Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2021
Ran by Pc (administrator) on DESKTOP-DIP6TE3 (Micro-Star International Co., Ltd. MS-7C52) (21-09-2021 14:55:58)
Running from C:\Users\Pc\Downloads
Loaded Profiles: Pc
Platform: Windows 10 Pro Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Wondershare\Wondershare dr.fone (CPC)\Addins\Eraser\ElevationService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <28>
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\7.0.1\Scheduler.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WaaSMedicAgent.exe
(Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®) C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.) C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\Wondershare dr.fone (CPC)\Addins\Repair\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1138416 2020-07-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe [15767792 2021-02-25] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [340440 2021-04-16] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> )
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [Discord] => C:\Users\Pc\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282600 2021-09-14] (Valve -> Valve Corporation)
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Pc\AppData\Local\Microsoft\Teams\Update.exe [2454184 2021-05-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [EpicGamesLauncher] => D:\Programy\Epic\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33316840 2021-08-22] (Epic Games, Inc -> Epic Games, Inc.)
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [com.blitz.app] => C:\Users\Pc\AppData\Local\Programs\Blitz\Blitz.exe [108260048 2020-11-14] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [WallpaperEngine] => "C:\Users\Pc\Desktop\Wallpaper.Engine.Build.1.0.746\wallpaper32.exe" -silent
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [Gaijin.Net Updater] => C:\Users\Pc\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-24] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19878448 2020-12-29] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [Spotify] => C:\Users\Pc\AppData\Roaming\Spotify\Spotify.exe [24731784 2021-08-26] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [AYYnthfk] => C:\Users\Pc\AppData\Roaming\KEiZizen.jse [1008 2021-09-17] () [File not signed]
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Policies\Explorer\DisallowRun: [1] 1.exe
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Policies\Explorer\DisallowRun: [2] irsetup.exe
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\MountPoints2: {1eb2dfb5-b7db-11eb-a996-2cf05d2cf332} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\MountPoints2: {5881e1e6-5eda-11eb-a8dd-2cf05d2cf332} - "G:\autorun.exe" "intro.html"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAndroidAppHelper.lnk [2021-03-09]
ShortcutTarget: WSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\Wondershare dr.fone (CPC)\Addins\SocialApps\WSAndroidAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAppHelper.lnk [2021-03-09]
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\Wondershare dr.fone (CPC)\Addins\SocialApps\WSAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {078F82C6-77C0-4D2E-9949-14E9B85BD042} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1F9DF23A-56F6-4859-940A-D5D1435FBA06} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {205A518F-CD3D-46F2-B04D-76ED5940C226} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64936 2021-01-26] (Microsoft Corporation -> Microsoft)
Task: {2D5E32AC-C3D4-4874-9E4B-9BCC38AD0B7E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4241D077-76D6-4BB6-9408-30B3CC816A01} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-25] (Google LLC -> Google LLC)
Task: {424B211B-0D1D-40F4-A2BC-C1D70ED2E19E} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {45558125-AFC0-4AED-91FB-0F20A5E25C45} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {470E112B-A5E1-422C-868A-9F7406A1F3C0} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.0.1\Scheduler.exe [149776 2019-08-14] (IObit Information Technology -> IObit)
Task: {4A4F73C0-B73E-4697-87DA-EB2E6311133E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4EB7A0A3-8B3D-43F9-BF42-3E4999619B51} - System32\Tasks\update-S-1-5-21-1162680484-1263434181-313051435-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5C8AF4B9-E13E-40DD-A3BA-2852C24D6046} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {67247292-2817-496E-AAF8-D0C8C57D90D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-25] (Google LLC -> Google LLC)
Task: {715A5E07-C1CE-4B52-88DA-D7A1A674473D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {718F8211-A682-4D12-B607-FEF87E1375E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {84A4A55B-7B38-4BBB-A02A-B0F029B4E559} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {860E610C-8DE8-4646-AD5E-4A6F95A1F88B} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {A515DA3E-E6A2-4082-A4D9-7070AD8F7588} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AB6B84B6-F00A-47A5-8F76-9858652B6FE0} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [271520 2021-06-10] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {ADF95E4F-1B75-4B7E-9C85-8D9AE4762555} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {B6A9ECC9-FBCB-42DF-A520-91CF662085F0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C59EF620-B824-48A5-8C08-659975F5CDFF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {ED40A15D-519A-4429-A15D-EF21C75A90AF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF4F292D-C756-482C-98B1-F74EA0849C75} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\update-S-1-5-21-1162680484-1263434181-313051435-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{0d47ccf2-54c3-40ea-ae96-47727ba1edc6}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{a5da5cce-d40a-49c5-8835-4a5dee58da01}: [DhcpNameServer] 172.20.10.1
Edge:
=======
Edge Profile: C:\Users\Pc\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-04]
Edge Extension: (TotalСashback — кэшбэк-сервис) - C:\Users\Pc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eofogjfkadmolbbmnlbohhbkhbodcjjm [2021-02-25]
Edge HKLM-x32\...\Edge\Extension: [eofogjfkadmolbbmnlbohhbkhbodcjjm]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> D:\Programy\java\bin\dtplugin\npDeployJava1.dll [2020-11-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> D:\Programy\java\bin\plugin2\npjp2.dll [2020-11-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default [2021-09-21]
CHR Notifications: Default -> hxxps://www90.elbaestes.pro
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.youtube.com/s/desktop/ebcf1b0f/img/favicon.ico
CHR Extension: (Prezentace) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-25]
CHR Extension: (YouTube) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2021-02-25]
CHR Extension: (Dokumenty) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-25]
CHR Extension: (Disk Google) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-02-25]
CHR Extension: (YouTube) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-25]
CHR Extension: (Facebook) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2021-02-25]
CHR Extension: (Tabulky) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-25]
CHR Extension: (Hamty.cz doplněk) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gccfnphpieojibjmnodiiobdapckkkfb [2021-08-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-09-10]
CHR Extension: (PowerPoint Online) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2021-02-25]
CHR Extension: (PDF editor online) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\njbdnibcpdbppaidpkopicbkgnbnkkhi [2021-02-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-25]
CHR Extension: (Gmail) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-25]
CHR Profile: C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-12]
CHR Extension: (Adblocker for Youtube™) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\dohhllnjedhiiabhboagadalhcckcddc [2021-02-21] [UpdateUrl:hxxps://clients87.google.com/service/update2/crx] <==== ATTENTION
CHR Profile: C:\Users\Pc\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-12]
CHR Extension: (Adblocker for Youtube™) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\dohhllnjedhiiabhboagadalhcckcddc [2021-02-21] [UpdateUrl:hxxps://clients94.google.com/service/update2/crx] <==== ATTENTION
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-01-30] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2020-11-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ElevationService; C:\Program Files (x86)\Wondershare\Wondershare dr.fone (CPC)\Addins\Eraser\ElevationService.exe [913408 2021-01-20] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2021-09-18] (Malwarebytes Inc -> Malwarebytes)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [115304 2021-08-04] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-08-04] (Proton Technologies AG -> )
S3 Rockstar Service; D:\Hry\Launcher\RockstarService.exe [2020144 2021-09-16] (Rockstar Games, Inc. -> Rockstar Games)
R2 tmInstall; C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.EXE [130056 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster®)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-11-08] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-12-10] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\Wondershare dr.fone (CPC)\Addins\Repair\DriverInstall.exe [124376 2021-02-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 wuauserv; C:\Windows\system32\svchost.exe [57360 2020-11-09] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [47016 2020-11-09] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 ZAMSvc; C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe [15767792 2021-02-25] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [315632 2021-06-10] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2021-09-18] (Malwarebytes Corporation -> Malwarebytes)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-11-07] (Martin Malik - REALiX -> REALiX(tm))
R1 HWiNFO_150; C:\Windows\system32\drivers\HWiNFO64A_150.SYS [62240 2020-11-07] (Martin Malik - REALiX -> REALiX(tm))
S3 Larmkanal; C:\Windows\System32\drivers\Larmkanal.sys [33144 2015-04-23] (ADORIASOFT LLC -> Adoriasoft LLC)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217088 2021-09-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197280 2021-09-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73880 2021-09-21] (Malwarebytes Inc -> Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2021-09-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [131232 2021-09-21] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 Phosgene; C:\Windows\system32\DRIVERS\Phosgene.sys [34168 2015-08-28] (ADORIASOFT LLC -> Adoriasoft LLC)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tmhidusb; C:\Windows\system32\DRIVERS\tmhidusb.sys [340488 2018-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Thrustmaster)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [38704 2021-09-17] (WireGuard LLC -> WireGuard LLC)
S3 xhunter1; C:\Windows\xhunter1.sys [74552 2020-11-08] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2021-02-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2021-02-25] (Zemana Ltd. -> Zemana Ltd.)
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-21 14:55 - 2021-09-21 14:57 - 000026739 _____ C:\Users\Pc\Downloads\FRST.txt
2021-09-21 14:55 - 2021-09-21 14:57 - 000000000 ____D C:\FRST
2021-09-21 14:55 - 2021-09-21 14:55 - 002304512 _____ (Farbar) C:\Users\Pc\Downloads\FRST64.exe
2021-09-21 14:46 - 2021-09-21 14:46 - 000073880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-09-21 14:45 - 2021-09-21 14:45 - 000217088 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-09-21 14:45 - 2021-09-21 14:45 - 000197280 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-09-21 14:45 - 2021-09-21 14:45 - 000131232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-09-19 22:01 - 2021-09-19 22:01 - 004668391 _____ C:\Users\Pc\Downloads\1245
2021-09-19 22:01 - 2021-09-19 22:01 - 004254527 _____ C:\Users\Pc\Downloads\unknown1
2021-09-19 19:11 - 2021-09-20 15:47 - 000000000 ____D C:\Users\Pc\AppData\Local\FiveM
2021-09-19 19:11 - 2021-09-19 19:11 - 005764072 _____ (Cfx.re) C:\Users\Pc\Downloads\FiveM (2).exe
2021-09-19 19:11 - 2021-09-19 19:11 - 000002123 _____ C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2021-09-19 19:11 - 2021-09-19 19:11 - 000002115 _____ C:\Users\Pc\Desktop\FiveM.lnk
2021-09-19 18:57 - 2021-09-19 18:57 - 005764072 _____ (Cfx.re) C:\Users\Pc\Downloads\FiveM (1).exe
2021-09-19 18:48 - 2021-09-19 19:11 - 000002115 _____ C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM - Cfx.re Development Kit (FxDK).lnk
2021-09-19 18:39 - 2021-09-19 18:39 - 002185145 _____ C:\Users\Pc\Desktop\GTA V nahled.psd
2021-09-19 18:39 - 2021-09-19 18:39 - 000160589 _____ C:\Users\Pc\Desktop\GTA V nahled.jps
2021-09-18 22:57 - 2021-09-18 22:57 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-09-18 22:57 - 2021-09-18 22:57 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-09-18 22:56 - 2021-09-18 22:56 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-09-18 22:56 - 2021-09-18 22:56 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-09-18 22:56 - 2021-09-18 22:56 - 000000000 ____D C:\Program Files\Malwarebytes
2021-09-17 16:36 - 2021-09-17 16:36 - 000000340 _____ C:\Users\Pc\AppData\Local\MTk3MjA0ODI2Nw==IDK.corona
2021-09-17 15:13 - 2021-09-17 15:13 - 009000579 _____ C:\Users\Pc\Downloads\modest-menu_v0.9.0.7.zip
2021-09-17 15:09 - 2021-09-17 15:09 - 000001008 _____ C:\Users\Pc\AppData\Roaming\KEiZizen.jse
2021-09-17 15:09 - 2021-09-17 15:09 - 000000140 _____ C:\Users\Pc\AppData\Local\MTkxMDMwMzY1NQ==.corona
2021-09-17 15:04 - 2021-09-17 15:04 - 000004608 _____ C:\Windows\SECOH-QAD.exe
2021-09-17 15:04 - 2021-09-17 15:04 - 000003584 _____ C:\Windows\SECOH-QAD.dll
2021-09-17 15:04 - 2010-12-06 04:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2021-09-17 15:01 - 2021-09-18 23:46 - 000000000 ____D C:\ProgramData\Data
2021-09-17 15:01 - 2021-09-18 23:23 - 000000000 ____D C:\ProgramData\Microsoft Network
2021-09-17 15:01 - 2021-09-17 15:01 - 000000001 _____ C:\ProgramData\check.txt
2021-09-17 14:55 - 2021-09-17 14:55 - 000000000 ____D C:\Users\Pc\AppData\Local\Yandex
2021-09-17 14:38 - 2021-09-17 14:40 - 000000000 ____D C:\Users\Pc\AppData\Local\ProtonVPN
2021-09-17 14:38 - 2021-09-17 14:40 - 000000000 ____D C:\ProgramData\ProtonVPN
2021-09-17 14:38 - 2021-09-17 14:38 - 000038704 _____ (WireGuard LLC) C:\Windows\system32\Drivers\wintun.sys
2021-09-17 14:38 - 2021-09-17 14:38 - 000000000 ____D C:\Users\Pc\AppData\Local\ToastNotificationManagerCompat
2021-09-17 14:38 - 2021-09-17 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2021-09-17 14:38 - 2021-09-17 14:38 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2021-09-17 14:33 - 2021-09-17 14:33 - 000000000 ____D C:\Users\Pc\AppData\Roaming\Proton Technologies AG
2021-09-17 14:32 - 2021-09-17 14:32 - 024023256 _____ (Proton Technologies AG) C:\Users\Pc\Downloads\ProtonVPN_win_v1.22.2.exe
2021-09-17 14:22 - 2021-09-17 14:22 - 000537431 _____ C:\Users\Pc\Downloads\ac6092-100save61 (1).rar
2021-09-17 09:36 - 2021-09-17 09:36 - 000000942 _____ C:\Users\Pc\Desktop\Grand Theft Auto V.lnk
2021-09-16 22:46 - 2021-09-16 22:51 - 093289776 _____ (Rockstar Games Inc.) C:\Users\Pc\Downloads\Rockstar-Games-Launcher.exe
2021-09-14 19:03 - 2021-09-14 19:03 - 000000691 _____ C:\Users\Pc\Desktop\Outlast.lnk
2021-09-14 19:03 - 2021-09-14 19:03 - 000000000 ____D C:\Users\Pc\AppData\Roaming\Outlast
2021-09-14 19:03 - 2021-09-14 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2021-09-14 19:02 - 2021-09-14 19:02 - 000692651 _____ (Company ) C:\Users\Pc\Downloads\Outlast Whistleblower_Čeština.exe
2021-09-12 19:42 - 2021-09-12 19:53 - 857103679 _____ C:\Users\Pc\Downloads\Trasos.zip
2021-09-12 19:42 - 2021-09-12 19:49 - 901575478 _____ C:\Users\Pc\Downloads\Automobiliai.zip
2021-09-11 19:59 - 2021-09-11 20:03 - 542427757 _____ C:\Users\Pc\Downloads\Pan Profesor 3 dil Zakázaná láska.mp4
2021-09-11 19:39 - 2021-09-11 19:39 - 000019636 _____ C:\Users\Pc\Downloads\639486063_automatic_bulldoze_v2.zip
2021-09-11 19:31 - 2021-09-11 19:31 - 000149773 _____ C:\Users\Pc\Downloads\552309905_no_abandonment.zip
2021-09-11 19:16 - 2021-09-11 19:16 - 000113314 _____ C:\Users\Pc\Downloads\1627986403_bulldoze_it.zip
2021-08-31 21:01 - 2021-08-31 21:01 - 000839805 _____ C:\Users\Pc\Downloads\my_summer_car_rudolphx2.zip
2021-08-31 14:54 - 2021-08-31 14:54 - 000072996 _____ C:\Users\Pc\Downloads\defaultES2File.txt
2021-08-30 22:15 - 2021-08-30 22:15 - 000000000 ____D C:\Users\Pc\Documents\MySummerCar
2021-08-30 22:14 - 2021-08-30 22:14 - 003183440 _____ C:\Users\Pc\Downloads\MSCLoader (2).zip
2021-08-30 22:14 - 2021-08-30 22:14 - 000031690 _____ C:\Users\Pc\Downloads\Noclip(Flymod)_1_4_0 (1).zip
2021-08-30 22:14 - 2021-08-30 22:14 - 000013141 _____ C:\Users\Pc\Downloads\CheatBox120.zip
2021-08-29 19:55 - 2021-08-29 19:56 - 088094969 _____ C:\Users\Pc\Downloads\2020_audi_rs6_c8_4k_avant_final.zip
2021-08-29 19:53 - 2021-08-29 19:55 - 159249101 _____ C:\Users\Pc\Downloads\e92.zip
2021-08-29 16:38 - 2021-08-29 16:38 - 044315461 _____ C:\Users\Pc\Downloads\79025-jeep-grand-cherokee-trackhawk-wk2-2019.zip
2021-08-29 16:35 - 2021-08-29 16:35 - 011188632 _____ C:\Users\Pc\Downloads\smalltrailers_AR162b.zip
2021-08-29 15:10 - 2021-08-29 20:28 - 000000000 ____D C:\Users\Pc\AppData\Local\BeamNG.drive
2021-08-29 14:56 - 2021-08-29 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeamNG.drive
2021-08-28 22:15 - 2021-08-28 22:15 - 002370282 _____ C:\Users\Pc\Downloads\2979-better-engine-sound.zip
2021-08-28 22:08 - 2021-08-28 22:08 - 016190359 _____ C:\Users\Pc\Downloads\64692-honda-civic-type-r-fk-2018.zip
2021-08-28 22:08 - 2021-08-28 22:08 - 014413188 _____ C:\Users\Pc\Downloads\68096-honda-civic-type-r-fk-2019.zip
2021-08-28 22:08 - 2021-08-28 22:08 - 008689591 _____ C:\Users\Pc\Downloads\297-honda-civic.zip
2021-08-28 22:08 - 2021-08-28 22:08 - 008218910 _____ C:\Users\Pc\Downloads\1656-honda-civic-si-1986.zip
2021-08-28 21:26 - 2021-08-28 21:26 - 000000000 ____D C:\Users\Pc\AppData\Roaming\Blender Foundation
2021-08-28 21:25 - 2021-08-28 21:25 - 000000000 ____D C:\Users\Pc\.thumbnails
2021-08-28 21:23 - 2021-08-28 21:23 - 000000000 ____D C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\blender
2021-08-28 21:22 - 2021-08-28 21:22 - 000000000 ____D C:\Program Files\Blender Foundation
2021-08-28 21:19 - 2021-08-28 21:20 - 178569216 _____ C:\Users\Pc\Downloads\blender-2.93.3-windows-x64.msi
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-21 14:58 - 2021-07-01 21:49 - 000104846 _____ C:\Windows\ZAM.krnl.trace
2021-09-21 14:58 - 2021-07-01 21:49 - 000076233 _____ C:\Windows\ZAM_Guard.krnl.trace
2021-09-21 14:58 - 2020-11-07 19:58 - 000000000 ____D C:\Users\Pc\AppData\Roaming\discord
2021-09-21 14:57 - 2020-11-07 19:58 - 000000000 ____D C:\Users\Pc\AppData\Local\Discord
2021-09-21 14:49 - 2020-11-07 20:12 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-21 14:48 - 2021-06-28 23:30 - 000003136 _____ C:\Windows\system32\Tasks\MSIAfterburner
2021-09-21 14:47 - 2020-11-07 19:47 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-21 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-21 14:45 - 2020-11-07 05:30 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-21 14:45 - 2020-11-07 05:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-20 21:41 - 2020-11-21 22:14 - 000000000 ____D C:\Program Files (x86)\Steam
2021-09-20 21:41 - 2020-11-12 18:37 - 000000000 ____D C:\Users\Pc\AppData\Roaming\qBittorrent
2021-09-20 21:41 - 2020-11-07 05:30 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-09-20 21:41 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-09-19 21:15 - 2021-04-30 20:21 - 000000000 ____D C:\Users\Pc\AppData\Roaming\obs-studio
2021-09-19 20:28 - 2020-11-07 20:58 - 000000000 ____D C:\Users\Pc\AppData\Roaming\.minecraft
2021-09-19 15:44 - 2020-11-07 19:47 - 000000000 ____D C:\Users\Pc\AppData\Local\D3DSCache
2021-09-19 00:48 - 2020-11-10 23:13 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2021-09-19 00:20 - 2020-11-10 23:12 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2021-09-19 00:14 - 2021-06-13 22:53 - 000000000 ____D C:\Users\Pc\Desktop\Fotky
2021-09-19 00:05 - 2021-02-25 19:28 - 000002244 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-18 23:49 - 2021-01-24 21:42 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2021-09-18 23:23 - 2021-03-14 18:57 - 000001842 _____ C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\World of Warships.lnk
2021-09-18 23:23 - 2021-03-14 18:57 - 000001832 _____ C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\World of Tanks.lnk
2021-09-18 23:23 - 2021-03-14 18:57 - 000001832 _____ C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\War Thunder.lnk
2021-09-18 23:23 - 2021-03-14 18:57 - 000001810 _____ C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Crossout.lnk
2021-09-18 23:04 - 2020-11-07 20:26 - 000000000 ____D C:\Users\Pc\AppData\Local\CrashDumps
2021-09-18 23:00 - 2021-02-21 13:09 - 000005376 __RSH C:\ProgramData\ntuser.pol
2021-09-18 22:56 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-09-18 22:47 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-18 22:47 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-09-18 22:46 - 2020-11-14 02:02 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-17 17:11 - 2020-11-07 19:43 - 000000000 ____D C:\Users\Pc
2021-09-17 16:19 - 2021-04-18 12:17 - 000000000 ____D C:\Windows\Minidump
2021-09-17 16:18 - 2020-11-07 05:30 - 000699562 ____N C:\Windows\Minidump\091721-33171-01.dmp
2021-09-17 14:38 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-09-17 14:08 - 2020-12-23 13:01 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-09-17 14:08 - 2020-12-23 13:00 - 000000000 ____D C:\Program Files\Rockstar Games
2021-09-17 09:36 - 2020-12-23 13:01 - 000000000 ____D C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2021-09-16 22:26 - 2021-02-25 19:28 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-14 19:03 - 2020-11-07 21:32 - 000000000 ____D C:\Users\Pc\Documents\My Games
2021-09-13 19:44 - 2021-01-24 22:10 - 000000000 ____D C:\Users\Pc\AppData\Local\AcTools Content Manager
2021-09-12 19:03 - 2020-11-07 19:46 - 000003372 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1162680484-1263434181-313051435-1001
2021-09-12 19:03 - 2020-11-07 19:43 - 000002368 _____ C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-11 11:31 - 2021-04-13 21:23 - 000000000 ____D C:\Users\Pc\AppData\Roaming\Spotify
2021-09-11 11:31 - 2021-04-13 21:23 - 000000000 ____D C:\Users\Pc\AppData\Local\Spotify
2021-08-29 15:11 - 2020-11-19 21:45 - 000000000 ____D C:\Users\Pc\Documents\BeamNG.drive
2021-08-29 14:56 - 2021-02-05 10:17 - 000000459 _____ C:\Users\Pc\Desktop\BeamNG.drive.lnk
2021-08-29 14:56 - 2020-11-10 23:14 - 000000000 ____D C:\Windows\SysWOW64\directx
2021-08-29 01:08 - 2021-01-26 00:06 - 000000000 ____D C:\Users\Pc\AppData\Roaming\UnityHub
2021-08-28 21:22 - 2021-01-26 00:34 - 000000000 ____D C:\Users\Pc\AppData\LocalLow\DefaultCompany
2021-08-22 19:13 - 2020-11-11 23:51 - 000000000 ____D C:\Users\Pc\Documents\Euro Truck Simulator 2
2021-08-22 00:26 - 2021-04-08 20:51 - 000000000 ____D C:\Users\Pc\Documents\ETS2MP
2021-08-22 00:12 - 2021-01-11 22:36 - 000000000 ____D C:\Program Files\Cheat Engine 7.2
==================== Files in the root of some directories ========
2021-09-17 15:09 - 2021-09-17 15:09 - 000001008 _____ () C:\Users\Pc\AppData\Roaming\KEiZizen.jse
2020-11-22 23:09 - 2021-01-19 11:56 - 000000128 _____ () C:\Users\Pc\AppData\Roaming\winscp.rnd
2020-12-29 15:49 - 2021-01-02 22:09 - 000001480 _____ () C:\Users\Pc\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2021-09-17 16:36 - 2021-09-17 16:36 - 000000340 _____ () C:\Users\Pc\AppData\Local\MTk3MjA0ODI2Nw==IDK.corona
2021-09-17 15:09 - 2021-09-17 15:09 - 000000140 _____ () C:\Users\Pc\AppData\Local\MTkxMDMwMzY1NQ==.corona
2020-11-22 23:14 - 2020-11-23 23:46 - 000000128 _____ () C:\Users\Pc\AppData\Local\PUTTY.RND
2020-11-07 21:43 - 2020-11-12 01:14 - 000000003 _____ () C:\Users\Pc\AppData\Local\updater.log
2020-11-07 21:43 - 2020-11-12 00:54 - 000000424 _____ () C:\Users\Pc\AppData\Local\UserProducts.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021
Ran by Pc (21-09-2021 14:58:32)
Running from C:\Users\Pc\Downloads
Windows 10 Pro Version 2004 19041.685 (X64) (2020-11-07 17:38:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1162680484-1263434181-313051435-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1162680484-1263434181-313051435-503 - Limited - Disabled)
Guest (S-1-5-21-1162680484-1263434181-313051435-501 - Limited - Disabled)
Pc (S-1-5-21-1162680484-1263434181-313051435-1001 - Administrator - Enabled) => C:\Users\Pc
WDAGUtilityAccount (S-1-5-21-1162680484-1263434181-313051435-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Assetto Corsa Competizione (HKLM-x32\...\Assetto Corsa Competizione_is1) (Version: - )
BeamNG.drive v0.23 (HKLM-x32\...\BeamNG.drive_is1) (Version: 0.23 - BeamNG)
blender (HKLM\...\{2F5368B9-A2EF-4B56-8962-91C1FA2093D8}) (Version: 2.93.3 - Blender Foundation)
Blitz 1.13.38 (HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.13.38 - Blitz, Inc.)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 20.12.0006 - Bloody)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.0.220.1003 - BlueStack Systems, Inc.)
Cities Skylines Modern City Center (HKLM-x32\...\Cities Skylines Modern City Center_is1) (Version: - )
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
Descenders version Descenders (HKLM-x32\...\Descenders_is1) (Version: Descenders - )
DiRT Rally 2 0 (HKLM-x32\...\DiRT Rally 2 0_is1) (Version: - )
Discord (HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.0.1 - IObit)
Enlisted Launcher 1.0.3.46 (HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\{5fcad5a5-d0d8-4edf-a5ba-040b397eac31}}_is1) (Version: - Gaijin Network)
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FFB Racing Wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 2.TTRS.2020 - Thrustmaster)
FiveM (HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Forza Horizon 4 v. 1.432.823.2 (HKLM-x32\...\Forza Horizon 4_is1) (Version: - )
GenArts Sapphire Plug-ins 6.10 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2372.2 - Rockstar Games)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Gtk# for .Net 2.12.45 (HKLM-x32\...\{0D038544-52B1-4F30-BAE1-46509B4A91A7}) (Version: 2.12.45 - Xamarin, Inc.)
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
iTunes (HKLM\...\{07B3B04F-368F-42D9-9DDC-EEF1821DF158}) (Version: 12.11.3.17 - Apple Inc.)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - )
Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes)
MalwareFox AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Wolf of Webstreet OPC Private Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\OneDriveSetup.exe) (Version: 21.160.0808.0002 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Teams) (Version: 1.4.00.11161 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.8.3077.1211 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mono for Windows (x64) (HKLM\...\{B71D4864-AEA7-473D-97AC-CF2588F67D05}) (Version: 6.12.0.107 - Xamarin, Inc.)
MSCO (HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\MSCO) (Version: 2.3.5 - MSCOTeam)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Outlast (HKLM-x32\...\Outlast_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Outlast Whistleblower 1.00 (HKLM-x32\...\Outlast Whistleblower 1.00) (Version: 1.00 - Company)
ProtonVPN (HKLM-x32\...\{657E5009-3D96-41DA-BDD9-36113EE99AE3}) (Version: 1.22.2 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.22.2) (Version: 1.22.2 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
ProtonVPNTun (HKLM-x32\...\{10242617-4DA6-4E16-98D8-92B16E54BAEB}) (Version: 0.10.0 - Proton Technologies AG)
PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - )
PuTTY release 0.74 (64-bit) (HKLM\...\{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 - Simon Tatham)
qBittorrent 4.3.0.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.0.1 - The qBittorrent project)
RBR Castrezzato (remove only) (HKLM-x32\...\RBRTrack572) (Version: - )
RBR Jirkovicky 0.99 (remove only) (HKLM-x32\...\RBRJirkovicky) (Version: - )
RBR Mikolajki (remove only) (HKLM-x32\...\RBRMikolajki) (Version: - )
RBR Mlynky (remove only) (HKLM-x32\...\RBRTrack141) (Version: - )
RBR Mlynky II (remove only) (HKLM-x32\...\RBRTrack156) (Version: - )
RBR Reversed Tracks (remove only) (HKLM-x32\...\RBRReversedTracks) (Version: - )
RBR Shakedown Rally del Salento 2014 v1.1 (remove only) (HKLM-x32\...\RBRTrack888) (Version: - )
RBR Sosnova (remove only) (HKLM-x32\...\RBRSosnova) (Version: - )
RBR Sosnova2010 (remove only) (HKLM-x32\...\RBRSosnova2010) (Version: - )
RBR Zadverice (remove only) (HKLM-x32\...\RBRTrack99) (Version: - )
Richard Burns Rally (HKLM-x32\...\InstallShield_{72CE541B-52BD-4FA1-8CD6-19341939AB21}) (Version: 1.00.000 - Název společnosti:)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Launcher (HKLM\...\Rockstar Games Launcher) (Version: 0.0.0.0 - Rockstar Games)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.47.484 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.0 - Rockstar Games)
Spotify (HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Spotify) (Version: 1.1.66.580.gbd43cbc9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 117.0.10324 - Ubisoft)
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Unity (HKLM-x32\...\Unity) (Version: 2019.4.18f1 - Unity Technologies ApS)
Unity Hub 2.4.2 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.4.2 - Unity Technologies Inc.)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{B926966E-0517-11E7-9D65-C2A106E0D44C}) (Version: 14.0.244 - VEGAS)
Visual Studio Community 2019 (HKLM-x32\...\fd2ef408) (Version: 16.8.30907.101 - Microsoft Corporation)
WebM Project Directshow Filters (HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\webmdshow) (Version: - )
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinSCP 5.17.9 (HKLM-x32\...\winscp3_is1) (Version: 5.17.9 - Martin Prikryl)
WiperSoft 1.1.1157.64 (HKLM\...\{AB1C8C91-4D8E-4C28-80E7-FD135FB90515}}_is1) (Version: 1.1.1157.64 - WiperSoft)
Wondershare Dr.Fone (Version 11.0.5) (HKLM-x32\...\{E8F86DA8-B8E4-42C7-AFD4-EBB692AC43FD}_is1) (Version: 11.0.5.398 - Wondershare Technology Co.,Ltd.)
WRC 9 FIA World Rally Championship (HKLM-x32\...\WRC 9 FIA World Rally Championship_is1) (Version: - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zream version 14.23 (HKLM-x32\...\{13E374E4-E610-4F9E-ACC4-E461DA17D869}_is1) (Version: 14.23 - Zream)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-11-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-11-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-12-24] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-11-30] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.225.0_x64__dt26b99r8h8gj [2020-11-07] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1162680484-1263434181-313051435-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Pc\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1162680484-1263434181-313051435-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Pc\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1162680484-1263434181-313051435-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> )
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\MalwareFox AntiMalware\ZAMShellExt64.dll [2021-02-25] (Zemana Ltd. -> )
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Stahovaní\Winrar\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Stahovaní\Winrar\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-09-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\nvshext.dll [2020-12-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\MalwareFox AntiMalware\ZAMShellExt64.dll [2021-02-25] (Zemana Ltd. -> )
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-09-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Stahovaní\Winrar\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Stahovaní\Winrar\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2021-01-04 18:22 - 2021-01-04 18:22 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Pc\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Pc\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Pc\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Pc\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programy\java\bin\ssv.dll [2020-11-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programy\java\bin\jp2ssv.dll [2020-11-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2021-09-18 23:23 - 000001105 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 ultramediaburner.com
127.0.0.1 pro-zipper.com
127.0.0.1 productsdetails.online
127.0.0.1 post-back-url.com
127.0.0.1 rothsideadome.pw
127.0.0.1 room1.360dev.info
127.0.0.1 telechargini.com
127.0.0.1 install.geqxv.com
127.0.0.1 telemetry.malwarebytes.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\PuTTY\;C:\Program Files (x86)\GtkSharp\2.12\bin
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pc\Desktop\Nová složka\240921691_4337264053026348_8214550041925365079_n.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "WSAppHelper.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WSAndroidAppHelper.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\StartupFolder: => "HoneygainUpdater.lnk"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "WallpaperEngine"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "Bloody2"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\StartupApproved\Run: => "AYYnthfk"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4821FE60-9451-4236-8CB3-568EA8705C80}] => (Allow) D:\Programy\uTorrent.exe => No File
FirewallRules: [{5E68247B-43F8-4A76-B7DB-DAFCFF1BD0B7}] => (Allow) D:\Programy\uTorrent.exe => No File
FirewallRules: [{AF67872E-FE61-4199-A9D5-3572A6CAE49C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E35BF162-BF49-4A2A-B473-5938A0870F3D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ED942A4F-F91D-4387-A784-3B8BA32FDAB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65BC1CE3-46CA-421B-8A7B-F2A370787618}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F924DC43-DD94-459E-B46B-437902682DB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BECCDF2B-E67A-4C87-8251-B6B74AEB3A86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D18BFCB-F56E-4F1B-B281-E1247FA55BAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8BFB9B0-7D26-4B4D-A1CE-4F5A080288B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2D137CA5-1C1A-450B-9675-CC7647DA6029}] => (Allow) E:\Program Files (x86)\Steam\steam.exe => No File
FirewallRules: [{0672A499-D7F8-4C09-91EC-53CADDD4C8AA}] => (Allow) E:\Program Files (x86)\Steam\steam.exe => No File
FirewallRules: [{F029148D-5091-49F2-8832-9CDC9257B7E4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{DE4C4ECD-9E3F-4E64-965F-2AE5EB461DD0}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{F795C831-B061-4B5A-9DA7-191B9DD4DC20}F:\steamhry\steamapps\common\7 days to die\7daystodie.exe] => (Allow) F:\steamhry\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [UDP Query User{441997B5-A1D9-4FBB-9EE5-6603F9544FB7}F:\steamhry\steamapps\common\7 days to die\7daystodie.exe] => (Allow) F:\steamhry\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [TCP Query User{4241E8B4-2EFB-474A-9F5D-FC00A5701711}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [UDP Query User{3FA318AD-B7C3-451B-A863-FB6FA22E0B11}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [TCP Query User{487AD6DD-C435-44B6-81E4-4E171F32BCA3}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{0202611D-EF96-4169-ADF5-35EA4018C206}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{11B9D617-A1C4-419D-8C88-173030DD9579}D:\hry\mc\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\hry\mc\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{7AC4CDA4-2965-4A8F-85C5-2C39FE06EF7E}D:\hry\mc\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\hry\mc\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{8F25D95C-DE80-4E69-BF66-556458DB0302}] => (Allow) D:\Programy\Unity\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{A42E7959-FAFE-4432-B7AD-44981C3F3AB9}] => (Allow) C:\Users\Pc\AppData\Local\Temp\download\MiniThunderPlatform.exe => No File
FirewallRules: [{A4E4AFE9-90D5-42CF-8AAA-A5F0B33FFA72}] => (Allow) C:\Users\Pc\AppData\Local\Temp\download\MiniThunderPlatform.exe => No File
FirewallRules: [{8166ACA9-9FC2-4FC4-A5B7-67F577185B48}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{734B3549-227A-4CAE-A74F-DA31822DFAEB}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{8AACC326-3174-4355-8927-83935A38CAAE}] => (Allow) F:\steamhry\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{0210FB37-593E-4427-ADFF-8D5C3FD7B66A}] => (Allow) F:\steamhry\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [TCP Query User{07E7FC71-5FBB-4E73-948F-8EA87E3DB68B}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{62C8DD3A-6C76-48F4-AFF3-3D0BE9FB4DF4}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [{DF4ACA8C-A8D4-4F15-89AA-5F656716BCB4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{818FC051-CE87-4EA8-9100-338B9403F460}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0C6CE3D1-AA45-436D-9A49-12DABA9AFA97}] => (Allow) F:\steamhry\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [{9C64BD43-1122-4EBB-B3ED-E7A3CA408947}] => (Allow) F:\steamhry\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [TCP Query User{069DC663-7FA7-4DAE-B668-072E757BB9AE}F:\steamhry\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steamhry\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{7D23B74E-6394-45CD-99E2-5ABFAAA01064}F:\steamhry\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steamhry\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [TCP Query User{97D0B903-B21A-4EBB-B6B5-C44F4255AF41}C:\users\pc\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AE08391F-AF5C-4980-BD81-DCDC1C07A010}C:\users\pc\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{ACC2831B-2D2B-4550-9F24-2022E1BCB9D4}D:\programy\java\bin\javaw.exe] => (Allow) D:\programy\java\bin\javaw.exe
FirewallRules: [UDP Query User{5B4B34E5-AAE5-4A0F-AA2A-C06037B91324}D:\programy\java\bin\javaw.exe] => (Allow) D:\programy\java\bin\javaw.exe
FirewallRules: [TCP Query User{9D606640-5660-44E5-BC5C-010B2B195E41}F:\steamhry\steamapps\common\war thunder\win64\aces.exe] => (Allow) F:\steamhry\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{EDB811A2-E267-419B-AE84-2292B61820F7}F:\steamhry\steamapps\common\war thunder\win64\aces.exe] => (Allow) F:\steamhry\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{F33FC10B-B447-46E0-BCCB-03110BE23822}] => (Allow) F:\steamhry\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [{59999C03-652E-4AC0-9FC4-2D38CE3480E2}] => (Allow) F:\steamhry\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)
FirewallRules: [TCP Query User{AA17E3DD-9200-4F56-BE81-8A49F72DB27B}F:\steamhry\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\steamhry\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{DABFC2AB-8C85-42E9-8626-881AF7F6A71C}F:\steamhry\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\steamhry\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{E4498041-3914-45DE-93FD-D532EB5AA5E2}C:\users\pc\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.0\miner.exe] => (Allow) C:\users\pc\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.0\miner.exe => No File
FirewallRules: [UDP Query User{90920BD9-7698-4E56-89DC-D35F72A1AA01}C:\users\pc\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.0\miner.exe] => (Allow) C:\users\pc\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\15.0\miner.exe => No File
FirewallRules: [TCP Query User{E6A78DB6-FF25-4A20-A374-0BE9877D763F}C:\users\pc\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.0\phoenixminer_5.2e_windows\phoenixminer.exe] => (Allow) C:\users\pc\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.0\phoenixminer_5.2e_windows\phoenixminer.exe => No File
FirewallRules: [UDP Query User{E48244E9-4A17-4F74-B308-D8CF4824EDCD}C:\users\pc\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.0\phoenixminer_5.2e_windows\phoenixminer.exe] => (Allow) C:\users\pc\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.0\phoenixminer_5.2e_windows\phoenixminer.exe => No File
FirewallRules: [TCP Query User{ED8667A5-6C99-4447-A635-79F0C01A4199}D:\hry\mudrunner\mudrunner.exe] => (Allow) D:\hry\mudrunner\mudrunner.exe (Focus Home Interactive) [File not signed]
FirewallRules: [UDP Query User{DCDFDC1B-CF39-4DFF-8555-E6143514D74B}D:\hry\mudrunner\mudrunner.exe] => (Allow) D:\hry\mudrunner\mudrunner.exe (Focus Home Interactive) [File not signed]
FirewallRules: [TCP Query User{C26F79DD-0BE9-4BD8-BBAC-13DC1D5242BE}C:\users\pc\downloads\anydesk.exe] => (Allow) C:\users\pc\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{25486007-ECDF-4312-8C74-0E7D3297B1FB}C:\users\pc\downloads\anydesk.exe] => (Allow) C:\users\pc\downloads\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [TCP Query User{39F22F24-2852-445F-BA4A-EAB8A02BB64B}D:\hry\gtav\gta5.exe] => (Allow) D:\hry\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{CA014D9A-EDFD-499C-AD88-75D680D4CFBF}D:\hry\gtav\gta5.exe] => (Allow) D:\hry\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{A7BF0117-0A97-42E1-9FFF-BD4029E78F51}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{D637D47E-03FC-4985-9FF7-9E68B669F4B4}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [TCP Query User{B5B4EC25-3A86-4233-BFE5-EB9CECCBE020}D:\hry\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) D:\hry\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [UDP Query User{BDEC70A5-020E-4B30-9023-9BC8FB3D71FD}D:\hry\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) D:\hry\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{75EF4F67-054F-447E-9116-8A8E546CF85D}] => (Allow) F:\steamhry\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{68ED07D0-EA89-4ACC-98AC-5EEF57567FD9}] => (Allow) F:\steamhry\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{5EFEE9E1-03BB-4918-835F-5677C0B398D5}] => (Allow) F:\steamhry\steamapps\common\Kingdom\Kingdom.exe () [File not signed]
FirewallRules: [{C03C125D-3F64-4EF5-907B-098E54A849C4}] => (Allow) F:\steamhry\steamapps\common\Kingdom\Kingdom.exe () [File not signed]
FirewallRules: [{82F3DE8E-076F-4E3D-8B8D-187370E6F8E1}] => (Allow) F:\steamhry\steamapps\common\The Crew 2\TheCrew2.exe (UBISOFT ENTERTAINMENT INC. -> UBISoft)
FirewallRules: [{231DFB88-FBD8-4DAB-99B0-4728B340111B}] => (Allow) F:\steamhry\steamapps\common\The Crew 2\TheCrew2.exe (UBISOFT ENTERTAINMENT INC. -> UBISoft)
FirewallRules: [{AB5FE5C2-E6EA-402D-A5ED-3B3F17C5D53A}] => (Allow) F:\steamhry\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{965D0F12-F32F-49E6-BB51-7B67A53CC870}] => (Allow) F:\steamhry\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{612BF812-4D90-4D9A-A1B5-961B646D76FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2CD4B74D-8D3D-4845-8901-7CFF313C7C24}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4E551CB-C231-45E2-B6CB-233EFFBD8C9B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{04181C93-494C-4ECE-BBA7-DF1113A96E43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A235DD40-3D2D-4856-810B-0B2F7328E48B}] => (Allow) F:\steamhry\steamapps\common\City Car Driving\bin\win32\starter.exe => No File
FirewallRules: [{8D66C9AD-2CE7-4C77-990D-0E139F654C5D}] => (Allow) F:\steamhry\steamapps\common\City Car Driving\bin\win32\starter.exe => No File
FirewallRules: [{EF55F2ED-31A0-4F27-9CE2-A6881520A667}] => (Allow) F:\steamhry\steamapps\common\Turmoil\Turmoil_PC_Full.exe (Gamious) [File not signed]
FirewallRules: [{EAAF2FD8-0A80-4070-B646-FDC1CB6F7F27}] => (Allow) F:\steamhry\steamapps\common\Turmoil\Turmoil_PC_Full.exe (Gamious) [File not signed]
FirewallRules: [TCP Query User{DD7579A8-367C-4315-B801-30370E7BF639}D:\programy\unity\unity hub.exe] => (Allow) D:\programy\unity\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{386C2431-0EC4-4DD1-BCF7-BDF22091406F}D:\programy\unity\unity hub.exe] => (Allow) D:\programy\unity\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{C470521A-11A5-43B4-821B-257710C7A6FF}] => (Allow) C:\Program Files\Unity\Hub\Editor\2019.4.18f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{CADE8137-646D-412C-B638-3602C8128717}] => (Block) C:\Program Files\Unity\Hub\Editor\2019.4.18f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{6C00A5E1-5FEB-4853-91F5-F888CD06388A}C:\program files\unity\hub\editor\2019.4.18f1\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\hub\editor\2019.4.18f1\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [UDP Query User{395ECBA0-56E1-41DA-B19C-0F17DA8C561E}C:\program files\unity\hub\editor\2019.4.18f1\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\hub\editor\2019.4.18f1\monodevelop\bin\monodevelop.exe () [File not signed]
FirewallRules: [{1C586307-1748-4AA8-8044-6F1661AB0A78}] => (Allow) F:\steamhry\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{6A8113A7-CB89-4CBE-971D-268ECC837DCD}] => (Allow) F:\steamhry\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{10181C7F-1D57-4834-A5CE-F0EA1C3B1617}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{63A03C68-0FCE-4D4C-85EF-0C9318FBD302}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C8747616-2C3A-4AD4-8AC6-86A9BE885CE5}] => (Allow) F:\steamhry\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{B541145A-EFDD-41B0-A759-E780F1E042FC}] => (Allow) F:\steamhry\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{15613A45-F7E7-44ED-B30E-DA4EF35070B3}] => (Allow) F:\steamhry\steamapps\common\Ranch Simulator\Ranch_Simulator.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{FDDF81E9-4798-48C5-B927-611A9E87FE84}] => (Allow) F:\steamhry\steamapps\common\Ranch Simulator\Ranch_Simulator.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{416741D4-C1C4-4110-88BD-786D9BB63271}] => (Allow) F:\steamhry\steamapps\common\BrainOut\bin\javaw.exe
FirewallRules: [{9F268D40-D573-4DA2-93D0-794BA310C253}] => (Allow) F:\steamhry\steamapps\common\BrainOut\bin\javaw.exe
FirewallRules: [{C986D53A-AF62-41F6-B2F9-F864830EE834}] => (Allow) F:\steamhry\steamapps\common\MXGP2 - The Official Motocross Videogame\MXGP_2X64.exe (Milestone S.r.l.) [File not signed]
FirewallRules: [{7E9E209F-C634-4AF7-B54E-87BCE5B2FC2F}] => (Allow) F:\steamhry\steamapps\common\MXGP2 - The Official Motocross Videogame\MXGP_2X64.exe (Milestone S.r.l.) [File not signed]
FirewallRules: [{6FA37EFF-BC81-4EB8-95B5-E651AA6ECECC}] => (Allow) F:\steamhry\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{B380492E-FEFA-4467-BA1B-5591FFE38BDC}] => (Allow) F:\steamhry\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [TCP Query User{025B1F83-181A-4A3F-90BC-8A2BC6451956}C:\users\pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{374EA329-4392-47DA-8661-40982B283517}C:\users\pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{84F249FE-1BC1-4891-8E32-FD22BF3A10A4}D:\hry\enlisted\launcher.exe] => (Allow) D:\hry\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{043B8106-65A3-4C33-9A6B-2F5798628CB6}D:\hry\enlisted\launcher.exe] => (Allow) D:\hry\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [TCP Query User{7883D840-4D41-43F6-B986-B4549BB033BA}D:\hry\enlisted\win64\enlisted.exe] => (Allow) D:\hry\enlisted\win64\enlisted.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{B45B5A66-21CD-4E6A-8EAC-2818B4E86358}D:\hry\enlisted\win64\enlisted.exe] => (Allow) D:\hry\enlisted\win64\enlisted.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{65B97692-DE51-4EBB-BE5D-E7C7F8B4F302}] => (Allow) F:\steamhry\steamapps\common\X-Blades\launcher.exe (Gaijin Entertainment) [File not signed]
FirewallRules: [{1F1DE27D-0D12-4F5E-866E-F18FCC0842F9}] => (Allow) F:\steamhry\steamapps\common\X-Blades\launcher.exe (Gaijin Entertainment) [File not signed]
FirewallRules: [{BC3FDA4E-295F-4B42-B1D8-6340F5D35FB6}] => (Allow) F:\steamhry\steamapps\common\The Prism\The_Prism.exe () [File not signed]
FirewallRules: [{EAD82DC5-4F5E-4C34-B9CD-BB106A5A72A5}] => (Allow) F:\steamhry\steamapps\common\The Prism\The_Prism.exe () [File not signed]
FirewallRules: [{65BB7826-8CB8-4101-AED4-365B04C82E2D}] => (Allow) F:\steamhry\steamapps\common\Car Mechanic Simulator 2021 Demo\Car Mechanic Simulator 2021 Demo.exe () [File not signed]
FirewallRules: [{FF4AC3DC-7B3B-47D4-9E82-AC2E03BFB398}] => (Allow) F:\steamhry\steamapps\common\Car Mechanic Simulator 2021 Demo\Car Mechanic Simulator 2021 Demo.exe () [File not signed]
FirewallRules: [{B25B9FDD-6D39-48EC-B9F0-CA9A85879160}] => (Allow) F:\steamhry\steamapps\common\Car Mechanic Simulator 2018\cms2018.exe () [File not signed]
FirewallRules: [{5F7801FE-FDEE-44F0-A219-A98B3E440792}] => (Allow) F:\steamhry\steamapps\common\Car Mechanic Simulator 2018\cms2018.exe () [File not signed]
FirewallRules: [{9AAC255F-E296-4BEC-90BA-795E5092C3CB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{6C35CEFF-2116-45ED-A8B1-2069B096D0B7}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{657124FD-398E-4418-A6EE-756916763EBF}D:\stahovaní\police.simulator.patrol.officers.early.access\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe] => (Allow) D:\stahovaní\police.simulator.patrol.officers.early.access\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe (Aesir Interactive GmbH) [File not signed]
FirewallRules: [UDP Query User{F0FC51D2-160A-42CB-86E2-59706120D612}D:\stahovaní\police.simulator.patrol.officers.early.access\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe] => (Allow) D:\stahovaní\police.simulator.patrol.officers.early.access\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe (Aesir Interactive GmbH) [File not signed]
FirewallRules: [{8E6DBADB-23CD-4D0F-B80C-07218EB05521}] => (Allow) F:\steamhry\steamapps\common\Car Mechanic Simulator 2021 Demo\playway-launcher-win32-ia32\playway-launcher.exe (Piotr "Xeno" Adamczyk) [File not signed]
FirewallRules: [{277E7D01-3781-4FE9-947F-2333F9FD4971}] => (Allow) F:\steamhry\steamapps\common\Car Mechanic Simulator 2021 Demo\playway-launcher-win32-ia32\playway-launcher.exe (Piotr "Xeno" Adamczyk) [File not signed]
FirewallRules: [{06658331-F5F1-404B-BC9D-2ECE03CB2B3E}] => (Allow) F:\steamhry\steamapps\common\F1 2020\F1_2020_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{30A25D66-B7B6-4BAA-845D-A02F15F0546F}] => (Allow) F:\steamhry\steamapps\common\F1 2020\F1_2020_dx12.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{79DA392F-77AC-4700-BD4A-C8BB00D4D098}] => (Allow) F:\steamhry\steamapps\common\F1 2020\F1_2020.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D079B274-A55D-4F13-AD90-D3E08C564CA6}] => (Allow) F:\steamhry\steamapps\common\F1 2020\F1_2020.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [TCP Query User{1B6715FB-19DD-4AA0-9E60-351DFFC795A6}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{EA13CF3D-78D3-42E1-8808-40FCC76D1CEB}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [{E8B0297F-6FC7-4B09-9BCD-A422FB3C94EB}] => (Allow) F:\steamhry\steamapps\common\MrMine\win-unpacked\Mr.Mine.exe (Oblouk LLC) [File not signed]
FirewallRules: [{4617AEAB-586D-4C1A-803C-87A8050C4689}] => (Allow) F:\steamhry\steamapps\common\MrMine\win-unpacked\Mr.Mine.exe (Oblouk LLC) [File not signed]
FirewallRules: [TCP Query User{4D0C13FE-A851-4A54-B334-7A3C1AA0DB85}D:\hry\outlast\binaries\win64\olgame.exe] => (Allow) D:\hry\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{71FE1280-A59F-4C7F-BC23-B3DF482453B0}D:\hry\outlast\binaries\win64\olgame.exe] => (Allow) D:\hry\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [{A38E91B1-6D6F-4206-850B-CE70A69BF0F0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{E7145A08-5859-4AF6-9745-891D3D68B450}D:\hry\gtav\grand theft auto v\gta5.exe] => (Allow) D:\hry\gtav\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{2A589B1C-8A54-4911-9D56-C8B838ADF943}D:\hry\gtav\grand theft auto v\gta5.exe] => (Allow) D:\hry\gtav\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{F951C5B5-D332-4748-B462-B4F2576DBBA9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\93.0.961.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B60D84B2-A9E9-44D1-9CD5-E2A120E688F6}D:\stahovaní\malwarebytes anti-malware premium 4.2.0.82 incl license [crackingpatching]\license\licensemalwarebytes.exe] => (Allow) D:\stahovaní\malwarebytes anti-malware premium 4.2.0.82 incl license [crackingpatching]\license\licensemalwarebytes.exe () [File not signed]
FirewallRules: [UDP Query User{84141E10-E809-481F-B277-A5FF6B9AE1D0}D:\stahovaní\malwarebytes anti-malware premium 4.2.0.82 incl license [crackingpatching]\license\licensemalwarebytes.exe] => (Allow) D:\stahovaní\malwarebytes anti-malware premium 4.2.0.82 incl license [crackingpatching]\license\licensemalwarebytes.exe () [File not signed]
FirewallRules: [TCP Query User{4FBF167D-E0BF-4ECE-B5B1-955F3DC95E74}C:\program files\malwarebytes\anti-malware\licensemalwarebytes.exe] => (Allow) C:\program files\malwarebytes\anti-malware\licensemalwarebytes.exe () [File not signed]
FirewallRules: [UDP Query User{C18F78A2-7F03-4978-BE76-66358AC24A1F}C:\program files\malwarebytes\anti-malware\licensemalwarebytes.exe] => (Allow) C:\program files\malwarebytes\anti-malware\licensemalwarebytes.exe () [File not signed]
FirewallRules: [TCP Query User{4C82DC9C-1010-41BF-8168-E0D5938B17B9}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{B4E0460D-48E6-442A-B30A-D83CD69ACCAA}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{5482AAFD-0E0B-4CC8-9E5F-B7A0D21289DD}C:\users\pc\appdata\local\fivem\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{5EF35842-47CB-45CC-A961-F96003AA8632}C:\users\pc\appdata\local\fivem\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{3CE040E6-DFD0-42CC-B143-49CAE83CE4BE}C:\users\pc\appdata\local\fivem\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{2F7883DD-86F6-4160-B1FD-AB0638C485E8}C:\users\pc\appdata\local\fivem\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{10C94711-6CF7-4ADD-8E06-E9C28D54C6E6}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{52BCD357-71EC-47A0-BEDF-C9006944B3EE}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{88382BE3-CD5B-4102-8E83-DE2F51987927}] => (Allow) F:\steamhry\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{E174E038-E9BC-4D21-B15C-C6E198306F7E}] => (Allow) F:\steamhry\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{FD8961AD-E110-4935-BB46-0739DC83EC2F}] => (Allow) F:\steamhry\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{2C9DFB2C-A95C-4CA9-80ED-89968200C0CD}] => (Allow) F:\steamhry\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
==================== Restore Points =========================
28-08-2021 21:21:25 Installed blender
17-09-2021 00:59:22 Naplánovaný kontrolní bod
18-09-2021 23:50:10 Removed Bonjour
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/20/2021 08:01:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Druhy hadr 2 (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (09/20/2021 07:51:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Druhy hadr (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (09/20/2021 07:51:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (09/20/2021 07:51:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (09/20/2021 12:24:18 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Druhy hadr (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (09/20/2021 12:24:09 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (09/20/2021 12:12:30 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (09/18/2021 11:04:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 4.0.0.782, časové razítko: 0x5f3ebde3
Název chybujícího modulu: Qt5Core.dll, verze: 5.14.1.0, časové razítko: 0x5e8272e4
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000219d05
ID chybujícího procesu: 0x2628
Čas spuštění chybující aplikace: 0x01d7acd0540c6d8b
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: f25e7932-d19e-4c01-a15c-c49320a8b94c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (09/21/2021 03:01:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (09/21/2021 03:01:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DIP6TE3)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/21/2021 02:59:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (09/21/2021 02:59:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/21/2021 02:57:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (09/21/2021 02:57:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/21/2021 02:55:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (09/21/2021 02:55:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-01-06 23:18:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A4CCDCE4-373C-434B-907A-6D2BDBA122C4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-06 09:36:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D652A725-F9AE-410E-9E96-FFBDE41F5101}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-04 20:29:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {99C60597-55CE-41E2-BB96-B6C33105326E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-04 10:34:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {135EB1B7-7518-437B-BF88-00856E198AB1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-02 22:25:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EB002FE9-60CC-4619-9988-21B55268969C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-07 19:56:44
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
CodeIntegrity:
===============
Date: 2021-09-21 14:47:40
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-09-18 23:51:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 3.40 01/22/2020
Motherboard: Micro-Star International Co., Ltd. B450M-A PRO MAX (MS-7C52)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 36%
Total physical RAM: 16335.18 MB
Available physical RAM: 10398.2 MB
Total Virtual: 18511.18 MB
Available Virtual: 10140.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:390.02 GB) (Free:151.35 GB) NTFS
Drive d: (Data) (Fixed) (Total:540.89 GB) (Free:173.01 GB) NTFS
Drive e: (Druhy hadr) (Fixed) (Total:145.85 GB) (Free:144.54 GB) NTFS
Drive f: (Druhy hadr 2) (Fixed) (Total:785.03 GB) (Free:209.45 GB) NTFS
\\?\Volume{861022e2-92b8-4264-b583-dac7b81cb273}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{855715ba-65e5-44a5-9f94-ebc667ed29b0}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{280092f7-6d9f-415c-9aac-03be85bc6097}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{f1866261-5d5a-46a1-9127-1e96c79151f2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7228AD33)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: A62B1603)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Dominik Polanský
- Návštěvník
- Příspěvky: 3
- Registrován: 21 zář 2021 13:52
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Pc\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [AYYnthfk] => C:\Users\Pc\AppData\Roaming\KEiZizen.jse [1008 2021-09-17] () [File not signed]
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\MountPoints2: {1eb2dfb5-b7db-11eb-a996-2cf05d2cf332} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\MountPoints2: {5881e1e6-5eda-11eb-a8dd-2cf05d2cf332} - "G:\autorun.exe" "intro.html"
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {4241D077-76D6-4BB6-9408-30B3CC816A01} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-25] (Google LLC -> Google LLC)
Task: {67247292-2817-496E-AAF8-D0C8C57D90D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-25] (Google LLC -> Google LLC)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2021-02-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2021-02-25] (Zemana Ltd. -> Zemana Ltd.)
C:\Windows\SECOH-QAD.exe
C:\Windows\SECOH-QAD.dll
C:\Users\Pc\AppData\Local\Yandex
C:\Windows\ZAM.krnl.trace
C:\Windows\ZAM_Guard.krnl.trac
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\Users\Pc\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Pc\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Pc\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Pc\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
FirewallRules: [{4821FE60-9451-4236-8CB3-568EA8705C80}] => (Allow) D:\Programy\uTorrent.exe => No File
FirewallRules: [{5E68247B-43F8-4A76-B7DB-DAFCFF1BD0B7}] => (Allow) D:\Programy\uTorrent.exe => No File
FirewallRules: [{2D137CA5-1C1A-450B-9675-CC7647DA6029}] => (Allow) E:\Program Files (x86)\Steam\steam.exe => No File
FirewallRules: [{0672A499-D7F8-4C09-91EC-53CADDD4C8AA}] => (Allow) E:\Program Files (x86)\Steam\steam.exe => No File
FirewallRules: [{F029148D-5091-49F2-8832-9CDC9257B7E4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{DE4C4ECD-9E3F-4E64-965F-2AE5EB461DD0}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{4241E8B4-2EFB-474A-9F5D-FC00A5701711}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [UDP Query User{3FA318AD-B7C3-451B-A863-FB6FA22E0B11}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [TCP Query User{487AD6DD-C435-44B6-81E4-4E171F32BCA3}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{0202611D-EF96-4169-ADF5-35EA4018C206}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [{A42E7959-FAFE-4432-B7AD-44981C3F3AB9}] => (Allow) C:\Users\Pc\AppData\Local\Temp\download\MiniThunderPlatform.exe => No File
FirewallRules: [{A4E4AFE9-90D5-42CF-8AAA-A5F0B33FFA72}] => (Allow) C:\Users\Pc\AppData\Local\Temp\download\MiniThunderPlatform.exe => No File
FirewallRules: [TCP Query User{07E7FC71-5FBB-4E73-948F-8EA87E3DB68B}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{62C8DD3A-6C76-48F4-AFF3-3D0BE9FB4DF4}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [{DF4ACA8C-A8D4-4F15-89AA-5F656716BCB4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{818FC051-CE87-4EA8-9100-338B9403F460}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{07E7FC71-5FBB-4E73-948F-8EA87E3DB68B}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{62C8DD3A-6C76-48F4-AFF3-3D0BE9FB4DF4}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [{DF4ACA8C-A8D4-4F15-89AA-5F656716BCB4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{818FC051-CE87-4EA8-9100-338B9403F460}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{39F22F24-2852-445F-BA4A-EAB8A02BB64B}D:\hry\gtav\gta5.exe] => (Allow) D:\hry\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{CA014D9A-EDFD-499C-AD88-75D680D4CFBF}D:\hry\gtav\gta5.exe] => (Allow) D:\hry\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{A7BF0117-0A97-42E1-9FFF-BD4029E78F51}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{D637D47E-03FC-4985-9FF7-9E68B669F4B4}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [{A235DD40-3D2D-4856-810B-0B2F7328E48B}] => (Allow) F:\steamhry\steamapps\common\City Car Driving\bin\win32\starter.exe => No File
FirewallRules: [{8D66C9AD-2CE7-4C77-990D-0E139F654C5D}] => (Allow) F:\steamhry\steamapps\common\City Car Driving\bin\win32\starter.exe => No File
FirewallRules: [TCP Query User{1B6715FB-19DD-4AA0-9E60-351DFFC795A6}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{EA13CF3D-78D3-42E1-8808-40FCC76D1CEB}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Dominik Polanský
- Návštěvník
- Příspěvky: 3
- Registrován: 21 zář 2021 13:52
Re: Prosím o kontrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021
Ran by Pc (21-09-2021 20:47:24) Run:1
Running from C:\Users\Pc\Downloads
Loaded Profiles: Pc
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [AYYnthfk] => C:\Users\Pc\AppData\Roaming\KEiZizen.jse [1008 2021-09-17] () [File not signed]
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\MountPoints2: {1eb2dfb5-b7db-11eb-a996-2cf05d2cf332} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\MountPoints2: {5881e1e6-5eda-11eb-a8dd-2cf05d2cf332} - "G:\autorun.exe" "intro.html"
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {4241D077-76D6-4BB6-9408-30B3CC816A01} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-25] (Google LLC -> Google LLC)
Task: {67247292-2817-496E-AAF8-D0C8C57D90D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-25] (Google LLC -> Google LLC)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2021-02-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2021-02-25] (Zemana Ltd. -> Zemana Ltd.)
C:\Windows\SECOH-QAD.exe
C:\Windows\SECOH-QAD.dll
C:\Users\Pc\AppData\Local\Yandex
C:\Windows\ZAM.krnl.trace
C:\Windows\ZAM_Guard.krnl.trac
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\Users\Pc\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Pc\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Pc\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Pc\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
FirewallRules: [{4821FE60-9451-4236-8CB3-568EA8705C80}] => (Allow) D:\Programy\uTorrent.exe => No File
FirewallRules: [{5E68247B-43F8-4A76-B7DB-DAFCFF1BD0B7}] => (Allow) D:\Programy\uTorrent.exe => No File
FirewallRules: [{2D137CA5-1C1A-450B-9675-CC7647DA6029}] => (Allow) E:\Program Files (x86)\Steam\steam.exe => No File
FirewallRules: [{0672A499-D7F8-4C09-91EC-53CADDD4C8AA}] => (Allow) E:\Program Files (x86)\Steam\steam.exe => No File
FirewallRules: [{F029148D-5091-49F2-8832-9CDC9257B7E4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{DE4C4ECD-9E3F-4E64-965F-2AE5EB461DD0}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{4241E8B4-2EFB-474A-9F5D-FC00A5701711}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [UDP Query User{3FA318AD-B7C3-451B-A863-FB6FA22E0B11}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [TCP Query User{487AD6DD-C435-44B6-81E4-4E171F32BCA3}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{0202611D-EF96-4169-ADF5-35EA4018C206}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [{A42E7959-FAFE-4432-B7AD-44981C3F3AB9}] => (Allow) C:\Users\Pc\AppData\Local\Temp\download\MiniThunderPlatform.exe => No File
FirewallRules: [{A4E4AFE9-90D5-42CF-8AAA-A5F0B33FFA72}] => (Allow) C:\Users\Pc\AppData\Local\Temp\download\MiniThunderPlatform.exe => No File
FirewallRules: [TCP Query User{07E7FC71-5FBB-4E73-948F-8EA87E3DB68B}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{62C8DD3A-6C76-48F4-AFF3-3D0BE9FB4DF4}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [{DF4ACA8C-A8D4-4F15-89AA-5F656716BCB4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{818FC051-CE87-4EA8-9100-338B9403F460}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{07E7FC71-5FBB-4E73-948F-8EA87E3DB68B}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{62C8DD3A-6C76-48F4-AFF3-3D0BE9FB4DF4}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [{DF4ACA8C-A8D4-4F15-89AA-5F656716BCB4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{818FC051-CE87-4EA8-9100-338B9403F460}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{39F22F24-2852-445F-BA4A-EAB8A02BB64B}D:\hry\gtav\gta5.exe] => (Allow) D:\hry\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{CA014D9A-EDFD-499C-AD88-75D680D4CFBF}D:\hry\gtav\gta5.exe] => (Allow) D:\hry\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{A7BF0117-0A97-42E1-9FFF-BD4029E78F51}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{D637D47E-03FC-4985-9FF7-9E68B669F4B4}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [{A235DD40-3D2D-4856-810B-0B2F7328E48B}] => (Allow) F:\steamhry\steamapps\common\City Car Driving\bin\win32\starter.exe => No File
FirewallRules: [{8D66C9AD-2CE7-4C77-990D-0E139F654C5D}] => (Allow) F:\steamhry\steamapps\common\City Car Driving\bin\win32\starter.exe => No File
FirewallRules: [TCP Query User{1B6715FB-19DD-4AA0-9E60-351DFFC795A6}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{EA13CF3D-78D3-42E1-8808-40FCC76D1CEB}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-1162680484-1263434181-313051435-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AYYnthfk" => removed successfully
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1eb2dfb5-b7db-11eb-a996-2cf05d2cf332} => removed successfully
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5881e1e6-5eda-11eb-a8dd-2cf05d2cf332} => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4241D077-76D6-4BB6-9408-30B3CC816A01}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4241D077-76D6-4BB6-9408-30B3CC816A01}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67247292-2817-496E-AAF8-D0C8C57D90D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67247292-2817-496E-AAF8-D0C8C57D90D3}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
ZAM => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ZAM => removed successfully
ZAM => service removed successfully
ZAM_Guard => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ZAM_Guard => removed successfully
ZAM_Guard => service removed successfully
C:\Windows\SECOH-QAD.exe => moved successfully
C:\Windows\SECOH-QAD.dll => moved successfully
C:\Users\Pc\AppData\Local\Yandex => moved successfully
C:\Windows\ZAM.krnl.trace => moved successfully
"C:\Windows\ZAM_Guard.krnl.trac" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
C:\Users\Pc\Data aplikací => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
C:\Users\Pc\Data aplikací => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS removed successfully
"C:\Users\Pc\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"C:\Users\Pc\AppData\Roaming" => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4821FE60-9451-4236-8CB3-568EA8705C80}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E68247B-43F8-4A76-B7DB-DAFCFF1BD0B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D137CA5-1C1A-450B-9675-CC7647DA6029}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0672A499-D7F8-4C09-91EC-53CADDD4C8AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F029148D-5091-49F2-8832-9CDC9257B7E4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE4C4ECD-9E3F-4E64-965F-2AE5EB461DD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4241E8B4-2EFB-474A-9F5D-FC00A5701711}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3FA318AD-B7C3-451B-A863-FB6FA22E0B11}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{487AD6DD-C435-44B6-81E4-4E171F32BCA3}C:\program files (x86)\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0202611D-EF96-4169-ADF5-35EA4018C206}C:\program files (x86)\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A42E7959-FAFE-4432-B7AD-44981C3F3AB9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4E4AFE9-90D5-42CF-8AAA-A5F0B33FFA72}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{07E7FC71-5FBB-4E73-948F-8EA87E3DB68B}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{62C8DD3A-6C76-48F4-AFF3-3D0BE9FB4DF4}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF4ACA8C-A8D4-4F15-89AA-5F656716BCB4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{818FC051-CE87-4EA8-9100-338B9403F460}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{07E7FC71-5FBB-4E73-948F-8EA87E3DB68B}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{62C8DD3A-6C76-48F4-AFF3-3D0BE9FB4DF4}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF4ACA8C-A8D4-4F15-89AA-5F656716BCB4}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{818FC051-CE87-4EA8-9100-338B9403F460}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{39F22F24-2852-445F-BA4A-EAB8A02BB64B}D:\hry\gtav\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CA014D9A-EDFD-499C-AD88-75D680D4CFBF}D:\hry\gtav\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A7BF0117-0A97-42E1-9FFF-BD4029E78F51}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D637D47E-03FC-4985-9FF7-9E68B669F4B4}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A235DD40-3D2D-4856-810B-0B2F7328E48B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D66C9AD-2CE7-4C77-990D-0E139F654C5D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1B6715FB-19DD-4AA0-9E60-351DFFC795A6}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EA13CF3D-78D3-42E1-8808-40FCC76D1CEB}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 259558615 B
Java, Flash, Steam htmlcache => 599821817 B
Windows/system/drivers => 1908914 B
Edge => 944366 B
Chrome => 1058865430 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 59863 B
LocalService => 929055 B
NetworkService => 1013903 B
Pc => 745858492 B
RecycleBin => 15764090751 B
EmptyTemp: => 17.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:04:49 ====
Ran by Pc (21-09-2021 20:47:24) Run:1
Running from C:\Users\Pc\Downloads
Loaded Profiles: Pc
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\Run: [AYYnthfk] => C:\Users\Pc\AppData\Roaming\KEiZizen.jse [1008 2021-09-17] () [File not signed]
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\MountPoints2: {1eb2dfb5-b7db-11eb-a996-2cf05d2cf332} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\...\MountPoints2: {5881e1e6-5eda-11eb-a8dd-2cf05d2cf332} - "G:\autorun.exe" "intro.html"
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {4241D077-76D6-4BB6-9408-30B3CC816A01} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-25] (Google LLC -> Google LLC)
Task: {67247292-2817-496E-AAF8-D0C8C57D90D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-25] (Google LLC -> Google LLC)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2021-02-25] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2021-02-25] (Zemana Ltd. -> Zemana Ltd.)
C:\Windows\SECOH-QAD.exe
C:\Windows\SECOH-QAD.dll
C:\Users\Pc\AppData\Local\Yandex
C:\Windows\ZAM.krnl.trace
C:\Windows\ZAM_Guard.krnl.trac
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
AlternateDataStreams: C:\Users\Pc\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Pc\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Pc\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Pc\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
FirewallRules: [{4821FE60-9451-4236-8CB3-568EA8705C80}] => (Allow) D:\Programy\uTorrent.exe => No File
FirewallRules: [{5E68247B-43F8-4A76-B7DB-DAFCFF1BD0B7}] => (Allow) D:\Programy\uTorrent.exe => No File
FirewallRules: [{2D137CA5-1C1A-450B-9675-CC7647DA6029}] => (Allow) E:\Program Files (x86)\Steam\steam.exe => No File
FirewallRules: [{0672A499-D7F8-4C09-91EC-53CADDD4C8AA}] => (Allow) E:\Program Files (x86)\Steam\steam.exe => No File
FirewallRules: [{F029148D-5091-49F2-8832-9CDC9257B7E4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{DE4C4ECD-9E3F-4E64-965F-2AE5EB461DD0}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{4241E8B4-2EFB-474A-9F5D-FC00A5701711}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [UDP Query User{3FA318AD-B7C3-451B-A863-FB6FA22E0B11}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File
FirewallRules: [TCP Query User{487AD6DD-C435-44B6-81E4-4E171F32BCA3}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{0202611D-EF96-4169-ADF5-35EA4018C206}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe => No File
FirewallRules: [{A42E7959-FAFE-4432-B7AD-44981C3F3AB9}] => (Allow) C:\Users\Pc\AppData\Local\Temp\download\MiniThunderPlatform.exe => No File
FirewallRules: [{A4E4AFE9-90D5-42CF-8AAA-A5F0B33FFA72}] => (Allow) C:\Users\Pc\AppData\Local\Temp\download\MiniThunderPlatform.exe => No File
FirewallRules: [TCP Query User{07E7FC71-5FBB-4E73-948F-8EA87E3DB68B}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{62C8DD3A-6C76-48F4-AFF3-3D0BE9FB4DF4}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [{DF4ACA8C-A8D4-4F15-89AA-5F656716BCB4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{818FC051-CE87-4EA8-9100-338B9403F460}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{07E7FC71-5FBB-4E73-948F-8EA87E3DB68B}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{62C8DD3A-6C76-48F4-AFF3-3D0BE9FB4DF4}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [{DF4ACA8C-A8D4-4F15-89AA-5F656716BCB4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{818FC051-CE87-4EA8-9100-338B9403F460}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{39F22F24-2852-445F-BA4A-EAB8A02BB64B}D:\hry\gtav\gta5.exe] => (Allow) D:\hry\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{CA014D9A-EDFD-499C-AD88-75D680D4CFBF}D:\hry\gtav\gta5.exe] => (Allow) D:\hry\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{A7BF0117-0A97-42E1-9FFF-BD4029E78F51}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{D637D47E-03FC-4985-9FF7-9E68B669F4B4}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [{A235DD40-3D2D-4856-810B-0B2F7328E48B}] => (Allow) F:\steamhry\steamapps\common\City Car Driving\bin\win32\starter.exe => No File
FirewallRules: [{8D66C9AD-2CE7-4C77-990D-0E139F654C5D}] => (Allow) F:\steamhry\steamapps\common\City Car Driving\bin\win32\starter.exe => No File
FirewallRules: [TCP Query User{1B6715FB-19DD-4AA0-9E60-351DFFC795A6}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{EA13CF3D-78D3-42E1-8808-40FCC76D1CEB}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe] => (Allow) D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-1162680484-1263434181-313051435-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AYYnthfk" => removed successfully
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1eb2dfb5-b7db-11eb-a996-2cf05d2cf332} => removed successfully
HKU\S-1-5-21-1162680484-1263434181-313051435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5881e1e6-5eda-11eb-a8dd-2cf05d2cf332} => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4241D077-76D6-4BB6-9408-30B3CC816A01}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4241D077-76D6-4BB6-9408-30B3CC816A01}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67247292-2817-496E-AAF8-D0C8C57D90D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67247292-2817-496E-AAF8-D0C8C57D90D3}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
ZAM => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ZAM => removed successfully
ZAM => service removed successfully
ZAM_Guard => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ZAM_Guard => removed successfully
ZAM_Guard => service removed successfully
C:\Windows\SECOH-QAD.exe => moved successfully
C:\Windows\SECOH-QAD.dll => moved successfully
C:\Users\Pc\AppData\Local\Yandex => moved successfully
C:\Windows\ZAM.krnl.trace => moved successfully
"C:\Windows\ZAM_Guard.krnl.trac" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
C:\Users\Pc\Data aplikací => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
C:\Users\Pc\Data aplikací => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS removed successfully
"C:\Users\Pc\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"C:\Users\Pc\AppData\Roaming" => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4821FE60-9451-4236-8CB3-568EA8705C80}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E68247B-43F8-4A76-B7DB-DAFCFF1BD0B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D137CA5-1C1A-450B-9675-CC7647DA6029}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0672A499-D7F8-4C09-91EC-53CADDD4C8AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F029148D-5091-49F2-8832-9CDC9257B7E4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE4C4ECD-9E3F-4E64-965F-2AE5EB461DD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4241E8B4-2EFB-474A-9F5D-FC00A5701711}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3FA318AD-B7C3-451B-A863-FB6FA22E0B11}F:\hry\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{487AD6DD-C435-44B6-81E4-4E171F32BCA3}C:\program files (x86)\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0202611D-EF96-4169-ADF5-35EA4018C206}C:\program files (x86)\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A42E7959-FAFE-4432-B7AD-44981C3F3AB9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4E4AFE9-90D5-42CF-8AAA-A5F0B33FFA72}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{07E7FC71-5FBB-4E73-948F-8EA87E3DB68B}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{62C8DD3A-6C76-48F4-AFF3-3D0BE9FB4DF4}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF4ACA8C-A8D4-4F15-89AA-5F656716BCB4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{818FC051-CE87-4EA8-9100-338B9403F460}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{07E7FC71-5FBB-4E73-948F-8EA87E3DB68B}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{62C8DD3A-6C76-48F4-AFF3-3D0BE9FB4DF4}C:\users\pc\desktop\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF4ACA8C-A8D4-4F15-89AA-5F656716BCB4}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{818FC051-CE87-4EA8-9100-338B9403F460}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{39F22F24-2852-445F-BA4A-EAB8A02BB64B}D:\hry\gtav\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CA014D9A-EDFD-499C-AD88-75D680D4CFBF}D:\hry\gtav\gta5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A7BF0117-0A97-42E1-9FFF-BD4029E78F51}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D637D47E-03FC-4985-9FF7-9E68B669F4B4}C:\users\pc\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A235DD40-3D2D-4856-810B-0B2F7328E48B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D66C9AD-2CE7-4C77-990D-0E139F654C5D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1B6715FB-19DD-4AA0-9E60-351DFFC795A6}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EA13CF3D-78D3-42E1-8808-40FCC76D1CEB}D:\hry\beamng.drive.v0.18.4.1\bin64\beamng.drive.x64.exe" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 259558615 B
Java, Flash, Steam htmlcache => 599821817 B
Windows/system/drivers => 1908914 B
Edge => 944366 B
Chrome => 1058865430 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 59863 B
LocalService => 929055 B
NetworkService => 1013903 B
Pc => 745858492 B
RecycleBin => 15764090751 B
EmptyTemp: => 17.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:04:49 ====
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Dominik Polanský
- Návštěvník
- Příspěvky: 3
- Registrován: 21 zář 2021 13:52
Re: Prosím o kontrolu logu
děkuji mnohokrát 
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?