules: [{B5AD51A4-241B-4F98-91B8-E10E4F85E58C}] => (Allow) E:\steam\steamapps\common\theHunter\launcher\launcher.exe (Expansive Worlds AB -> Expansive Worlds)
FirewallRules: [{8B425BEA-D9BA-4948-B3CB-3781D300E29A}] => (Allow) E:\steam\steamapps\common\theHunter\launcher\launcher.exe (Expansive Worlds AB -> Expansive Worlds)
FirewallRules: [{5CF43797-5621-4334-A3A0-B11732C146E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36F1F43F-66CB-4855-A1F8-1DBC050C11C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AFAB59FA-B52D-484C-9824-B5C90B0D612C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1CFF5F34-F9A3-428E-899D-B5E66FE958DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6518FA99-7A05-47A9-9A0D-3D9B03C7878E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE7DD9F9-A42D-4ED1-9192-3E2A01E30454}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC7D3DA3-8605-4575-8CA0-A2365B0E12F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0CC00A0-FFF8-4438-A0CA-6FEB3180E614}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{41474BF7-2C62-4EA2-AC2C-0C8507CD9295}] => (Allow) E:\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{5A6787F9-1F25-4F5F-9FAA-CD63577AA210}] => (Allow) E:\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [UDP Query User{9AA41EB4-4906-4EEC-9E64-5A15008DED8D}G:\games\vietcong\vietcong_old.exe] => (Allow) G:\games\vietcong\vietcong_old.exe () [File not signed]
FirewallRules: [TCP Query User{31B0B19C-EB2A-4A50-BDB0-633CB7125267}G:\games\vietcong\vietcong_old.exe] => (Allow) G:\games\vietcong\vietcong_old.exe () [File not signed]
FirewallRules: [{09154272-5643-45EB-97A2-BB7A9325F375}] => (Allow) E:\steam\steamapps\common\Pilgrims\Pilgrims.exe () [File not signed]
FirewallRules: [{81004E48-143D-43E1-B3EF-FAAC5468C805}] => (Allow) E:\steam\steamapps\common\Pilgrims\Pilgrims.exe () [File not signed]
FirewallRules: [{B6A80648-BE7F-4C16-B8AC-E2ABA43995E2}] => (Allow) E:\steam\steamapps\common\Artifact 2.0\game\bin\win64\dcg.exe (Valve -> Valve Software)
FirewallRules: [{D36F8408-CCCD-4FCE-AF06-993DA5864A09}] => (Allow) E:\steam\steamapps\common\Artifact 2.0\game\bin\win64\dcg.exe (Valve -> Valve Software)
FirewallRules: [{5A669738-1456-4D4F-824B-67AB3E7895AC}] => (Allow) E:\steam\steamapps\common\Northgard\ng32\Northgard.exe () [File not signed]
FirewallRules: [{D09C34EA-7C81-4299-85E6-F43A56F78B57}] => (Allow) E:\steam\steamapps\common\Northgard\ng32\Northgard.exe () [File not signed]
FirewallRules: [{EE1927F3-28E6-47DE-AC0D-C90962BDD395}] => (Allow) E:\steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe () [File not signed]
FirewallRules: [{30C2CFBA-FE57-4623-B0C6-423121C93289}] => (Allow) E:\steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe () [File not signed]
FirewallRules: [{ACDFB40F-A3F9-459A-B8E7-E95B79237F98}] => (Allow) E:\steam\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{2CD53C63-79EF-4808-AD3B-05949B1C3CE6}] => (Allow) E:\steam\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [UDP Query User{9FB50C1E-60E2-43F0-B47B-13A2FBD06D9A}E:\steam\steamapps\common\thqbcnp1\gothicremake\binaries\win64\gothicremake.exe] => (Allow) E:\steam\steamapps\common\thqbcnp1\gothicremake\binaries\win64\gothicremake.exe => No File
FirewallRules: [TCP Query User{03A7E6B4-0A47-4172-8E9E-6748DF5E6F57}E:\steam\steamapps\common\thqbcnp1\gothicremake\binaries\win64\gothicremake.exe] => (Allow) E:\steam\steamapps\common\thqbcnp1\gothicremake\binaries\win64\gothicremake.exe => No File
FirewallRules: [{6C41067E-C2EF-469B-9B9C-F5BF3F33FAD2}] => (Allow) E:\steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{5934A774-C8CA-4A0E-8211-DD65EA2383D1}] => (Allow) E:\steam\steamapps\common\Endless Space 2\EndlessSpace2.exe () [File not signed]
FirewallRules: [{38D71575-0B8F-4E20-AA9A-798078C08C4C}] => (Allow) E:\steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [{F82C9327-5B9A-459F-BF12-5DBFF80E0C66}] => (Allow) E:\steam\steamapps\common\Risen 2\system\Risen2.exe (Valve Corp. -> Piranha Bytes) [File not signed]
FirewallRules: [UDP Query User{CF021F33-AD1F-479D-BD5C-043764C8F064}E:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe] => (Allow) E:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [TCP Query User{7E433A6E-09EA-4581-A4CC-1F3ABE45E330}E:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe] => (Allow) E:\steam\steamapps\common\company of heroes relaunch\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [UDP Query User{7573565E-2FF3-4B52-BFD7-82659FF2DA3C}E:\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) E:\steam\steamapps\common\thehunter\game\thehunter.exe (Expansive Worlds AB -> Expansive Worlds)
FirewallRules: [TCP Query User{0DD7450D-AD82-4026-AB1B-0A9E84002219}E:\steam\steamapps\common\thehunter\game\thehunter.exe] => (Allow) E:\steam\steamapps\common\thehunter\game\thehunter.exe (Expansive Worlds AB -> Expansive Worlds)
FirewallRules: [{BE4E8610-A821-4171-9ADE-0854DB6B235D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F63B5CDA-A37B-4CB6-8BC4-FAE8348CA045}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A76D0194-8BE9-45F4-80C8-0577CC599236}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AB3D9BE-3B0C-4554-8A90-617F22D88BF0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95F933BB-137C-49E2-AF7E-ADFEF52354DD}] => (Allow) E:\steam\steamapps\common\Spore\SporeBin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) [File not signed]
FirewallRules: [{978C0327-572B-4723-A53C-659EA73CA8BD}] => (Allow) E:\steam\steamapps\common\Spore\SporeBin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) [File not signed]
FirewallRules: [{3B9A09BC-918D-42EA-B10D-D65617DB0C7B}] => (Allow) E:\steam\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe (Archaic Entertainment Ltd.) [File not signed]
FirewallRules: [{2A8EEC5C-6852-45F5-B970-C2545D63CD38}] => (Allow) E:\steam\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe (Archaic Entertainment Ltd.) [File not signed]
FirewallRules: [{74BC6CBD-89A0-4DB4-BE8B-F5E1BE5B36C1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2B52897D-31DD-4B6B-9A88-66479D533BD4}E:\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) E:\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [TCP Query User{F2D175C4-658F-4EA7-A650-198CB296F899}E:\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe] => (Allow) E:\steam\steamapps\common\need for speed(tm) most wanted\nfs13.exe => No File
FirewallRules: [{C4AABE67-CCF7-4B00-95F1-740594A23F0F}] => (Allow) E:\OriginLibrary\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{CCAA83FA-E28E-4314-9C9C-6BD2B3473857}] => (Allow) E:\OriginLibrary\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{239F2F54-BB63-4FCB-9AE6-D1432C46F7F8}] => (Allow) E:\OriginLibrary\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{7C170081-181E-42EC-B5A7-7A6BC3024D0B}] => (Allow) E:\OriginLibrary\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{3D37E846-D11B-40C1-BBC0-9E80C1F98829}] => (Allow) E:\steam\steamapps\common\Robin Hood\Game.exe (Spellbound Studios GmbH) [File not signed]
FirewallRules: [{1D50399A-1E60-4137-AA86-CE5E9EEBEC51}] => (Allow) E:\steam\steamapps\common\Robin Hood\Game.exe (Spellbound Studios GmbH) [File not signed]
FirewallRules: [{E4E8B490-918D-4F5F-A2CD-2386CBCE2982}] => (Allow) E:\steam\steamapps\common\ValveTestApp207490\Rayman Origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{A8524174-1DB4-424C-B6C4-B2EB1DD168CF}] => (Allow) E:\steam\steamapps\common\ValveTestApp207490\Rayman Origins.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{2A085253-53A0-4C10-9202-8F212532ECBC}] => (Allow) E:\steam\steamapps\common\Equilinox\EquilinoxWindows32.exe () [File not signed]
FirewallRules: [{731AFBEF-7937-4214-805F-201721A51960}] => (Allow) E:\steam\steamapps\common\Equilinox\EquilinoxWindows32.exe () [File not signed]
FirewallRules: [{A00F39C7-5F16-49AE-8A3A-98C89A231497}] => (Allow) E:\steam\steamapps\common\Darksburg\Darksburg.exe () [File not signed]
FirewallRules: [{C60D10CD-27BB-4FBB-B1E3-077747A5BB48}] => (Allow) E:\steam\steamapps\common\Darksburg\Darksburg.exe () [File not signed]
FirewallRules: [{5AA37365-5D90-417C-83E4-12F98FAF7D12}] => (Allow) E:\steam\steamapps\common\Gallic Wars Battle Simulator\GallicWars.exe () [File not signed]
FirewallRules: [{71A3A575-4958-4386-84AB-F01E68F6C79D}] => (Allow) E:\steam\steamapps\common\Gallic Wars Battle Simulator\GallicWars.exe () [File not signed]
FirewallRules: [UDP Query User{813F139C-F306-46B7-9CC7-013A1F910765}E:\steam\steamapps\common\quake live\quakelive_steam.exe] => (Allow) E:\steam\steamapps\common\quake live\quakelive_steam.exe (id Software Inc.) [File not signed]
FirewallRules: [TCP Query User{8C0E74C0-14AB-4AB1-BC1A-6A5D12238533}E:\steam\steamapps\common\quake live\quakelive_steam.exe] => (Allow) E:\steam\steamapps\common\quake live\quakelive_steam.exe (id Software Inc.) [File not signed]
FirewallRules: [{7BF165CC-A8E0-415C-8134-EC5AC379A06E}] => (Allow) E:\steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{B6B967B9-B867-4942-B79E-6816472EBC8E}] => (Allow) E:\steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{A5B82005-C570-46ED-84A0-D16F57B385C5}] => (Allow) E:\steam\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [{FED93F88-AE62-4EBE-B309-963376CAF570}] => (Allow) E:\steam\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [UDP Query User{B41A4470-055B-4748-86E1-6CBC6DC43A14}E:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) E:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{41A10ED3-AAAD-45E3-B73E-C0BDE9A16F39}E:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) E:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [UDP Query User{207C880C-E150-41C9-900F-A45C6FD77B45}C:\users\dred\downloads\fullc_041120.exe] => (Allow) C:\users\dred\downloads\fullc_041120.exe (AN-D.cz) [File not signed]
FirewallRules: [TCP Query User{CB6748F9-729D-440A-9F2A-704AE7012425}C:\users\dred\downloads\fullc_041120.exe] => (Allow) C:\users\dred\downloads\fullc_041120.exe (AN-D.cz) [File not signed]
FirewallRules: [{1402370D-0318-48D5-8873-93104909A5C9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C6AE8C31-6184-4D70-962A-CFD6AF86F3B0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{48078CDB-2E64-480F-BE68-4C828FD880CC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FDCA43CA-EEF4-4BD1-A63C-23F2143829B9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{673071CB-6E40-4C59-9D60-7C51D9C91D1F}] => (Allow) E:\steam\steamapps\common\Company of Heroes Relaunch\AutoUpdater.exe (Home) [File not signed]
FirewallRules: [{39B21B31-5DE6-49D4-9984-0A3AB81A51C0}] => (Allow) E:\steam\steamapps\common\Company of Heroes Relaunch\AutoUpdater.exe (Home) [File not signed]
FirewallRules: [{597C5CE6-05B6-460A-89E9-A6F460A9131D}] => (Allow) E:\steam\steamapps\common\ToothAndTail\ToothAndTail.exe (Pocketwatch Games) [File not signed]
FirewallRules: [{4DC5886A-0228-43E3-BAAA-9CA78CFB474A}] => (Allow) E:\steam\steamapps\common\ToothAndTail\ToothAndTail.exe (Pocketwatch Games) [File not signed]
FirewallRules: [{F6FC99FF-8270-47DA-B316-48D172E38EBC}] => (Allow) E:\steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{AB8AD405-ADCB-4A7C-BF08-C9C2E3E7587E}] => (Allow) E:\steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{A562FA1C-354F-4FE1-8D40-12CE14CAC1E7}] => (Allow) E:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{75512151-E20F-4221-99F8-EEE21723F6F2}] => (Allow) E:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{B719E24D-F77B-4794-BD75-F7C34880CFC1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6975869-6CF7-420E-9A1F-5E639BC42F7E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{10CB0D32-0CD1-4869-8E71-99DE05A98D49}] => (Allow) E:\steam\steamapps\common\Driver Booster 6 for Steam\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{FA276397-9E2D-4F39-A9EA-8BC26E2E2198}] => (Allow) E:\steam\steamapps\common\Driver Booster 6 for Steam\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{41C30779-9D83-455C-9C61-5E799A71A80E}] => (Allow) E:\steam\steamapps\common\Call of War\Call of War.exe (Bytro Labs GmbH) [File not signed]
FirewallRules: [{4B5778D2-F902-4AFD-B31B-3FC56357794C}] => (Allow) E:\steam\steamapps\common\Call of War\Call of War.exe (Bytro Labs GmbH) [File not signed]
FirewallRules: [{E45FC1A5-5819-4503-B182-AAE6E09509D2}] => (Allow) E:\steam\steamapps\common\War Selection\SteamLauncher.exe () [File not signed]
FirewallRules: [{AFCF63E0-D941-4BCA-8347-5834EA4692BB}] => (Allow) E:\steam\steamapps\common\War Selection\SteamLauncher.exe () [File not signed]
FirewallRules: [{5CA42AE6-E72A-43BD-A4F4-777179FBC70F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B3B858EE-53CD-4F92-8B28-1908BB21AF87}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CAE08B67-5126-4FF0-9F69-C2570A18C18B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{533D7BA7-4012-42F8-BBB0-27A149C72F86}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A80F8F3-66ED-482C-82F3-ED93727976F7}] => (Allow) E:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2E69AB14-E06A-48BE-9863-C6C0F765BCDC}] => (Allow) E:\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B15887EE-A8E5-4555-B2AB-0B0C0429E96B}] => (Allow) E:\steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{EB95CA43-F4E8-4EFB-97B7-52ADDF2B8F99}] => (Allow) E:\steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{2FF1D9F7-F69F-4833-A9FE-5BBD85AFA003}E:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) E:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [UDP Query User{CB5647C8-312B-424C-9A45-9158618B49D8}E:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) E:\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6DB1B403-7BFB-4F96-92B3-397DC63456FA}] => (Allow) E:\steam\steamapps\common\Braveland Heroes\braveland_heroes.exe () [File not signed]
FirewallRules: [{1AEFB372-2D70-46EF-8225-D90E86A53666}] => (Allow) E:\steam\steamapps\common\Braveland Heroes\braveland_heroes.exe () [File not signed]
FirewallRules: [{96A89403-7C99-45E4-85D8-059CFF6D7EB8}] => (Allow) E:\steam\steamapps\common\Journeys in Middle-earth\JiME.exe () [File not signed]
FirewallRules: [{683971D9-7892-4AAC-8839-26002C2F364A}] => (Allow) E:\steam\steamapps\common\Journeys in Middle-earth\JiME.exe () [File not signed]
FirewallRules: [{27248A43-D4BC-48F8-A63A-A2FBA6E0FC71}] => (Allow) E:\steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{74724928-8D4C-4E2E-9973-5A8B7D1C36E8}] => (Allow) E:\steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{91A09514-C3FA-4573-A617-33F6E06E55CD}] => (Allow) E:\steam\steamapps\common\Sudden Strike 4\SuddenStrike4.exe () [File not signed]
FirewallRules: [{01542B0E-693B-46DB-AE83-D004753B67E4}] => (Allow) E:\steam\steamapps\common\Sudden Strike 4\SuddenStrike4.exe () [File not signed]
FirewallRules: [{702128FC-742D-4C21-A988-56245B296C31}] => (Allow) E:\steam\steamapps\common\FlameInTheFlood\RiverGame.exe () [File not signed]
FirewallRules: [{64C2AC3A-7A95-44F9-A2C2-63A20CA06420}] => (Allow) E:\steam\steamapps\common\FlameInTheFlood\RiverGame.exe () [File not signed]
FirewallRules: [{A96612BE-1BBC-41A6-B137-24BFD792869E}] => (Allow) E:\steam\steamapps\common\CHUCHEL\Chuchel.exe () [File not signed]
FirewallRules: [{506E47C5-1177-476A-9E35-2229DC8F4567}] => (Allow) E:\steam\steamapps\common\CHUCHEL\Chuchel.exe () [File not signed]
FirewallRules: [{E6AC2D2C-CCB2-4479-AB60-DD2B09975A22}] => (Allow) E:\steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{A098FA50-B243-4C50-8537-D520BB177E98}] => (Allow) E:\steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{D46C08C6-3121-40E7-91B7-CB3B910A7775}] => (Allow) E:\steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{50FBBDFC-E9AA-4674-8D95-0E8FC9E835C4}] => (Allow) E:\steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{0F6DEB89-A2BB-4B86-9B7D-75AC324D4A1D}] => (Allow) E:\steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [{E33994C0-3E63-4535-B0CC-58BBA28F808A}] => (Allow) E:\steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS)
FirewallRules: [TCP Query User{3C7063AC-366A-4758-A90F-12FA4B7AB51A}E:\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{829E5D67-A32A-40B8-A1F4-9EDCECB6072C}E:\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\flameintheflood\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{AB323402-CEAA-4C96-8D68-6AFF3547A8B5}E:\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{511B3F3F-5656-4521-9804-8FD5879DD443}E:\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{99EB0478-D8F1-44C0-A579-DB5B6BB65EAD}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{ECFA504A-5941-4BB5-8E7B-F5355638CC01}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{D3819CE6-EC4B-4756-A4C8-130565C4E22D}E:\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steam\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{519E7D7E-A389-4418-8013-ECF25DC58A65}E:\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steam\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{CEDA94BE-88A7-4DFE-BE44-736461ABF55E}] => (Allow) E:\steam\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{BED49D63-7254-494C-8684-1798774AEB6C}] => (Allow) E:\steam\steamapps\common\WW1GameSeries\Verdun\Verdun.exe () [File not signed]
FirewallRules: [{59547962-D9C9-4C19-BF28-65B55EBCB68B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:25.72 GB) (23%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/13/2021 04:30:47 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/13/2021 04:21:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.


System errors:
=============
Error: (04/14/2021 11:41:08 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/14/2021 11:41:08 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/14/2021 12:10:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/14/2021 12:10:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/14/2021 12:10:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/14/2021 12:10:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/13/2021 04:31:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/13/2021 04:31:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).


CodeIntegrity:
===============
Date: 2021-04-14 11:58:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2501 04/07/2014
Motherboard: ASUSTeK COMPUTER INC. M5A97 R2.0
Processor: AMD FX(tm)-8300 Eight-Core Processor
Percentage of memory in use: 39%
Total physical RAM: 16283.5 MB
Available physical RAM: 9802.1 MB
Total Virtual: 18715.5 MB
Available Virtual: 8692.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.19 GB) (Free:25.72 GB) NTFS
Drive d: () (Fixed) (Total:115.14 GB) (Free:47.64 GB) NTFS
Drive e: (Data) (Fixed) (Total:1863.01 GB) (Free:408.59 GB) NTFS
Drive g: (DATA) (Fixed) (Total:319.28 GB) (Free:198.86 GB) NTFS
Drive h: () (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

\\?\Volume{bab95dac-5422-448f-994c-5735cbd50b6a}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{f35b4878-cfcc-437e-8b1b-25d34baead47}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 93ED058E)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C23DD165)
Partition 1: (Not Active) - (Size=115.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=31.3 GB) - (Type=05)
Partition 3: (Not Active) - (Size=319.3 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: FA6126BE)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Size: 149 GB) (Disk ID: 00097F86)
Partition 1: (Active) - (Size=243 MB) - (Type=83)
Partition 2: (Not Active) - (Size=145.5 GB) - (Type=05)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Po zapnutí prohlížeče vyskakuje nechtěná reklama

#3 Příspěvek od Rudy »

Zdravím!
Smažte tento soubor: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\updateSteam.bat a restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

f4ky
Návštěvník
Návštěvník
Příspěvky: 32
Registrován: 20 led 2008 14:15

Re: Po zapnutí prohlížeče vyskakuje nechtěná reklama

#4 Příspěvek od f4ky »

Pomohlo, díky moc!

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Po zapnutí prohlížeče vyskakuje nechtěná reklama

#5 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět