Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola po spuštění fake aplikace (Phishing)

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
windyOMG
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 03 úno 2017 17:29

Kontrola po spuštění fake aplikace (Phishing)

#1 Příspěvek od windyOMG »

Dobrý den,

s velkou pravděpodobností se mi povedlo spustit fake aplikaci z fake stránek:
, originální doména má com
Děkuji za kontrolu, nebo rady co teď :) (PC zatím funguje normálně)

Díky






Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2021
Ran by winki (administrator) on DESKTOP-0S50FER (MSI MS-7816) (08-10-2021 00:38:52)
Running from C:\Users\winki\Desktop
Loaded Profiles: winki
Platform: Windows 10 Pro Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Users\winki\AppData\Local\Google\Chrome\Application\chrome.exe <26>
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Logitech Inc -> Logitech) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\winki\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2110.1001.3.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.57.20005.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.57.20005.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe <2>
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2176648 2018-06-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-11] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-08-04] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4105424 2021-10-05] (Opera Software AS -> Opera Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20229112 2020-08-27] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Google Update] => C:\Users\winki\AppData\Local\Google\Update\1.3.36.112\GoogleUpdateCore.exe [223816 2021-10-01] (Google LLC -> Google LLC)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Discord] => C:\Users\winki\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Chromium] => "c:\users\winki\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [BingWallpaperApp] => C:\Users\winki\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [8537992 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\MountPoints2: {51189c54-fea3-11e6-84cd-d43d7ebdf362} - "L:\setup.exe"
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\MountPoints2: {51189c68-fea3-11e6-84cd-d43d7ebdf362} - "M:\setup.exe"
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-04-19]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
Startup: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2018-11-20]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CBBB98C-185E-4E3F-9534-378A7B6AA85F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {1EE03511-592B-4CE9-86D3-7347A05D6666} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {22433C11-6461-48E1-A7D7-C7BC91E3B3C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {225032E8-C932-4DE4-8C3E-29331FFA3B8E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {29496495-DBEA-4A25-8A1B-F1A2E6758D3E} - System32\Tasks\BlueStacksHelper => E:\BlueStacks\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {365BA5C9-DA36-4487-A189-94FCA75D566E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {37FCFF72-FB4C-43E8-8E6F-44F3C5C8325D} - System32\Tasks\CCleanerSkipUAC - winki => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4546E0B9-1CAE-45C8-A5D9-3909CA58A036} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {47DE83FC-56A5-47CE-8CE7-EFC3F8BBD991} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5852828C-5F23-4BBC-8398-A87BAF28FA4C} - System32\Tasks\update-S-1-5-21-116116240-444440880-2871013289-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5C779B50-E435-4927-96B5-2DD5019408B7} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {618F94CF-8D2C-44F6-8A75-D879641D0389} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6325AA52-C076-457C-8B4C-D1A8936425DC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {6806018A-361B-4255-9B9C-D4CB6D759316} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1967880 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {688B931F-ABB5-4F77-92D3-18F4F7A3D913} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {6A6D4688-3816-41D1-AEB0-C1F5020E2F5E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71688812-9B43-4196-8392-ED30620DBB6F} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [110660344 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {7238502E-7979-4C81-9689-EF6C98D0F531} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7306F5F2-F345-43BD-B903-82068DC5492E} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {7E185508-AB5F-4E3D-AF92-D727B92ED555} - System32\Tasks\Opera scheduled assistant Autoupdate 1600814896 => C:\Program Files\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {7F7FFB5C-9549-43CF-BC93-7F788ED456E2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [1457152 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {81D5CB1A-E49C-40BD-BF83-03D22B51AF1E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {85BA77A5-7847-4FCE-8BF3-5C8E42E54FCA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {85D780AF-E3CD-4EC2-9F6E-451ACA91817E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {95203962-B68A-4868-95A1-B4B317918CC0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C3B4B18-C671-4402-8872-CD0C2B97AD8B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {9CE455CC-F7D6-4FD5-83AB-F84D314E641A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {9FF06ED2-C1C1-40D0-9E0A-A6A935FAA6D3} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-0S50FER-winki => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A2D0BDBB-44F7-430A-B6F8-FF363BCB30AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4A0E901-69F7-46B4-9CD2-B719D143A794} - System32\Tasks\Opera scheduled Autoupdate 1525300582 => C:\Program Files\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software)
Task: {A5CFED16-5809-4D56-A84B-6223E5E4875A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A62F56C3-1646-41BA-8694-6C56ED09F572} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AAC03E66-81F8-45AF-91AD-2A45F90B641D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAFFAAD3-7110-4AE3-AF5A-A0E361CD54CE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC38554B-50DD-4AB5-A97F-A43BFFED0CFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B13AE8B6-9ACC-4FA3-A220-D79E3300EA89} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA => C:\Users\winki\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-02-26] (Google Inc -> Google Inc.)
Task: {B62C7899-F0EE-4494-BB2A-A1802E5B5065} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {BB0935CC-BD63-464F-886F-D1CC7280830E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {BBA3FD37-275D-4B33-A946-D68E471B46A1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core => C:\Users\winki\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-02-26] (Google Inc -> Google Inc.)
Task: {C0C1754E-C513-417D-9E3B-DD500587F2DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C35C5792-B244-49A0-90E4-556E4999A02A} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39176 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {C3854B7A-2F25-4BA7-B66B-8844F2E12BE1} - System32\Tasks\ProtonVPN Update => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-09-01] (ProtonVPN AG -> )
Task: {C9DCDCDF-B853-4F86-8282-B2C28762A32E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D10E0421-F103-4AA3-998A-D5BBDDDA0C61} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {D59A6508-6049-4F6C-802D-3047A26F7FE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {D652AFA8-4973-45FA-8155-F46F17329808} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DCF73F1E-2CE2-4139-8AAF-D303E5CA75EC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7A8EDEC-A7E6-439E-B333-0C3E1130D771} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3977072 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFE93434-60D4-4446-A1CA-457F3C800134} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {F6F527BD-98C3-4B47-A272-F4F4A8BA5FD1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD3D6E59-19D1-4E34-A813-430D0A075BBA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-116116240-444440880-2871013289-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f6f79c62-3dd4-4c57-afbc-ad196e28e681}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\winki\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-08]

FireFox:
========
FF DefaultProfile: 8k8cupjw.default
FF ProfilePath: C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981 [2021-10-08]
FF Extension: (Disconnect) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\2.0@disconnect.me.xpi [2021-02-22]
FF Extension: (TubeBuddy) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2021-09-22]
FF Extension: (BetterTTV) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\firefox@betterttv.net.xpi [2021-10-07]
FF Extension: (vidIQ Vision for YouTube) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\firefox@vid.io.xpi [2021-09-29]
FF Extension: (Twitch Clip Downloader) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{242c2204-f50c-4495-8ec1-57c9d722524a}.xpi [2021-06-28]
FF Extension: (Downloader for Instagram™) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{83bdc210-e037-4d76-8889-2e127ecc06c7}.xpi [2020-05-12]
FF Extension: (The Unofficial Social Blade Extension) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{a5213d5f-2958-4370-848c-91caac3d96bc}.xpi [2020-05-16]
FF Extension: (Video DownloadHelper) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-03]
FF Extension: (No Name) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-03]
FF Extension: (M Clip Twitch) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{d663b001-775c-4cef-aa5f-b757be3d896b}.xpi [2020-06-12]
FF ProfilePath: C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default [2021-02-22]
FF Extension: (Seznam doplněk - Esko) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\sko-extension@firma.seznam.cz.xpi [2020-01-29]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\sp@avast.com.xpi [2020-01-18]
FF Extension: (Avast Online Security) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\wrc@avast.com.xpi [2019-10-06] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (No Name) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-25]
FF Extension: (M Clip Twitch) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\{d663b001-775c-4cef-aa5f-b757be3d896b}.xpi [2020-02-01]
FF Extension: (No Name) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default [2021-10-08]
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Easy Auto Refresh) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2021-04-12]
CHR Extension: (Překladač Google) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-14]
CHR Extension: (Prezentace) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (BetterTTV) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-10-06]
CHR Extension: (Dokumenty) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-26]
CHR Extension: (Honey) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-09-28]
CHR Extension: (Social Blade) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2021-05-31] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
CHR Extension: (NeatClip) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhflbphjbcnpeebdbgbambmohadfaok [2020-05-16]
CHR Extension: (Adobe Acrobat) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-09-07]
CHR Extension: (Fonts Ninja) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2021-08-19]
CHR Extension: (FrankerFaceZ) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2019-03-27]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2021-07-17]
CHR Extension: (Tabulky) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Plex) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2017-10-11]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-17]
CHR Extension: (Night Mode Pro) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbilbeoogenjmnabenfjfoockmpfnjoh [2021-07-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-28]
CHR Extension: (FormApps Extension) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-14]
CHR Extension: (M Clip Twitch) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaipghhkfodkjbodidbgnekkkdbagade [2021-02-22]
CHR Extension: (TREZOR Chrome Extension) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcjjhjgimijdkoamemaghajlhegmoclj [2017-12-11]
CHR Extension: (WavesLiteApp) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmcaklajknfekomaflnhkjjkcjabogm [2018-09-04]
CHR Extension: (Google Play) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-02-26]
CHR Extension: (Mapy Google) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-02-26]
CHR Extension: (Morpheon Dark) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-09-14]
CHR Extension: (Twitch Clip Downloader 2020) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnenbmhckgnahghjhelklajobocdiijf [2021-02-22]
CHR Extension: (MetaMask) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-09-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Enhanced Steam) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2019-02-01]
CHR Extension: (Twitch Channel Points Autoclicker) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbeamibpehihpjljabhnchghlbneiane [2021-02-22]
CHR Extension: (Evernote Web Clipper) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2021-07-27]
CHR Extension: (Gmail) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Hlídač Shopů) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2021-09-17]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Profile: C:\Users\winki\AppData\Roaming\Opera Software\Opera Stable [2021-10-08]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\winki\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-07-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-08-26] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [42632 2020-04-15] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R2 EBC Client; C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe [95880 2020-04-16] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncHelper.exe [3249520 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
S3 MagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [348728 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [314232 2020-08-05] (Locktime Software s.r.o. -> Locktime Software)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\OneDriveUpdaterService.exe [3718016 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-10-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475680 2021-10-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1412592 2020-08-27] (Plex, Inc. -> Plex, Inc.)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [98624 2020-09-01] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-09-01] (ProtonVPN AG -> )
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [348728 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13353768 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (Anvsoft Inc. -> AnvSoft Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73448 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53504 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [183528 2020-08-05] (Locktime Software s.r.o. -> Locktime Software)
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-08 01:24 - 2021-10-08 01:24 - 110100480 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-10-08 01:20 - 2021-10-08 01:24 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-10-08 00:38 - 2021-10-08 00:39 - 000046902 ____C C:\Users\winki\Desktop\FRST.txt
2021-10-08 00:38 - 2021-10-08 00:39 - 000000000 ____D C:\FRST
2021-10-08 00:37 - 2021-10-08 00:37 - 002308096 _____ (Farbar) C:\Users\winki\Desktop\FRST64.exe
2021-10-08 00:32 - 2021-10-08 00:32 - 020049213 _____ C:\Users\winki\Downloads\CzechCloud_1633645962735.mp4
2021-10-08 00:00 - 2021-10-08 00:00 - 000000000 ____D C:\Users\winki\AppData\Local\Yandex
2021-10-07 23:59 - 2021-10-07 23:59 - 000000000 ____D C:\Users\winki\Downloads\LetaSoft_Sound_Booster
2021-10-07 19:15 - 2021-10-07 19:15 - 009311798 _____ C:\Users\winki\Downloads\MichalDecit_1633626912109.mp4
2021-10-07 19:03 - 2021-10-07 19:03 - 038019751 _____ C:\Users\winki\Downloads\TommyQuestionMark_1633626183260.mp4
2021-10-07 18:45 - 2021-10-07 18:45 - 013677898 _____ C:\Users\winki\Downloads\LadyHoonigan_1633625118326.mp4
2021-10-07 18:43 - 2021-10-07 18:43 - 006343796 _____ C:\Users\winki\Downloads\LadyHoonigan_1633624989107.mp4
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignd35d656c894c5254
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignc61808b9b4e611ac
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign96c5100ed341cc31
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign438be2a159abfef6
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign21868dc2bb330680
2021-10-06 20:33 - 2021-10-06 20:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfea7eeda10b488e2
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsigne9617f44df25e024
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5faef233732d4b57
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign1a66f7f7af69ec84
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign0d80ec30daac9ffb
2021-10-04 11:25 - 2021-10-04 11:25 - 000000000 ____D C:\ProgramData\MisterHorse
2021-10-04 11:19 - 2021-10-04 11:19 - 000001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mister Horse Product Manager.lnk
2021-10-04 11:19 - 2021-10-04 11:19 - 000000000 ____D C:\Program Files\Mister Horse Product Manager
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7ffa8645d77248ea
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5d09c92f4e366c97
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign448f7c893d418a32
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign112c6f201cb45eb4
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign0ad97743e7e5056f
2021-09-30 09:57 - 2021-10-08 00:25 - 000000000 ____D C:\Users\winki\AppData\Roaming\Samsung Magician
2021-09-30 09:56 - 2021-09-30 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2021-09-29 12:55 - 2021-09-29 12:55 - 000000000 ____D C:\ProgramData\obs-studio-hook
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignf24d6d8fbeace066
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7d5e077878c175db
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign6e6a46a1f6a8b565
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5544b13200ce83c1
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign3142bfa8ac30eeb2
2021-09-28 15:14 - 2021-09-28 15:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignad878ce8351eda02
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfc2726b2f5a23c34
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignf096127ac11ffb49
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignd48a327a02481dc1
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign02646bfec6f23f98
2021-09-24 20:12 - 2021-09-24 20:12 - 000000976 _____ C:\Users\Public\Desktop\Mafia - Definitve Edition.lnk
2021-09-24 20:12 - 2021-09-24 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia - Definitve Edition
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignc9f9d1132b7628d9
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignb50aa54adaaf6bdb
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7f29fc86089fdb08
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign11c262b46da5fa16
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign03a5a58ffd752a8a
2021-09-21 22:19 - 2021-09-21 22:19 - 000000000 ____D C:\Users\winki\AppData\Local\Kena
2021-09-21 19:05 - 2021-09-21 19:05 - 000000754 ____C C:\Users\winki\Desktop\Kena Bridge of Spirits.lnk
2021-09-21 19:05 - 2021-09-21 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kena Bridge of Spirits
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsigne7d18d7a5e4bdf3c
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsigndfb4a061bdfd6a48
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignbcd6a6232eec1e57
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign8b077e82aba62c03
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign1fa36c4fc10f3045
2021-09-20 10:51 - 2021-09-20 10:51 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-09-17 13:23 - 2021-09-17 13:23 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfbf058ed866cd640
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignf1c9895ca7d5faa1
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignc45a2b640df51291
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7b9f1d426052269e
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7399cd02574ef573
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign6bb2c9d2853c9b38
2021-09-17 12:30 - 2021-09-17 12:30 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-17 12:30 - 2021-09-17 12:30 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 12:30 - 2021-09-17 12:30 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-17 12:30 - 2021-09-17 12:30 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-17 12:30 - 2021-09-17 12:30 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-17 12:30 - 2021-09-17 12:30 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 12:30 - 2021-09-17 12:30 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-17 12:30 - 2021-09-17 12:30 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-17 12:30 - 2021-09-17 12:30 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-17 12:29 - 2021-09-17 12:29 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 12:29 - 2021-09-17 12:29 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 12:29 - 2021-09-17 12:29 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-17 12:29 - 2021-09-17 12:29 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-17 12:29 - 2021-09-17 12:29 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-17 12:29 - 2021-09-17 12:29 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 12:29 - 2021-09-17 12:29 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-17 12:29 - 2021-09-17 12:29 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-17 12:23 - 2021-09-17 12:23 - 000000000 ___HD C:\$WinREAgent
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfdaa669ef0df864e
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignea481d8cd5307a14
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5b7174a54622a7fc
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign511901f3bf70c2eb
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign40931290d88d6d37
2021-09-15 19:37 - 2021-09-15 19:37 - 000000223 ____C C:\Users\winki\Desktop\Gas Station Simulator.url
2021-09-13 18:15 - 2021-09-13 18:15 - 000000681 ____C C:\Users\winki\Desktop\NBA 2K22.lnk
2021-09-13 18:15 - 2021-09-13 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K22
2021-09-13 16:20 - 2021-09-13 16:20 - 003596530 _____ C:\Users\winki\Downloads\KouKiShaK_1631542801675.mp4
2021-09-10 17:17 - 2021-09-10 17:17 - 000000916 ____C C:\Users\winki\Desktop\Life is Strange True Colors.lnk
2021-09-10 17:17 - 2021-09-10 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life is Strange True Colors

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-08 00:37 - 2019-10-03 23:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-10-08 00:32 - 2021-05-14 23:34 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-08 00:32 - 2019-12-07 16:43 - 000716762 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-08 00:32 - 2019-12-07 16:43 - 000144940 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-08 00:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-08 00:27 - 2019-02-18 13:18 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-08 00:27 - 2018-08-15 19:23 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-08 00:27 - 2017-05-17 15:10 - 000000000 ____D C:\Program Files\CCleaner
2021-10-08 00:27 - 2017-04-19 12:03 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-08 00:26 - 2017-04-07 11:43 - 000000000 ___DC C:\Users\winki\AppData\LocalLow\Mozilla
2021-10-08 00:25 - 2021-05-14 23:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-08 00:25 - 2021-05-14 22:59 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-08 00:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-08 00:25 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-08 00:25 - 2019-01-07 02:55 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-10-08 00:25 - 2018-01-04 22:49 - 000000000 ___RD C:\Users\winki\iCloudDrive
2021-10-08 00:25 - 2017-03-13 02:38 - 000000000 ___DC C:\Users\winki\AppData\Local\Plex Media Server
2021-10-08 00:25 - 2017-02-26 11:31 - 000000000 ___RD C:\Users\winki\OneDrive
2021-10-08 00:20 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-08 00:11 - 2017-03-01 23:17 - 000000000 ___DC C:\Users\winki\AppData\Roaming\DAEMON Tools Lite
2021-10-08 00:11 - 2017-02-26 23:35 - 000000000 ____D C:\Program Files (x86)\Steam
2021-10-08 00:11 - 2017-02-26 11:39 - 000000000 ___DC C:\Users\winki\AppData\Local\CrashDumps
2021-10-08 00:08 - 2017-07-21 19:37 - 000000000 ___DC C:\Users\winki\AppData\Roaming\discord
2021-10-08 00:03 - 2017-12-07 14:17 - 000000000 ___DC C:\Users\winki\AppData\Local\Packages
2021-10-07 23:17 - 2017-07-21 19:37 - 000000000 ___DC C:\Users\winki\AppData\Local\Discord
2021-10-07 19:27 - 2017-10-27 09:59 - 000000000 ___DC C:\Users\winki\AppData\Local\Ubisoft Game Launcher
2021-10-07 16:14 - 2020-10-20 21:48 - 000000000 ____D C:\Users\winki\AppData\Local\Ori and the Blind Forest DE
2021-10-07 16:03 - 2017-03-02 19:39 - 000000000 ___DC C:\Users\winki\AppData\Local\Spotify
2021-10-07 16:03 - 2017-03-02 19:37 - 000000000 ___DC C:\Users\winki\AppData\Roaming\Spotify
2021-10-07 15:20 - 2017-02-26 12:02 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-10-07 15:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-07 15:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-07 13:44 - 2017-02-27 11:44 - 000000000 ___DC C:\Users\winki\AppData\Roaming\vlc
2021-10-07 12:20 - 2020-04-18 10:19 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-10-07 12:20 - 2019-12-14 20:37 - 000315856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-10-07 12:20 - 2019-10-10 11:27 - 000061880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-10-07 12:20 - 2019-06-13 22:25 - 002208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-10-07 12:20 - 2019-06-13 22:25 - 000213432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-10-07 12:20 - 2019-06-13 22:25 - 000188880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-10-07 11:16 - 2020-02-05 19:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-07 11:16 - 2017-04-07 11:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-06 20:33 - 2020-02-05 19:00 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-06 19:37 - 2017-02-26 23:26 - 000000000 ___DC C:\Users\winki\AppData\Roaming\Origin
2021-10-06 19:37 - 2017-02-26 23:26 - 000000000 ____D C:\Program Files (x86)\Origin
2021-10-06 19:37 - 2017-02-26 23:22 - 000000000 ___DC C:\Users\winki\AppData\Local\Origin
2021-10-06 19:37 - 2017-02-26 23:22 - 000000000 ____D C:\ProgramData\Origin
2021-10-06 15:25 - 2017-02-26 11:37 - 000002543 ____C C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-06 15:25 - 2017-02-26 11:37 - 000002506 ____C C:\Users\winki\Desktop\Google Chrome.lnk
2021-10-06 14:57 - 2018-05-20 13:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-05 23:56 - 2018-05-03 00:35 - 000000000 ____D C:\Program Files\Opera
2021-10-05 17:32 - 2021-05-14 23:34 - 000004170 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1600814896
2021-10-05 15:24 - 2021-05-14 22:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-05 13:52 - 2021-05-14 23:34 - 000003958 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1525300582
2021-10-05 13:52 - 2018-05-03 00:36 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-10-04 11:47 - 2017-03-06 21:03 - 000000000 ___DC C:\Users\winki\AppData\Local\MisterHorse
2021-10-04 10:10 - 2017-03-10 14:48 - 000000000 ___DC C:\Users\winki\AppData\Roaming\Anvsoft
2021-10-03 13:17 - 2020-10-01 13:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-02 22:10 - 2020-08-22 02:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-02 22:10 - 2020-08-22 02:14 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-02 21:24 - 2017-02-26 23:52 - 000000000 ___DC C:\Users\winki\AppData\Roaming\uTorrent
2021-10-02 12:05 - 2021-06-29 21:06 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7694fd9bd15f6
2021-10-02 12:05 - 2021-05-14 23:34 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-01 17:36 - 2017-02-26 19:42 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-01 10:20 - 2021-06-22 14:21 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-10-01 00:06 - 2021-05-14 23:34 - 000003730 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA
2021-10-01 00:06 - 2021-05-14 23:34 - 000003462 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core
2021-09-30 23:38 - 2021-05-14 23:34 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-30 23:38 - 2021-05-14 23:34 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-30 17:24 - 2021-05-14 23:34 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-09-30 17:24 - 2021-05-14 21:55 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-30 09:56 - 2021-05-17 12:39 - 000003352 _____ C:\WINDOWS\system32\Tasks\SamsungMagician
2021-09-29 12:58 - 2017-03-21 13:33 - 000000000 ___DC C:\Users\winki\AppData\Roaming\obs-studio
2021-09-28 22:51 - 2018-01-04 22:49 - 000000000 ___DC C:\Users\winki\Documents\Soubory Outlooku
2021-09-24 20:43 - 2017-03-23 21:11 - 000000000 ___DC C:\Users\winki\Documents\My Games
2021-09-23 11:16 - 2017-07-21 19:37 - 000002272 ____C C:\Users\winki\Desktop\Discord.lnk
2021-09-21 22:19 - 2018-05-30 15:29 - 000000000 ___DC C:\Users\winki\AppData\Local\D3DSCache
2021-09-18 17:43 - 2019-04-18 22:12 - 000000000 ___DC C:\Users\winki\Documents\Euro Truck Simulator 2
2021-09-17 19:01 - 2021-05-14 22:59 - 007073336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-17 16:25 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-17 16:25 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-17 13:22 - 2017-03-06 21:24 - 000000033 _____ C:\Users\winki\AppData\Roaming\AdobeWLCMCache.dat
2021-09-17 12:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-17 12:23 - 2017-02-26 19:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-17 12:19 - 2017-02-26 19:28 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 21:15 - 2021-05-14 23:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-15 13:09 - 2021-04-18 16:35 - 000000000 ___DC C:\WINDOWS\Panther
2021-09-15 12:45 - 2021-05-14 23:34 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-10 17:14 - 2021-08-18 21:08 - 000000000 ____D C:\Games
2021-09-08 21:47 - 2020-10-01 13:55 - 000605520 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-09-08 21:47 - 2020-10-01 13:55 - 000486736 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Files in the root of some directories ========

2017-03-06 21:24 - 2021-09-17 13:22 - 000000033 _____ () C:\Users\winki\AppData\Roaming\AdobeWLCMCache.dat
2020-10-25 22:06 - 2020-10-25 22:06 - 000000047 _____ () C:\Users\winki\AppData\Roaming\~SiMPLEX.ini
2018-07-24 17:29 - 2021-06-19 18:04 - 000001480 ____C () C:\Users\winki\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-02-26 22:32 - 2020-08-27 22:55 - 000000081 ____C () C:\Users\winki\AppData\Local\FILM_AE_LogFile.txt
2018-09-27 21:16 - 2018-09-27 21:16 - 000000000 ____C () C:\Users\winki\AppData\Local\oobelibMkey.log
2020-07-19 22:59 - 2020-08-17 13:58 - 000004995 _____ () C:\Users\winki\AppData\Local\PlariumPlay.log
2017-03-12 12:39 - 2021-05-22 12:33 - 000007640 ____C () C:\Users\winki\AppData\Local\Resmon.ResmonCfg
2018-06-29 12:57 - 2018-06-29 12:57 - 000000003 ____C () C:\Users\winki\AppData\Local\updater.log
2018-06-29 12:57 - 2018-06-29 12:57 - 000000425 ____C () C:\Users\winki\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

windyOMG
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 03 úno 2017 17:29

Re: Kontrola po spuštění fake aplikace (Phishing)

#2 Příspěvek od windyOMG »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2021
Ran by winki (08-10-2021 00:40:52)
Running from C:\Users\winki\Desktop
Windows 10 Pro Version 21H1 19043.1237 (X64) (2021-05-14 21:35:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-116116240-444440880-2871013289-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-116116240-444440880-2871013289-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-116116240-444440880-2871013289-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-116116240-444440880-2871013289-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-116116240-444440880-2871013289-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-116116240-444440880-2871013289-504 - Limited - Disabled)
winki (S-1-5-21-116116240-444440880-2871013289-1001 - Administrator - Enabled) => C:\Users\winki

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader (HKLM\...\{29F889EE-CD6A-48B7-8197-9E37E54336C9}) (Version: 4.18.1.4500 - Open Media LLC)
A Plague Tale Innocence (HKLM-x32\...\A Plague Tale Innocence_is1) (Version: - )
ADATA SSD ToolBox version 4.1.0 (HKLM-x32\...\{C0991D3E-8786-48E7-A5DB-57FBACB0A03A}_is1) (Version: 4.1.0 - ADATA, Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20095 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_2) (Version: 17.0.2 - Adobe Inc.)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_0_0) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_0) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_1_2) (Version: 24.1.2 - Adobe Inc.)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1887, 19.02.2017 - AIMP DevTeam)
Any Video Converter Ultimate 6.0.4 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
A-PDF Split 2.7 (HKLM-x32\...\A-PDF Split_is1) (Version: - A-PDF.com)
Apeaksoft Data Recovery 1.2.18 (HKLM-x32\...\{DB8A74C3-8F3E-4711-B152-436BDD91DAE1}_is1) (Version: 1.2.18 - Apeaksoft Studio)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Ashampoo Burning Studio 19 (HKLM-x32\...\{91B33C97-BA3F-5C99-C2A6-0EB17CC9054B}_is1) (Version: 19.0.2 - Ashampoo GmbH & Co. KG)
Balíček ovladače systému Windows - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Wallpaper (HKLM-x32\...\{9C94D5E4-22D6-457B-9263-9C68DBF669DD}) (Version: 1.0.9.3 - Microsoft Corporation)
BitLord 2.4 (HKLM-x32\...\BitLord) (Version: 2.4.6-350 - House of Life)
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.0.1022 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Cities Skylines Industries (HKLM-x32\...\Cities Skylines Industries_is1) (Version: - )
Cooking Simulator Pizza (HKLM-x32\...\Cooking Simulator Pizza_is1) (Version: - )
Core Temp 1.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.7 - ALCPU)
Crucial Storage Executive (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Crucial Storage Executive 3.55.032018.04) (Version: 7.01.012021.03 - Crucial)
CrystalDiskInfo 8.12.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.0 - Crystal Dew World)
CrystalDiskMark 8.0.1 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.1 - Crystal Dew World)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: Build_3214677Change_4155897 - GOG.com)
Cyberpunk 2077 (HKLM-x32\...\Cyberpunk 2077_is1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Deezloader Remix 4.3.0 (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\5eed4b40-1ed5-51be-ab52-56cdb94a998f) (Version: 4.3.0 - RemixDevs)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Delta 0.9.2 (only current user) (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\0161ecdc-2041-5655-9e4e-ee442fb322e0) (Version: 0.9.2 - Opus Labs CVBA)
Desperados III (HKLM-x32\...\Desperados III_is1) (Version: - )
Discord (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EaseUS Todo Backup 13.2 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 13.2 - CHENGDU YIWO Tech Development Co., Ltd)
Effects Suite 64-bit (HKLM\...\{A9462025-681A-44C7-9F6F-70C96320F4C2}) (Version: 11.0.0 - Red Giant Software) Hidden
Effects Suite 64-bit (HKLM-x32\...\InstallShield_{A9462025-681A-44C7-9F6F-70C96320F4C2}) (Version: 11.0.0 - Red Giant Software)
Electrum (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Electrum) (Version: 2.9.3 - Electrum Technologies GmbH)
Epic Games Launcher (HKLM-x32\...\{AFC6C4B8-57A3-43C3-9F1C-C4239CAECDAC}) (Version: 1.1.215.0 - Epic Games, Inc.)
Folder Marker Pro (HKLM\...\Folder Marker Pro_is1) (Version: 4.2 - ArcticLine Software)
FontForge verze 31-07-2017 (HKLM-x32\...\{56748B9C-19AE-4689-B8C5-5A45AE0A993A}_is1) (Version: 31-07-2017 - FontForgeBuilds)
FormApps Signing Extension (HKLM-x32\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeFileSync 9.9 (HKLM-x32\...\FreeFileSync_is1) (Version: 9.9 - FreeFileSync.org)
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
Garden Flipper (HKLM-x32\...\1833342145_is1) (Version: 1.2189 (43428) - GOG.com)
Ghostbusters The Video Game Remastered (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Ghostbusters The Video Game Remastered) (Version: - HOODLUM)
Going Medieval (HKLM-x32\...\1697094317_is1) (Version: 0.5.28.4-REL - GOG.com)
Google Chrome (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Google Chrome) (Version: 94.0.4606.71 - Google LLC)
Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 9.0.7.0 - Google LLC.)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HGTV Flipper (HKLM-x32\...\1689378242_is1) (Version: 1.2189 (43428) - GOG.com)
House Flipper (HKLM-x32\...\1140907376_is1) (Version: 1.2189 (43428) - GOG.com)
HUMANKIND™ (HKLM-x32\...\FLT_Humankind) (Version: - )
Chia Blockchain (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\chia-blockchain) (Version: 1.1.7 - Chia Network)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
IOTA Wallet 2.5.6 (only current user) (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\85125e2a-0211-5c49-9018-9358da1074b1) (Version: 2.5.6 - IOTA Foundation)
iTunes (HKLM\...\{81B253F3-31F6-48CD-96D1-5325EA0E093F}) (Version: 12.11.4.15 - Apple Inc.)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Kena Bridge of Spirits (HKLM-x32\...\Kena Bridge of Spirits_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Life is Strange True Colors (HKLM-x32\...\Life is Strange True Colors_is1) (Version: - )
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.9.3.5 - Hermann Schinagl)
Little Nightmares II (HKLM-x32\...\Little Nightmares II_is1) (Version: - )
Logitech Options (HKLM\...\LogiOptions) (Version: 6.90.135 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Mafia - Definitve Edition (HKLM-x32\...\{D383B15E-3CE1-4B7F-8E88-F93D39BB2E5C}_is1) (Version: - hangar 13)
Magic Bullet Suite v12.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 12.1.4 - Red Giant, LLC)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.38 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.38 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.2.116.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Mister Horse Product Manager (HKLM\...\Mister Horse Product Manager_is1) (Version: 2.0.3 - )
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 93.0 (x64 cs)) (Version: 93.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
MultiBit HD 0.5.1 (HKLM\...\6925-4794-5772-4956) (Version: 0.5.1 - KeepKey,LLC)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NBA 2K22 (HKLM-x32\...\NBA 2K22_is1) (Version: - )
Neon 2.0.0 (only current user) (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\211a501f-25dd-501b-8c98-509ac17aedfa) (Version: 2.0.0 - Ethan Fast)
NetLimiter 4 (HKLM\...\{B3EE94C1-7558-41F1-90B3-EBD718193F95}) (Version: 4.0.68.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.68.0) (Version: 4.0.68.0 - Locktime Software)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.96 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Opera Stable 79.0.4143.72 (HKLM-x32\...\Opera 79.0.4143.72) (Version: 79.0.4143.72 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.105.49133 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Plex Media Server (HKLM-x32\...\{b5de1a1d-c377-415c-8d61-6513b39c0b0a}) (Version: 1.20.1.3252 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{ED54B00E-46E5-42F2-9590-7727CCE52133}) (Version: 1.20.1252 - Plex, Inc.) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Project CARS 3 (HKLM-x32\...\Project CARS 3_is1) (Version: - )
ProtonVPN (HKLM-x32\...\{3047853A-7C09-4DF6-9B3C-3758F1DBC82F}) (Version: 1.17.1 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.17.1) (Version: 1.17.1 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.10.0 - Red Giant, LLC)
Revo Uninstaller Pro 4.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.5 - VS Revo Group, Ltd.)
RidersRepublic (HKLM-x32\...\Uplay Install 5719) (Version: - Ubisoft)
RimWorld Ideology (HKLM-x32\...\RimWorld Ideology_is1) (Version: - )
Road 96 (HKLM-x32\...\Road 96_is1) (Version: - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.0.0.510 - Samsung Electronics)
Skype verze 8.25 (HKLM-x32\...\Skype_is1) (Version: 8.25 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Spotify) (Version: 1.1.69.612.gb7409abc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{4AE34600-E4A1-4025-831A-F95EA1EF0FC2}) (Version: 1.20.1252 - Plex, Inc.) Hidden
SuperLuminal StarDust v1.1.2 CE for After Effects (HKLM\...\StarDust_is1) (Version: 1.1.2 - Team V.R)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Telegram Desktop version 1.5.15 (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.15 - Telegram Messenger LLP)
The Wolf Among Us čeština verze 5.0 (HKLM-x32\...\{47E808C7-0C07-4DF8-877F-7FD653DCDE7B}_is1) (Version: 5.0 - )
Thumbnail me 3.0 (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Thumbnail me 3.0) (Version: - )
Trackmania (HKLM-x32\...\Uplay Install 5595) (Version: - Ubisoft)
Train Valley 2 (HKLM\...\TinyISO - Train Valley 2) (Version: - TinyISO)
Trapcode Suite v13.0.1 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.0.1 - Red Giant, LLC)
TrucksBook Client verze 1.3.2 (HKLM-x32\...\TrucksBook Client_is1) (Version: 1.3.2 - TrucksBook)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 50.0 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Skype for Business 2016 (KB4493155) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5376168B-3DBF-4B19-9F74-2ECBDC1BFB46}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4493155) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5376168B-3DBF-4B19-9F74-2ECBDC1BFB46}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4493155) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{5376168B-3DBF-4B19-9F74-2ECBDC1BFB46}) (Version: - Microsoft)
VdhCoApp 1.6.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Waves Client 1.0.21 (only current user) (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\f077d7c1-dd13-50a1-8533-9deb9aba8648) (Version: 1.0.21 - Waves Platform)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WizTree v3.25 (HKLM\...\WizTree_is1) (Version: - Antibody Software)
WRC 10 FIA World Rally Championship (HKLM-x32\...\WRC 10 FIA World Rally Championship_is1) (Version: - )
ZXP Installer (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\5dbc225fc0bf0a3b) (Version: 0.5.0.124 - aescripts + aeplugins)

Packages:
=========
A Plague Tale: Innocence -> C:\Program Files\WindowsApps\FocusHomeInteractiveSA.APlagueTaleInnocence-Window_1.0.6.0_x64__4hny5m903y3g0 [2020-08-17] (Focus Home Interactive SA)
Daily Desktop Wallpaper -> C:\Program Files\WindowsApps\41879VbfnetApps.DailyBingWallpaper_2.9.6.0_x64__7casf8sqhfy78 [2020-12-27] (Vbfnet Apps)
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_5.30.70.0_x86__q7m17pa7q8kj0 [2021-10-01] (Deezer SA)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc)
Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.474.687.2_x64__8wekyb3d8bbwe [2021-09-06] (Microsoft Studios)
Forza Horizon 4 Formula Drift Car Pack -> C:\Program Files\WindowsApps\Microsoft.FormulaDriftCarPack_1.0.3.2_neutral__8wekyb3d8bbwe [2021-05-16] (Microsoft Studios)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.17.0_neutral__8xx8rvfyw5nnt [2021-10-02] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-14] (Microsoft Corporation) [MS Ad]
Microsoft Flight Simulator -> C:\Program Files\WindowsApps\Microsoft.FlightSimulator_1.18.15.0_x64__8wekyb3d8bbwe [2021-08-07] (Microsoft Studios)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-09-03] (NVIDIA Corp.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-25] (Microsoft Corporation)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-04-06] (Samsung Electronics Co. Ltd.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.93\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{9B57F475-CCB0-4C85-88A9-2AA9A6C0809A} -> [Amazon Drive] => C:\Users\winki\Amazon Drive
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\winki\AppData\Local\Google\Chrome\Application\94.0.4606.71\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{bb271103-d1ae-4967-855f-b2a5c5d165e3}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ShellIconOverlayIdentifiers: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ShellIconOverlayIdentifiers-x32: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-03-07] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2020-04-16] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2020-04-16] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-03-07] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2020-04-16] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\nvshext.dll [2021-08-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [FMMenuExt] -> {47C91696-894C-46A1-B196-2C7CA1952F45} => C:\Program Files (x86)\Folder Marker\ShellExt64.dll [2013-08-21] (ArcticLine Software) [File not signed]
ContextMenuHandlers6: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm
ShortcutWithArgument: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Plex.lnk -> C:\Users\winki\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fpniocchabmgenibceglhnfeimmdhdfm
ShortcutWithArgument: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\TREZOR Chrome Extension.lnk -> C:\Users\winki\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jcjjhjgimijdkoamemaghajlhegmoclj
ShortcutWithArgument: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Users\winki\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\WavesLiteApp.lnk -> C:\Users\winki\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kfmcaklajknfekomaflnhkjjkcjabogm

==================== Loaded Modules (Whitelisted) =============

2020-10-04 11:04 - 2020-10-04 11:04 - 000336896 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\ac3_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 000394752 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\ac3_encoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 000608256 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\dca_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 001558528 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\h264_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 000818176 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\hevc_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 001800704 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\libx264_encoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 000560640 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\mpeg2video_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 001268224 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\mpeg4_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 002117632 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\vc1_decoder.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2021-05-14 19:24 - 2020-02-24 13:05 - 001291264 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2021-05-14 19:24 - 2020-02-24 13:05 - 000055808 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2021-09-30 09:56 - 2021-09-16 10:46 - 002661888 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\ffmpeg.dll
2021-09-30 09:56 - 2021-09-16 10:46 - 000367104 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libegl.dll
2021-09-30 09:56 - 2021-09-16 10:46 - 006631936 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libglesv2.dll
2021-09-30 09:56 - 2021-09-16 10:46 - 000458752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magutils-napi.node
2021-09-30 09:56 - 2021-09-16 10:46 - 000445440 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magvibrancy-napi.node
2021-09-30 09:56 - 2021-09-16 10:46 - 001411072 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\uimpewrapper-napi.node
2020-03-06 00:11 - 2020-03-06 00:11 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2017-03-07 18:22 - 2017-03-07 18:22 - 002059848 _____ (Artem Izmaylov -> AIMP DevTeam) [File not signed] C:\Program Files (x86)\AIMP\System\aimp_menu64.dll
2021-05-14 19:24 - 2020-02-24 13:05 - 000892928 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\iconv.dll
2018-06-29 12:57 - 2017-05-23 14:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-06-29 12:57 - 2017-05-23 14:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
2021-05-14 19:23 - 2020-02-24 13:06 - 001359872 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\LIBEAY32.dll
2021-05-14 19:23 - 2020-02-24 13:06 - 000365056 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\SSLEAY32.dll
2021-05-14 19:23 - 2020-02-24 11:45 - 001359872 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\LIBEAY32.dll
2017-02-26 23:26 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-02-26 23:26 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-02-26 23:26 - 2020-01-22 21:30 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [294]
AlternateDataStreams: C:\Users\winki\Desktop\Metro: 2033 Redux.url [269]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-116116240-444440880-2871013289-1001 -> {574D8BD1-9409-46EB-818C-BE355B2D96B5} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2021-05-14 19:27 - 000000342 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 activation.easeus.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Crucial\Crucial Storage Executive;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\EaseUS\Todo Backup\bin
HKU\S-1-5-21-116116240-444440880-2871013289-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-116116240-444440880-2871013289-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\winki\AppData\Local\Microsoft\BingWallpaperApp\WPImages\20211007.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{712E6954-992E-4ADE-872E-401F36F95A9E}A:0\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) A:0\users\winki\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [TCP Query User{4E9BC4ED-1BED-4EFF-BDF9-3B0CB75BBC59}A:0\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) A:0\users\winki\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [{FC52BCC8-16E6-4B40-8074-0EACF022CEE5}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{D37209DF-594E-4C4D-80FB-5480E4D506B8}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{3F09E09F-D892-4D2E-979E-00E4B7CED378}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{AABBE277-15DF-4F02-82D0-1FCDB05EEC71}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{D4AF6A38-4D28-4361-AE50-35DB7954ED5C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{407A8AA3-05DE-4C9B-8919-5F2194A31864}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{D3D8139F-5023-44EF-BB38-8797A6B900E9}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{551C27F3-3016-49B0-ABE1-D54834201848}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.0\ABService.exe => No File
FirewallRules: [{91AB568A-6D21-476A-80F0-C73A3989D3F7}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.0\ABService.exe => No File
FirewallRules: [{222D03B8-EEAD-4EFB-9315-C4F84594C262}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{71FC3D61-FB46-40FB-861A-405FBD33DF23}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [UDP Query User{35861AA1-490B-4515-B118-78A1F3AB0C1C}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [TCP Query User{E226A334-7229-4576-8693-9CDA80D512A1}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [UDP Query User{2EB280D9-7230-411C-B0A8-473AEE45209E}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [TCP Query User{61A9A55B-1C87-40B7-AF4C-3CA21FA3E964}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [{CFCF6F53-7857-44F9-B151-0E4980626EA9}] => (Allow) E:\SteamLibrary\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe (Tarsier Studios) [File not signed]
FirewallRules: [{7E719B94-8807-42D6-A39A-FFD33573448B}] => (Allow) E:\SteamLibrary\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe (Tarsier Studios) [File not signed]
FirewallRules: [{63D5B6C5-6FB6-425E-93EF-70AD2A71A9BA}] => (Allow) E:\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{6590DA4C-6706-42E0-B4AF-86A7053804A2}] => (Allow) E:\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{4DCA0EA8-EFC6-4A70-8001-A121806E3980}] => (Allow) E:\SteamLibrary\steamapps\common\Mad Games Tycoon 2\Mad Games Tycoon 2.exe () [File not signed]
FirewallRules: [{43EFB8A8-2201-4557-834A-833C86CD86B1}] => (Allow) E:\SteamLibrary\steamapps\common\Mad Games Tycoon 2\Mad Games Tycoon 2.exe () [File not signed]
FirewallRules: [{81CC502F-8864-4C0B-8FEE-1AA3E881B282}] => (Allow) E:\SteamLibrary\steamapps\common\OpenTTD\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [{8AECA067-250A-4305-AAA1-F1065654C7AF}] => (Allow) E:\SteamLibrary\steamapps\common\OpenTTD\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [UDP Query User{5B492200-B9C9-4C70-AF37-A447F571795F}E:\hry\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{D91C7840-C720-42B4-86CB-02D4C80C9B0A}E:\hry\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{3DBC287B-EF2D-46CB-A20D-6F4BDBF7C316}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{DF2E0085-55DC-43EB-A72A-04A6B40178DA}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{974A3A82-8203-49D8-B4AE-50934E756C60}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [UDP Query User{A5F04EF0-884C-4754-9A17-C72F9C6BCCA9}D:\games\city car driving\bin\win32\starter.exe] => (Block) D:\games\city car driving\bin\win32\starter.exe => No File
FirewallRules: [TCP Query User{FA056E0D-F5EB-4C31-B5CC-B241F3912E94}D:\games\city car driving\bin\win32\starter.exe] => (Block) D:\games\city car driving\bin\win32\starter.exe => No File
FirewallRules: [{4C18741E-3914-42B5-BF43-1447B2B2893A}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{1D70A612-8CC7-4843-961C-74F9A40A60D8}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{78BF7E95-E701-4434-9058-EA461735AC63}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{07F4FD12-84BF-4701-A254-2293DCBFD7CE}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [UDP Query User{4E5FD0AA-C28F-4B5D-96FB-90D855D0EFF7}E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{026527F2-C00B-4784-8404-298E56142F81}E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{7391A361-D1D0-4479-BFCD-344566ACCE06}E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{E17268C9-0DAF-4DB1-B93D-43C22D2739EE}E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{EE171875-6B91-4028-B430-14B53C699ADD}E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{C55BAC28-86FD-4DC6-AFAA-6D35DF8186F9}E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{D9718FCE-94D5-4254-B194-7F90CE057566}I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{3D35A7A2-382D-4477-BDC8-227532AC2F6A}I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{2D891445-E443-46E9-96F9-8C0ABA05D396}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{67A4408F-681D-4AB1-96D9-429DBBA515EC}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{353FC105-B594-4FA7-A80A-7631AE5418AA}] => (Allow) E:\UPLAY Game\Assassin's Creed Valhalla\ACValhalla_Plus.exe => No File
FirewallRules: [TCP Query User{6C532995-BF06-4F25-837F-257347D0C454}E:\uplay game\anno 1800\bin\win64\anno1800_plus.exe] => (Allow) E:\uplay game\anno 1800\bin\win64\anno1800_plus.exe => No File
FirewallRules: [{DE09F60F-5EEF-4CE2-A89A-BBA62BFF1E5C}] => (Allow) E:\UPLAY Game\Anno 1800\Bin\Win64\Anno1800.exe => No File
FirewallRules: [{7D451BEF-9906-41D7-9E6D-2570E2E96285}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{939EA703-6FBB-4334-BF1E-185A556DE519}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{25744F62-A558-4CF9-8F39-32C0FC384CCC}] => (Allow) E:\SteamLibrary\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{AB332A27-5BA4-404D-AEAB-EE5B2BDE529D}] => (Allow) E:\SteamLibrary\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{1A3D8CF9-FC85-41A7-85CC-2AE373975D54}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{AFB8B49B-E151-4250-999E-E9834F0CE8B6}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{050FDBFE-AA9C-444F-90AF-0B1575D1915B}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{4246A919-94EE-484E-B5F6-96E4DD07C4E6}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{73C8EE0F-1A90-4848-9D31-E4ECE7990A9D}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{F72C7959-10DF-4337-BBDD-2194573B79B9}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{7FCA6964-66E2-46B8-B68B-3B0DA03C93EE}] => (Allow) E:\Hry\Trackmania\trackmania.exe => No File
FirewallRules: [{E4A72B79-FD00-47AF-BA82-7AE5BE5DE867}] => (Allow) E:\Hry\Trackmania\trackmania.exe => No File
FirewallRules: [{24569E89-CD1B-46B7-BA13-D30B1127BBDD}] => (Allow) E:\SteamLibrary\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{1D75D7C2-B8FC-49B8-9E05-556BC403F9A0}] => (Allow) E:\SteamLibrary\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [UDP Query User{D2F7C868-7CDB-47BB-809B-6342EB6317B9}C:\users\winki\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\winki\appdata\local\programs\deezloader remix\deezloader remix.exe (RemixDevs) [File not signed]
FirewallRules: [TCP Query User{09D01B29-97C9-4980-B792-ADC1973E30D5}C:\users\winki\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\winki\appdata\local\programs\deezloader remix\deezloader remix.exe (RemixDevs) [File not signed]
FirewallRules: [UDP Query User{0A76A6D9-0CB6-4BAC-8674-F195C9A31E24}E:\hry\good.company.early.access\good company\goodcompany.exe] => (Block) E:\hry\good.company.early.access\good company\goodcompany.exe => No File
FirewallRules: [TCP Query User{34360024-7DB3-4A92-AF2A-B9E9D3C027A7}E:\hry\good.company.early.access\good company\goodcompany.exe] => (Block) E:\hry\good.company.early.access\good company\goodcompany.exe => No File
FirewallRules: [UDP Query User{A72D0A3F-576B-4D07-971E-DC7677454E8A}E:\battle net\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{FEB3AFA8-7D37-4365-BCA1-76D14B24FC6D}E:\battle net\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [{C3E5334A-26DF-46DB-B982-B73A8AD22B79}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe (House of Life) [File not signed]
FirewallRules: [{2ABDA6FA-AAF2-4162-BD87-4E00BF5A8DE2}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe (House of Life) [File not signed]
FirewallRules: [{38C4353F-F999-42F3-954A-3F03D32AB33F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79B3D9A5-C6F1-4033-A70F-B93214742DED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6A09DA51-603D-4184-8940-E1405C4C6589}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{67388E39-ED65-4CFD-85D0-EDEFEB47F3B5}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{FE261482-3C81-43D6-8C16-0A94D4E1C4FC}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{7B7B5243-0311-421D-8F70-B5E1E024495B}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{E483D9C6-77FD-44CF-A99B-75B3AD798BE8}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{3C697972-F5BD-460B-9E64-2A1CA73371CF}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [UDP Query User{0DB031E1-A8F1-4E03-A5B1-65400B89BBC0}G:\origin\download\fifa 20\fifa20.exe] => (Allow) G:\origin\download\fifa 20\fifa20.exe => No File
FirewallRules: [TCP Query User{273C28A2-D4DD-4C92-9D8B-F5AD9B6C511A}G:\origin\download\fifa 20\fifa20.exe] => (Allow) G:\origin\download\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{0FA6194E-FDAC-413A-86D9-E17EE36B0318}E:\hry\rebel inc escalation\rebel inc. escalation.exe] => (Allow) E:\hry\rebel inc escalation\rebel inc. escalation.exe => No File
FirewallRules: [TCP Query User{A970B428-E095-4A68-8911-F5C09CBA6433}E:\hry\rebel inc escalation\rebel inc. escalation.exe] => (Allow) E:\hry\rebel inc escalation\rebel inc. escalation.exe => No File
FirewallRules: [UDP Query User{649EBA64-1A17-48DB-805B-F82A1EBD1A3C}E:\battle net\hearthstone\hearthstone.exe] => (Allow) E:\battle net\hearthstone\hearthstone.exe => No File
FirewallRules: [TCP Query User{C5B4F4CE-312B-415A-941F-1AAD4527384B}E:\battle net\hearthstone\hearthstone.exe] => (Allow) E:\battle net\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{FD7FE6C4-C79B-4903-9EFC-B9628B6AA1F2}E:\battle net\call of duty modern warfare beta\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare beta\modernwarfare.exe => No File
FirewallRules: [TCP Query User{EFD94769-A765-4D5F-87BB-32626B5DB5F3}E:\battle net\call of duty modern warfare beta\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare beta\modernwarfare.exe => No File
FirewallRules: [UDP Query User{859BD477-FDCF-4D97-A669-408AFFA82CF1}E:\origin\fifa 20 demo\fifa20_demo.exe] => (Allow) E:\origin\fifa 20 demo\fifa20_demo.exe => No File
FirewallRules: [TCP Query User{508A4D26-B581-44B2-AB0D-2C4983C538FF}E:\origin\fifa 20 demo\fifa20_demo.exe] => (Allow) E:\origin\fifa 20 demo\fifa20_demo.exe => No File
FirewallRules: [UDP Query User{F3D96B2D-7276-46B8-B8D0-2B546FFCD0E8}E:\origin\fifa 18 demo\fifa18_demo.exe] => (Block) E:\origin\fifa 18 demo\fifa18_demo.exe => No File
FirewallRules: [TCP Query User{1D9494D8-42B6-49DA-9FC0-35F2CD7EAE34}E:\origin\fifa 18 demo\fifa18_demo.exe] => (Block) E:\origin\fifa 18 demo\fifa18_demo.exe => No File
FirewallRules: [{44C6BDC9-F009-4B7C-8988-39DA80968A24}] => (Allow) G:\STEAM Library\SteamApps\common\Project CARS 2\pCARS2.exe => No File
FirewallRules: [{279792C2-FDCF-43A5-A52C-94420DF28B0E}] => (Allow) G:\STEAM Library\SteamApps\common\Project CARS 2\pCARS2.exe => No File
FirewallRules: [{70B595F0-5A7F-4EB2-97CF-051429540B3E}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{696DDBBA-0E13-4E84-A7B1-14BE80F22C71}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{3E0D6E26-D68E-4FEC-A40B-AE1D7DAB2E18}] => (Allow) G:\STEAM Library\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe => No File
FirewallRules: [{F3919D95-47EB-4926-9181-D6ED4F2511D1}] => (Allow) G:\STEAM Library\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe => No File
FirewallRules: [UDP Query User{8B58F83A-B5BA-46EB-9B82-BAF2D42DCDE8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [TCP Query User{E0A647E0-7A9E-4B4C-BB3F-D4EDA7C4629E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [UDP Query User{67C40BB5-F35A-4377-9810-4433D1EB70E8}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{79F893DA-2B81-4CBD-A457-1FB0663A1E45}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{0DA3F07D-37B8-473E-8A54-E80EC1BDFC96}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{EFE5EEA6-2333-4400-B2F6-01C23023BAB9}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{F91CC537-8729-404D-9538-8EB360472777}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe => No File
FirewallRules: [{7BAC759C-0383-4869-8460-7E39C0867411}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe => No File
FirewallRules: [{D6326257-FE76-4E23-86AE-6F6FC96F4FFA}] => (Allow) G:\STEAM Library\SteamApps\common\Farm Frenzy Collection\FarmFrenzyMegaPack.exe => No File
FirewallRules: [{B277E5A3-EA94-49D7-84A1-2971BF8E441D}] => (Allow) G:\STEAM Library\SteamApps\common\Farm Frenzy Collection\FarmFrenzyMegaPack.exe => No File
FirewallRules: [{44F406F2-FE8F-4CA3-B7BB-C6C5AA5ED1AC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{3B042E80-EF41-4180-9231-0CD57C64EB22}G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{96732A90-2CB3-4F66-AF08-67107EC465EA}G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{5FB29185-3694-4A3D-A5EC-7A94E686DE36}] => (Allow) G:\STEAM Library\SteamApps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{33C65872-C67B-45A9-8C50-A78C24835A46}] => (Allow) G:\STEAM Library\SteamApps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [UDP Query User{BC720004-B591-4991-8CBC-09F255FA6D8E}C:\users\winki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\winki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{321C0D19-4A92-47DD-805F-E69FC4C43937}C:\users\winki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\winki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{82D90212-31DA-46C8-B17F-AE1F76F36B90}C:\users\winki\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\winki\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{AD992CC5-1007-4A75-AAC1-46896643960E}C:\users\winki\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\winki\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{98448801-6A94-4FDC-8753-0FA7E26387A0}C:\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\winki\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{4640D0CC-06A5-4E12-9C68-4EE592A2EDD4}C:\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\winki\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D73785E6-F57E-4BB3-8E14-28658E56A164}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3950A9A0-3AEB-45E2-918A-CD5A2E1E7DB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{40A88AC0-48C7-4136-805A-B53F0DE10C8A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CF014B45-129E-4139-A760-D7655A86EFF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{74F693CD-A7C5-4666-953D-9817E47A3976}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A93CD9CE-565C-4E84-A2C4-7707613FE3A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0FC46975-F27B-4599-A3CB-C05A89ADF97E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D18E68F1-86A8-4B5C-A038-4B99FEC095DB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2C2F5385-3762-4692-8FE3-39892BB0DB0A}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{D0548856-DD0B-4974-B77D-ABF9FC101DCF}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{A22787EB-FE2E-4490-8F2C-532C37D9C571}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1.exe => No File
FirewallRules: [{4AE780DE-58DE-425E-8602-F394D398E881}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1.exe => No File
FirewallRules: [{3D66F668-1BD2-4829-939B-EE058CD1FBF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB5FF2BB-D37D-44BF-82B9-E75EA1633F71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB510BBF-B05B-4D0C-9482-7FEBE9029E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A4753161-2B8C-4C6D-9017-00F3ABA24D98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{24164311-B2FF-453F-A72B-B7B96213BE52}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe () [File not signed]
FirewallRules: [UDP Query User{6FE118C4-47F6-4772-9E3D-E0F390D8AC3F}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe () [File not signed]
FirewallRules: [TCP Query User{C92F4E0C-A7EA-4CCE-AAFF-6FB93F1A33DA}C:\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\winki\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{4B81A7F8-A47F-464C-8AE7-48F27FFEFB9E}C:\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\winki\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{0480E7B9-017A-4765-BA5C-8BB937FCC4F3}C:\users\winki\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\winki\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{76DCFC87-3ACD-43AA-81BC-DACAEFA973AD}C:\users\winki\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\winki\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{70C86191-A7B3-4C9A-9262-CFB5ECA36A94}C:\users\winki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\winki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{97B5893F-ED46-4BB9-9A2D-503A0B40F6E1}C:\users\winki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\winki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{52DDF782-1ED1-42E9-A542-8528B0E269F1}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{3FE3F6F6-C05E-4B84-AE3A-8149631D26AB}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{5733D149-3032-448F-A321-CE3F6F7A7071}G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{629C5957-8A9F-4ACE-867F-B6F52A6F304F}G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{2E0CD233-F733-4273-9F4C-D8A6E6FF55BD}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe () [File not signed]
FirewallRules: [UDP Query User{3CEFF28C-33A9-475C-A3D6-D75E222E01C0}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe () [File not signed]
FirewallRules: [{0BA9BC29-DF64-42CB-BD0B-FB0B15853978}] => (Allow) G:\STEAM Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [{08E7DBBC-9BC6-47B4-AA38-D339B27C4DA1}] => (Allow) G:\STEAM Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [TCP Query User{AC6B54F1-F24A-4D49-930D-AD8EE1F58288}C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe () [File not signed]
FirewallRules: [UDP Query User{61F5218F-6F20-4D08-9FA7-D4FEFA8C3319}C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe () [File not signed]
FirewallRules: [{28036375-0B3C-421D-8420-A4F9476A675C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BBE87F96-C1C6-470E-8B1D-FF975EFD6CB2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{76DD6E0D-11E1-47AD-87E9-9F7742E87271}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6DEC1814-18BB-4277-B53F-CA6B8AEA1A4F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{777339A6-2E89-435D-B5C5-BD24789DE2C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{87183634-1B1F-40CC-A6F4-934ADC3342FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{A20F4D63-C417-4B42-9350-4C4E1A5D1A33}D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{CE3D5D18-7BE1-47F1-935A-745F0A4D4546}D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe => No File
FirewallRules: [{3F5D9630-D9B7-46F5-ABDC-D067A7F89DAF}] => (Allow) G:\STEAM Library\SteamApps\common\Football Tactics Demo\game.exe => No File
FirewallRules: [{4BDB7126-F233-4EF4-8598-3F65B0676AA6}] => (Allow) G:\STEAM Library\SteamApps\common\Football Tactics Demo\game.exe => No File
FirewallRules: [{16722EAD-07E5-4537-A614-69CC3AA25550}] => (Allow) G:\STEAM Library\SteamApps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{DE9FB1E8-DCEC-45A4-9B41-9F50EC2F9B99}] => (Allow) G:\STEAM Library\SteamApps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{B623CAE5-BD03-4CA8-8D9E-47FA6164DDF9}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{B232DCA9-EC18-4B34-B1B3-865B7C8F56F1}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{70B1534E-F5EE-46DB-AE23-AEF48404E2B2}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{69E7DD0E-E56E-48A8-9244-C1148DB8317E}C:\program files\adobe\adobe photoshop cc 2017\required\dynamiclinkmediaserver\amecommand.exe] => (Block) C:\program files\adobe\adobe photoshop cc 2017\required\dynamiclinkmediaserver\amecommand.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [UDP Query User{DD8B28D5-4ECE-4034-91E8-BF9BAAE76D36}C:\program files\adobe\adobe photoshop cc 2017\required\dynamiclinkmediaserver\amecommand.exe] => (Block) C:\program files\adobe\adobe photoshop cc 2017\required\dynamiclinkmediaserver\amecommand.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [{96EB2E45-8869-4EBE-BEF6-9517348F045F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8CE72AEB-2252-4402-8476-98963A87FBE1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FB281968-A753-4D67-83ED-C143B85AD3F4}] => (Allow) C:\Users\winki\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{A47FDDDB-A196-44C6-9412-64378A364BB7}] => (Allow) C:\Users\winki\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{E589E35C-F7BD-44D1-833C-4E3954174AEC}] => (Allow) G:\STEAM Library\SteamApps\common\Desperados Wanted Dead or Alive\desperados.exe => No File
FirewallRules: [{AE5340C3-D8B5-487D-8569-521B1C3B9923}] => (Allow) G:\STEAM Library\SteamApps\common\Desperados Wanted Dead or Alive\desperados.exe => No File
FirewallRules: [{E421A2D8-BF18-43C8-BFFC-2177AE3565BC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FCF9A245-AD99-4BAF-8CFB-2B0E7376301F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B2D2AA65-844F-41A9-8FA9-56D87439A051}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{ABBC9076-091F-459B-B6EA-F256DC001CE9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{981EBEB2-C33D-4ABB-BBCB-BE4B7D524A03}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1987EECD-1950-4C74-B5C2-3011B31D30E9}] => (Allow) LPort=2869
FirewallRules: [{A4CFA20E-A863-419E-85B1-FC2159BDD382}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{0194A920-600A-4472-913E-A3ABD71CF2EC}G:\hry\foundation.early.access\foundation\foundation.exe] => (Allow) G:\hry\foundation.early.access\foundation\foundation.exe => No File
FirewallRules: [UDP Query User{D432268D-8DDE-40F8-99FB-DC26DA5C884E}G:\hry\foundation.early.access\foundation\foundation.exe] => (Allow) G:\hry\foundation.early.access\foundation\foundation.exe => No File
FirewallRules: [{8F851BC9-D613-44AE-869C-E9E4598AA0D8}] => (Allow) G:\STEAM Library\SteamApps\common\Production Line\ProductionLine.exe => No File
FirewallRules: [{87719851-FD60-4E1C-9A04-DCE31E864214}] => (Allow) G:\STEAM Library\SteamApps\common\Production Line\ProductionLine.exe => No File
FirewallRules: [TCP Query User{7E398FA9-D8FE-49D1-8AD0-7471DEF60F29}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9C8320E6-489E-4626-A679-65789BDA8891}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{1237AF2F-5865-4E29-9CCE-9D246098EFB2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{995C095B-24E1-4247-A296-359FD5D40648}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9A5F928E-7B76-46CE-99BC-76BB8DADF46B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{92EFB39E-5D0D-4337-8242-446B61C31D6A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DB7DF9CB-7F3D-42DF-930C-70651C48FC6A}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{E267FE67-09EF-4BC4-AB3B-A099D807C552}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [TCP Query User{AC134181-674B-442D-81D7-B3CB2AAF17F8}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [UDP Query User{BC36A58E-76F7-405D-B77A-972F99353008}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [TCP Query User{7567D16C-3206-4164-A56C-8BD4B68F62CA}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [UDP Query User{B72672E9-CAD8-44E4-A015-17EDB189A6A6}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [{853332CE-3EE2-40A3-A5EB-7F27186ECF64}] => (Allow) E:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{DA5BE6CC-6A12-49DF-81BA-DC87A0B59890}] => (Allow) E:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [TCP Query User{481C4EF9-CB4C-4D59-A208-22D177D94059}K:7\flightsimulator.exe] => (Allow) K:7\flightsimulator.exe => No File
FirewallRules: [UDP Query User{1AE3EB92-EC85-4663-AB44-BCD7E3B33C60}K:7\flightsimulator.exe] => (Allow) K:7\flightsimulator.exe => No File
FirewallRules: [TCP Query User{B8C2CD7F-6B67-4986-8FBD-C29C69AE4EDF}H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{3D8159EC-4410-46E0-A1BA-7EB0D34E0C8F}H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{94BBD6BB-F129-4DDD-8F6D-FFBE380EADF5}H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe] => (Allow) H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{3C876C09-1C34-4394-81CD-38263710CA4E}H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe] => (Allow) H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe => No File
FirewallRules: [TCP Query User{0A184AF5-90DC-4AD8-8B23-127FB59AEBC3}C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_farmer.exe (CHIA NETWORK INC. -> )
FirewallRules: [UDP Query User{4F98B66C-A239-4D02-8F1D-8056E6644A9F}C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_farmer.exe (CHIA NETWORK INC. -> )
FirewallRules: [TCP Query User{3604C6F7-C39D-4276-A739-3087BC9B4096}C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_full_node.exe (CHIA NETWORK INC. -> )
FirewallRules: [UDP Query User{C28C3F18-00AF-42A7-8553-81415503AECE}C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_full_node.exe (CHIA NETWORK INC. -> )
FirewallRules: [{AF650B7F-4C27-4080-8306-5712572FB372}] => (Allow) H:\SteamLibrary\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A9E48391-1CCF-4BD5-8520-EFCED627C075}] => (Allow) H:\SteamLibrary\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{E7D01ABD-8402-4972-B31A-4AE2458BEB5E}G:\hry\mini.motorways\mini.motorways\mini motorways\mini motorways.exe] => (Block) G:\hry\mini.motorways\mini.motorways\mini motorways\mini motorways.exe () [File not signed]
FirewallRules: [UDP Query User{77CA0E98-FD1B-4776-86B8-BFE018C99EC0}G:\hry\mini.motorways\mini.motorways\mini motorways\mini motorways.exe] => (Block) G:\hry\mini.motorways\mini.motorways\mini motorways\mini motorways.exe () [File not signed]
FirewallRules: [{B25F81CA-E109-4993-B4F7-919C6A85E21A}] => (Allow) H:\SteamLibrary\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [{218F28B3-904E-4499-934B-CD0F9545EB2C}] => (Allow) H:\SteamLibrary\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [{306AFC88-7E91-4CA5-A479-7D13CA3C1124}] => (Allow) K:\SteamLibrary\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [{4811FDA1-3B7E-4692-9C1C-6DE4C0F69535}] => (Allow) K:\SteamLibrary\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [{948C15AA-CD49-44CF-95FB-A12EFF543BD3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34F342DE-44CF-4170-AF62-8A97F6094471}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA64D215-82D1-4FE0-AEF9-B8A2D1456E11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{886092C7-E882-441D-B727-83D940F52A77}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{749FDDB0-97E9-4A85-96E0-274CD23D9C19}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\RidersRepublic\RidersRepublic.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{1F8E32D3-03F7-44F8-AD78-C60A02B65144}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\RidersRepublic\RidersRepublic_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{BCDC3DC9-905D-4628-8C19-1C7962886440}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\RidersRepublic\RidersRepublic_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{5EAB39AD-DDCD-4876-9590-97D8E82955EE}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{585E418A-A565-4455-A19C-01C1381BFC97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1749CB2C-943E-4C2F-9415-87A17BD6A6DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8A3C8FD-4F19-4CD8-BB56-4229E57AE990}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{62C9C2EE-422F-4F68-90FA-3B6ED4FEF19F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{049E8D22-4680-4D47-A28F-C70D1E472B55}] => (Allow) K:\SteamLibrary\steamapps\common\Gas Station Simulator\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C7AF6440-F81A-4E98-9CC4-5D2F3F89B022}] => (Allow) K:\SteamLibrary\steamapps\common\Gas Station Simulator\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{52C3161A-2160-4EF9-8756-BF03E7C49B18}] => (Allow) C:\Program Files\Opera\79.0.4143.50\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{81F08A38-30B9-44FC-8FE0-38A0D38B1FBE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.38\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4C932917-4206-4FA7-83AF-EB227CA9382D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{64E9F5ED-2A98-46B4-8072-C5FC6C80C472}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3DE85681-F361-4BAC-90BE-654483C95EB5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{37F3DEFB-4B6D-4108-9F08-A614F3A7C5FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1AFE280B-A952-4FAB-B2AF-3D05748606DD}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{6F40BC70-AE73-426A-8F7E-7A6A89BB5C89}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{211DEB12-7857-4402-991C-CAC0D6D32482}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F8A986C7-A677-4666-A172-80F306197826}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A72CC295-1251-42E9-849C-EB952BA5E5CA}] => (Allow) C:\Program Files\Opera\79.0.4143.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{3562F090-093B-4A2B-8540-B412ACD13FA9}] => (Allow) E:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{422D3C76-71D9-431F-9860-1DC9D8495BA0}] => (Allow) E:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{F42EA774-545D-4FCE-91F1-4E9761F18D94}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{D14432E9-89B7-4BEA-8C68-F0565150D4C6}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/08/2021 12:25:50 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\winki\AppData\Local\Chromium\Application\chrome.exe se nezdařilo.
Závislé sestavení 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/08/2021 12:15:02 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/08/2021 12:09:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\winki\AppData\Local\Chromium\Application\chrome.exe se nezdařilo.
Závislé sestavení 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/08/2021 12:08:17 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/08/2021 12:08:17 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/08/2021 12:08:17 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/07/2021 09:01:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x61527f30
Název chybujícího modulu: EOSSDK-Win64-Shipping.dll, verze: 1.13.0.0, časové razítko: 0x61252e78
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000407dcf
ID chybujícího procesu: 0xf40
Čas spuštění chybující aplikace: 0x01d7bba32d5cd48c
Cesta k chybující aplikaci: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Cesta k chybujícímu modulu: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
ID zprávy: 57d4f09a-04e8-4c99-823d-e111ed4f959d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/07/2021 04:22:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x61527f30
Název chybujícího modulu: EOSSDK-Win64-Shipping.dll, verze: 1.13.0.0, časové razítko: 0x61252e78
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000407dcf
ID chybujícího procesu: 0x4ca4
Čas spuštění chybující aplikace: 0x01d7bb8638f9a45f
Cesta k chybující aplikaci: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Cesta k chybujícímu modulu: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
ID zprávy: fa8e754e-5ce1-4dbc-9cc4-69b4e99e5c91
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/08/2021 12:11:52 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-0S50FER)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (10/07/2021 04:14:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/07/2021 04:14:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (10/07/2021 12:20:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MWPM2CQNLHN-Microsoft.GamingServices.

Error: (10/06/2021 04:20:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MV0B5HZVK9Z-Microsoft.GamingApp.

Error: (10/05/2021 09:51:22 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/03/2021 09:33:20 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (10/03/2021 07:10:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba SysMain byla ukončena s následující chybou:
Parametr není správný.


Windows Defender:
================
Date: 2021-10-07 15:36:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7AEF4776-563C-4D28-9AFA-C46C7A2C6B16}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-07 12:23:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {266001C3-D81C-45D3-907B-A6A738DC620E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-05 16:52:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C9D32EFB-2FF7-473C-BC15-4DA5FBFC3E4C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-02 18:21:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BDC54546-61F1-4640-8D39-BB5BCB86EDB4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-01 12:44:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {588BCE22-4627-48F5-A23D-F90F6F46FF55}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.3 06/06/2013
Motherboard: MSI Z87-G43 (MS-7816)
Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 26%
Total physical RAM: 32712.05 MB
Available physical RAM: 24120.7 MB
Total Virtual: 37576.05 MB
Available Virtual: 27070.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.13 GB) (Free:201.21 GB) NTFS
Drive d: (TOMAŠ) (Fixed) (Total:78.12 GB) (Free:20.99 GB) NTFS
Drive e: (DATA II) (Fixed) (Total:1863.01 GB) (Free:360.04 GB) NTFS
Drive f: (DAVID) (Fixed) (Total:146.48 GB) (Free:142.14 GB) NTFS
Drive g: (DATA) (Fixed) (Total:1638.4 GB) (Free:311.12 GB) NTFS
Drive h: (SSD) (Fixed) (Total:111.79 GB) (Free:84.36 GB) NTFS
Drive i: (AE) (Fixed) (Total:119.24 GB) (Free:75.37 GB) NTFS
Drive j: (Chia) (Fixed) (Total:3725.99 GB) (Free:76.4 GB) NTFS
Drive k: (SSD 1TB) (Fixed) (Total:953.87 GB) (Free:509.47 GB) NTFS

\\?\Volume{609ec42c-0000-0000-0080-000000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{947c07af-575c-588f-8330-9332f450bc9d}\ () (Fixed) (Total:41.56 GB) (Free:0 GB) NTFS
\\?\Volume{a74463e5-eb45-4ae5-3791-12ad3e320325}\ () (Fixed) (Total:1.1 GB) (Free:0 GB) NTFS
\\?\Volume{609ec42c-0000-0000-0000-804e74000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 609EC42C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=545 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: F41F2085)
Partition 1: (Active) - (Size=119.2 GB) - (Type=42)
Partition 2: (Not Active) - (Size=313 KB) - (Type=42)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 339FA51A)
Partition 1: (Not Active) - (Size=78.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1638.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B37CEE99)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: EB4C3A42)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 59C77ABE)
Partition 1: (Not Active) - (Size=953.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 6 (Size: 3726 GB) (Disk ID: 16F2A91F)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 7.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 8.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 114587
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola po spuštění fake aplikace (Phishing)

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

windyOMG
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 03 úno 2017 17:29

Re: Kontrola po spuštění fake aplikace (Phishing)

#4 Příspěvek od windyOMG »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 11.10.21
Čas skenování: 16:45
Logovací soubor: d653914e-2aa1-11ec-9f4b-d43d7ebdf362.json

-Informace o softwaru-
Verze: 4.4.8.137
Verze komponentů: 1.0.1474
Aktualizovat verzi balíku komponent: 1.0.45786
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19043.1237)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-0S50FER\winki

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 413100
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 1
Uplynulý čas: 4 min, 46 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.InstallCore, HKU\S-1-5-21-116116240-444440880-2871013289-1001\SOFTWARE\CSASTATS\ic, V karanténě, 516, 586068, 1.0.45786, , ame, , ,

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 114587
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola po spuštění fake aplikace (Phishing)

#5 Příspěvek od Rudy »

Nalezenou položku smažte (dejte do karantény) a potom dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

windyOMG
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 03 úno 2017 17:29

Re: Kontrola po spuštění fake aplikace (Phishing)

#6 Příspěvek od windyOMG »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2021
Ran by winki (administrator) on DESKTOP-0S50FER (MSI MS-7816) (11-10-2021 19:11:02)
Running from C:\Users\winki\Desktop\FRST-OlderVersion
Loaded Profiles: winki
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Discord Inc. -> Discord Inc.) C:\Users\winki\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Users\winki\AppData\Local\Google\Chrome\Application\chrome.exe <33>
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Logitech Inc -> Logitech) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\winki\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2110.1001.3.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.57.20005.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.57.20005.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Psyonix, LLC) [File not signed] [File is in use] E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2176648 2018-06-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-11] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-08-04] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4105424 2021-10-05] (Opera Software AS -> Opera Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20229112 2020-08-27] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Google Update] => C:\Users\winki\AppData\Local\Google\Update\1.3.36.112\GoogleUpdateCore.exe [223816 2021-10-01] (Google LLC -> Google LLC)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Discord] => C:\Users\winki\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [Chromium] => "c:\users\winki\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Run: [BingWallpaperApp] => C:\Users\winki\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [8537992 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\MountPoints2: {51189c54-fea3-11e6-84cd-d43d7ebdf362} - "L:\setup.exe"
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\MountPoints2: {51189c68-fea3-11e6-84cd-d43d7ebdf362} - "M:\setup.exe"
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-04-19]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
Startup: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2018-11-20]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CBBB98C-185E-4E3F-9534-378A7B6AA85F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {1EE03511-592B-4CE9-86D3-7347A05D6666} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {22433C11-6461-48E1-A7D7-C7BC91E3B3C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {225032E8-C932-4DE4-8C3E-29331FFA3B8E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {29496495-DBEA-4A25-8A1B-F1A2E6758D3E} - System32\Tasks\BlueStacksHelper => E:\BlueStacks\BlueStacks\Client\Helper\BlueStacksHelper.exe [754104 2021-01-07] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {37FCFF72-FB4C-43E8-8E6F-44F3C5C8325D} - System32\Tasks\CCleanerSkipUAC - winki => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4546E0B9-1CAE-45C8-A5D9-3909CA58A036} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5852828C-5F23-4BBC-8398-A87BAF28FA4C} - System32\Tasks\update-S-1-5-21-116116240-444440880-2871013289-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5C779B50-E435-4927-96B5-2DD5019408B7} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {618F94CF-8D2C-44F6-8A75-D879641D0389} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6325AA52-C076-457C-8B4C-D1A8936425DC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {6806018A-361B-4255-9B9C-D4CB6D759316} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1967880 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {688B931F-ABB5-4F77-92D3-18F4F7A3D913} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {6A6D4688-3816-41D1-AEB0-C1F5020E2F5E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71688812-9B43-4196-8392-ED30620DBB6F} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [110660344 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {7238502E-7979-4C81-9689-EF6C98D0F531} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7306F5F2-F345-43BD-B903-82068DC5492E} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {7E185508-AB5F-4E3D-AF92-D727B92ED555} - System32\Tasks\Opera scheduled assistant Autoupdate 1600814896 => C:\Program Files\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {7F7FFB5C-9549-43CF-BC93-7F788ED456E2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [1457152 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {81D5CB1A-E49C-40BD-BF83-03D22B51AF1E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {85D780AF-E3CD-4EC2-9F6E-451ACA91817E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {95203962-B68A-4868-95A1-B4B317918CC0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C3B4B18-C671-4402-8872-CD0C2B97AD8B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {9CE455CC-F7D6-4FD5-83AB-F84D314E641A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {9FF06ED2-C1C1-40D0-9E0A-A6A935FAA6D3} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-0S50FER-winki => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A4A0E901-69F7-46B4-9CD2-B719D143A794} - System32\Tasks\Opera scheduled Autoupdate 1525300582 => C:\Program Files\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software)
Task: {A5CFED16-5809-4D56-A84B-6223E5E4875A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A62F56C3-1646-41BA-8694-6C56ED09F572} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AAC03E66-81F8-45AF-91AD-2A45F90B641D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAFFAAD3-7110-4AE3-AF5A-A0E361CD54CE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AC38554B-50DD-4AB5-A97F-A43BFFED0CFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B13AE8B6-9ACC-4FA3-A220-D79E3300EA89} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA => C:\Users\winki\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-02-26] (Google Inc -> Google Inc.)
Task: {B62C7899-F0EE-4494-BB2A-A1802E5B5065} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {BB0935CC-BD63-464F-886F-D1CC7280830E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {BBA3FD37-275D-4B33-A946-D68E471B46A1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core => C:\Users\winki\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-02-26] (Google Inc -> Google Inc.)
Task: {C0C1754E-C513-417D-9E3B-DD500587F2DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C35C5792-B244-49A0-90E4-556E4999A02A} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39176 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {C3854B7A-2F25-4BA7-B66B-8844F2E12BE1} - System32\Tasks\ProtonVPN Update => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-09-01] (ProtonVPN AG -> )
Task: {C9DCDCDF-B853-4F86-8282-B2C28762A32E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D10E0421-F103-4AA3-998A-D5BBDDDA0C61} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {D59A6508-6049-4F6C-802D-3047A26F7FE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {D652AFA8-4973-45FA-8155-F46F17329808} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DCF73F1E-2CE2-4139-8AAF-D303E5CA75EC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7A8EDEC-A7E6-439E-B333-0C3E1130D771} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3977072 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFE93434-60D4-4446-A1CA-457F3C800134} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {F6F527BD-98C3-4B47-A272-F4F4A8BA5FD1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD3D6E59-19D1-4E34-A813-430D0A075BBA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-116116240-444440880-2871013289-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f6f79c62-3dd4-4c57-afbc-ad196e28e681}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\winki\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-08]

FireFox:
========
FF DefaultProfile: 8k8cupjw.default
FF ProfilePath: C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981 [2021-10-11]
FF Extension: (Disconnect) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\2.0@disconnect.me.xpi [2021-02-22]
FF Extension: (TubeBuddy) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2021-09-22]
FF Extension: (BetterTTV) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\firefox@betterttv.net.xpi [2021-10-07]
FF Extension: (vidIQ Vision for YouTube) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\firefox@vid.io.xpi [2021-09-29]
FF Extension: (Twitch Clip Downloader) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{242c2204-f50c-4495-8ec1-57c9d722524a}.xpi [2021-06-28]
FF Extension: (Downloader for Instagram™) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{83bdc210-e037-4d76-8889-2e127ecc06c7}.xpi [2020-05-12]
FF Extension: (The Unofficial Social Blade Extension) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{a5213d5f-2958-4370-848c-91caac3d96bc}.xpi [2020-05-16]
FF Extension: (Video DownloadHelper) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-03]
FF Extension: (No Name) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-03]
FF Extension: (M Clip Twitch) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\z37zlo3y.default-release-1580922384981\Extensions\{d663b001-775c-4cef-aa5f-b757be3d896b}.xpi [2020-06-12]
FF ProfilePath: C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default [2021-02-22]
FF Extension: (Seznam doplněk - Esko) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\sko-extension@firma.seznam.cz.xpi [2020-01-29]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\sp@avast.com.xpi [2020-01-18]
FF Extension: (Avast Online Security) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\wrc@avast.com.xpi [2019-10-06] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (No Name) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-25]
FF Extension: (M Clip Twitch) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\Extensions\{d663b001-775c-4cef-aa5f-b757be3d896b}.xpi [2020-02-01]
FF Extension: (No Name) - C:\Users\winki\AppData\Roaming\Mozilla\Firefox\Profiles\8k8cupjw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default [2021-10-11]
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Easy Auto Refresh) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2021-04-12]
CHR Extension: (Překladač Google) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-14]
CHR Extension: (Prezentace) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (BetterTTV) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-10-06]
CHR Extension: (Dokumenty) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-26]
CHR Extension: (Honey) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-09-28]
CHR Extension: (Social Blade) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2021-05-31] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
CHR Extension: (NeatClip) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhflbphjbcnpeebdbgbambmohadfaok [2020-05-16]
CHR Extension: (Adobe Acrobat) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-09-07]
CHR Extension: (Fonts Ninja) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2021-08-19]
CHR Extension: (FrankerFaceZ) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2019-03-27]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2021-07-17]
CHR Extension: (Tabulky) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Otto Numbers) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpffdbakgdicgjkjacckjegnafcfmjep [2021-10-10]
CHR Extension: (Plex) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2017-10-11]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-17]
CHR Extension: (Night Mode Pro) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbilbeoogenjmnabenfjfoockmpfnjoh [2021-07-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-28]
CHR Extension: (FormApps Extension) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-14]
CHR Extension: (M Clip Twitch) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaipghhkfodkjbodidbgnekkkdbagade [2021-02-22]
CHR Extension: (TREZOR Chrome Extension) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcjjhjgimijdkoamemaghajlhegmoclj [2017-12-11]
CHR Extension: (WavesLiteApp) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmcaklajknfekomaflnhkjjkcjabogm [2018-09-04]
CHR Extension: (Google Play) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-02-26]
CHR Extension: (Mapy Google) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-02-26]
CHR Extension: (Morpheon Dark) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-09-14]
CHR Extension: (Twitch Clip Downloader 2020) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnenbmhckgnahghjhelklajobocdiijf [2021-02-22]
CHR Extension: (MetaMask) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Enhanced Steam) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2019-02-01]
CHR Extension: (Twitch Channel Points Autoclicker) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbeamibpehihpjljabhnchghlbneiane [2021-02-22]
CHR Extension: (Evernote Web Clipper) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2021-07-27]
CHR Extension: (Gmail) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Hlídač Shopů) - C:\Users\winki\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2021-09-17]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Profile: C:\Users\winki\AppData\Roaming\Opera Software\Opera Stable [2021-10-11]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\winki\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-07-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [42632 2020-04-15] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812976 2021-10-08] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 EBC Client; C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe [95880 2020-04-16] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncHelper.exe [3249520 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
S3 MagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [348728 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7801016 2021-10-11] (Malwarebytes Inc -> Malwarebytes)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [314232 2020-08-05] (Locktime Software s.r.o. -> Locktime Software)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\OneDriveUpdaterService.exe [3718016 2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-10-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475680 2021-10-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1412592 2020-08-27] (Plex, Inc. -> Plex, Inc.)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [98624 2020-09-01] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-09-01] (ProtonVPN AG -> )
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [348728 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13353768 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (Anvsoft Inc. -> AnvSoft Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73448 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53504 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-10-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [183528 2020-08-05] (Locktime Software s.r.o. -> Locktime Software)
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-10-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [434424 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-11 18:56 - 2021-10-11 19:11 - 000000000 ___DC C:\Users\winki\Desktop\FRST-OlderVersion
2021-10-11 16:54 - 2021-10-11 16:54 - 000001775 ____C C:\Users\winki\Desktop\2.txt
2021-10-11 16:51 - 2021-10-11 16:51 - 000001789 ____C C:\Users\winki\Desktop\1.txt
2021-10-11 16:44 - 2021-10-11 16:45 - 040148184 _____ C:\Users\winki\Downloads\CzechCloud_1633963479881.mp4
2021-10-11 16:44 - 2021-10-11 16:44 - 030416002 _____ C:\Users\winki\Downloads\Herdyn_1633963464128.mp4
2021-10-11 16:36 - 2021-10-11 16:37 - 043445128 _____ C:\Users\winki\Downloads\KouKiShaK_1633963002269.mp4
2021-10-11 16:24 - 2021-10-11 16:24 - 019417743 _____ C:\Users\winki\Downloads\TheDigitalAdventurers_1633962255152.mp4
2021-10-11 16:23 - 2021-10-11 16:23 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-10-11 16:23 - 2021-10-11 16:23 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-10-11 16:23 - 2021-10-11 16:23 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-10-11 16:23 - 2021-10-11 16:23 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-10-11 16:23 - 2021-10-11 16:23 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-10-11 16:23 - 2021-10-11 16:23 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-10-11 16:23 - 2021-10-11 16:23 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-10-11 16:23 - 2021-10-11 16:23 - 000000000 ____D C:\Users\winki\AppData\Local\mbam
2021-10-11 16:23 - 2021-10-11 16:22 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-10-11 16:23 - 2021-10-11 16:22 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-10-11 16:13 - 2021-10-11 16:13 - 002101944 _____ (Malwarebytes) C:\Users\winki\Desktop\MBSetup-35891.35891-consumer.exe
2021-10-11 16:12 - 2021-10-11 16:12 - 024663882 _____ C:\Users\winki\Downloads\SRobinem_1633961521475.mp4
2021-10-11 16:06 - 2021-10-11 16:06 - 007956226 _____ C:\Users\winki\Downloads\grinderreborn_1633961157899.mp4
2021-10-11 15:39 - 2021-10-11 15:39 - 007537811 _____ C:\Users\winki\Downloads\Novby_1633959550232.mp4
2021-10-11 15:28 - 2021-10-11 15:28 - 024863309 _____ C:\Users\winki\Downloads\RobDiesALot_1633958881057.mp4
2021-10-11 14:58 - 2021-10-11 14:58 - 021356322 _____ C:\Users\winki\Downloads\CzechCloud_1633957081002.mp4
2021-10-11 14:58 - 2021-10-11 14:58 - 011837734 _____ C:\Users\winki\Downloads\Xnapycz_1633957119207.mp4
2021-10-11 14:50 - 2021-10-11 14:50 - 009241045 _____ C:\Users\winki\Downloads\2SekundovyMato_1633956606210.mp4
2021-10-11 14:49 - 2021-10-11 14:49 - 013601573 _____ C:\Users\winki\Downloads\2SekundovyMato_1633956571387.mp4
2021-10-11 14:48 - 2021-10-11 14:48 - 031603527 _____ C:\Users\winki\Downloads\DeeThane_1633956501421.mp4
2021-10-11 14:44 - 2021-10-11 14:44 - 056880974 _____ C:\Users\winki\Downloads\Agraelus_1633956245554.mp4
2021-10-11 14:43 - 2021-10-11 14:44 - 031345359 _____ C:\Users\winki\Downloads\Agraelus_1633956213788.mp4
2021-10-08 23:50 - 2021-10-08 23:50 - 000000000 ____D C:\WINDOWS\LastGood
2021-10-08 23:46 - 2021-09-16 05:28 - 001858672 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-10-08 23:46 - 2021-09-16 05:28 - 001858672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-10-08 23:46 - 2021-09-16 05:28 - 001474688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-10-08 23:46 - 2021-09-16 05:28 - 001438832 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-10-08 23:46 - 2021-09-16 05:28 - 001438832 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-10-08 23:46 - 2021-09-16 05:28 - 001212544 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-10-08 23:46 - 2021-09-16 05:28 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-10-08 23:46 - 2021-09-16 05:28 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-10-08 23:46 - 2021-09-16 05:28 - 000951920 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-10-08 23:46 - 2021-09-16 05:28 - 000951920 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-10-08 23:46 - 2021-09-16 05:25 - 001520760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-10-08 23:46 - 2021-09-16 05:25 - 001171064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-10-08 23:46 - 2021-09-16 05:25 - 000716920 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-10-08 23:46 - 2021-09-16 05:25 - 000676472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-10-08 23:46 - 2021-09-16 05:25 - 000645240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-10-08 23:46 - 2021-09-16 05:25 - 000577144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-10-08 23:46 - 2021-09-16 05:25 - 000564344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-10-08 23:46 - 2021-09-16 05:24 - 008854144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-10-08 23:46 - 2021-09-16 05:24 - 002112120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-10-08 23:46 - 2021-09-16 05:24 - 001595512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-10-08 23:46 - 2021-09-16 05:24 - 000919160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-10-08 23:46 - 2021-09-16 05:24 - 000706168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-10-08 23:46 - 2021-09-16 05:24 - 000447096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-10-08 23:46 - 2021-09-16 05:23 - 007920760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-10-08 23:46 - 2021-09-16 05:23 - 005681280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-10-08 23:46 - 2021-09-16 05:23 - 004987512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-10-08 23:46 - 2021-09-16 05:23 - 002925688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-10-08 23:46 - 2021-09-16 05:23 - 000849016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-10-08 23:46 - 2021-09-16 05:21 - 006216336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-10-08 23:46 - 2021-09-14 05:39 - 000083133 _____ C:\WINDOWS\system32\nvinfo.pb
2021-10-08 23:40 - 2021-10-11 00:24 - 000000363 ____C C:\Users\winki\Documents\rendercapslog.txt
2021-10-08 22:57 - 2021-10-08 22:58 - 000000000 ___DC C:\Users\winki\Documents\Battlefield 2042 Open Beta
2021-10-08 22:54 - 2021-10-08 22:54 - 000000000 ____D C:\Users\winki\AppData\Roaming\EasyAntiCheat
2021-10-08 22:52 - 2021-10-08 22:56 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2021-10-08 19:51 - 2021-10-08 19:51 - 000000223 ____C C:\Users\winki\Desktop\Battlefield™ 2042 Open Beta.url
2021-10-08 01:24 - 2021-10-11 00:58 - 111935488 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-10-08 01:20 - 2021-10-08 01:24 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-10-08 00:40 - 2021-10-08 00:43 - 000109210 ____C C:\Users\winki\Desktop\Addition.txt
2021-10-08 00:38 - 2021-10-11 19:11 - 000000000 ____D C:\FRST
2021-10-08 00:38 - 2021-10-08 00:43 - 000069238 ____C C:\Users\winki\Desktop\FRST.txt
2021-10-08 00:37 - 2021-10-11 18:56 - 002310656 _____ (Farbar) C:\Users\winki\Desktop\FRST64.exe
2021-10-08 00:00 - 2021-10-08 00:00 - 000000000 ____D C:\Users\winki\AppData\Local\Yandex
2021-10-07 23:59 - 2021-10-07 23:59 - 000000000 ____D C:\Users\winki\Downloads\LetaSoft_Sound_Booster
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignd35d656c894c5254
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignc61808b9b4e611ac
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign96c5100ed341cc31
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign438be2a159abfef6
2021-10-07 15:39 - 2021-10-07 15:39 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign21868dc2bb330680
2021-10-06 20:33 - 2021-10-06 20:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfea7eeda10b488e2
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsigne9617f44df25e024
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5faef233732d4b57
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign1a66f7f7af69ec84
2021-10-04 14:40 - 2021-10-04 14:40 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign0d80ec30daac9ffb
2021-10-04 11:25 - 2021-10-04 11:25 - 000000000 ____D C:\ProgramData\MisterHorse
2021-10-04 11:19 - 2021-10-04 11:19 - 000001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mister Horse Product Manager.lnk
2021-10-04 11:19 - 2021-10-04 11:19 - 000000000 ____D C:\Program Files\Mister Horse Product Manager
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7ffa8645d77248ea
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5d09c92f4e366c97
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign448f7c893d418a32
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign112c6f201cb45eb4
2021-10-01 16:08 - 2021-10-01 16:08 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign0ad97743e7e5056f
2021-09-30 09:57 - 2021-10-11 14:29 - 000000000 ____D C:\Users\winki\AppData\Roaming\Samsung Magician
2021-09-30 09:56 - 2021-09-30 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2021-09-29 12:55 - 2021-09-29 12:55 - 000000000 ____D C:\ProgramData\obs-studio-hook
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignf24d6d8fbeace066
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7d5e077878c175db
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign6e6a46a1f6a8b565
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5544b13200ce83c1
2021-09-29 12:51 - 2021-09-29 12:51 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign3142bfa8ac30eeb2
2021-09-28 15:14 - 2021-09-28 15:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignad878ce8351eda02
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfc2726b2f5a23c34
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignf096127ac11ffb49
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignd48a327a02481dc1
2021-09-28 15:05 - 2021-09-28 15:05 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign02646bfec6f23f98
2021-09-24 20:12 - 2021-09-24 20:12 - 000000976 _____ C:\Users\Public\Desktop\Mafia - Definitve Edition.lnk
2021-09-24 20:12 - 2021-09-24 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia - Definitve Edition
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignc9f9d1132b7628d9
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignb50aa54adaaf6bdb
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7f29fc86089fdb08
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign11c262b46da5fa16
2021-09-22 17:11 - 2021-09-22 17:11 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign03a5a58ffd752a8a
2021-09-21 22:19 - 2021-09-21 22:19 - 000000000 ____D C:\Users\winki\AppData\Local\Kena
2021-09-21 19:05 - 2021-09-21 19:05 - 000000754 ____C C:\Users\winki\Desktop\Kena Bridge of Spirits.lnk
2021-09-21 19:05 - 2021-09-21 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kena Bridge of Spirits
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsigne7d18d7a5e4bdf3c
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsigndfb4a061bdfd6a48
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignbcd6a6232eec1e57
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign8b077e82aba62c03
2021-09-20 14:14 - 2021-09-20 14:14 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign1fa36c4fc10f3045
2021-09-20 10:51 - 2021-09-20 10:51 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-09-17 13:23 - 2021-09-17 13:23 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfbf058ed866cd640
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignf1c9895ca7d5faa1
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignc45a2b640df51291
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7b9f1d426052269e
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign7399cd02574ef573
2021-09-17 13:22 - 2021-09-17 13:22 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign6bb2c9d2853c9b38
2021-09-17 12:30 - 2021-09-17 12:30 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-17 12:30 - 2021-09-17 12:30 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 12:30 - 2021-09-17 12:30 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-17 12:30 - 2021-09-17 12:30 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-17 12:30 - 2021-09-17 12:30 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-17 12:30 - 2021-09-17 12:30 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 12:30 - 2021-09-17 12:30 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-17 12:30 - 2021-09-17 12:30 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-17 12:30 - 2021-09-17 12:30 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-17 12:30 - 2021-09-17 12:30 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-17 12:29 - 2021-09-17 12:29 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 12:29 - 2021-09-17 12:29 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 12:29 - 2021-09-17 12:29 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-17 12:29 - 2021-09-17 12:29 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-17 12:29 - 2021-09-17 12:29 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-17 12:29 - 2021-09-17 12:29 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 12:29 - 2021-09-17 12:29 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-17 12:29 - 2021-09-17 12:29 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-17 12:23 - 2021-09-17 12:23 - 000000000 ___HD C:\$WinREAgent
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignfdaa669ef0df864e
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsignea481d8cd5307a14
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign5b7174a54622a7fc
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign511901f3bf70c2eb
2021-09-16 16:25 - 2021-09-16 16:25 - 000000000 ____D C:\Users\winki\AppData\Local\Tempzxpsign40931290d88d6d37
2021-09-15 19:37 - 2021-09-15 19:37 - 000000223 ____C C:\Users\winki\Desktop\Gas Station Simulator.url
2021-09-13 18:15 - 2021-09-13 18:15 - 000000681 ____C C:\Users\winki\Desktop\NBA 2K22.lnk
2021-09-13 18:15 - 2021-09-13 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K22
2021-09-13 16:20 - 2021-09-13 16:20 - 003596530 _____ C:\Users\winki\Downloads\KouKiShaK_1631542801675.mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-11 19:12 - 2017-07-21 19:37 - 000000000 ___DC C:\Users\winki\AppData\Roaming\discord
2021-10-11 19:03 - 2017-02-26 23:35 - 000000000 ____D C:\Program Files (x86)\Steam
2021-10-11 18:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-11 18:51 - 2017-04-19 12:03 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-11 18:43 - 2018-08-15 19:23 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-11 18:37 - 2017-04-07 11:43 - 000000000 ___DC C:\Users\winki\AppData\LocalLow\Mozilla
2021-10-11 18:29 - 2017-07-21 19:37 - 000000000 ___DC C:\Users\winki\AppData\Local\Discord
2021-10-11 16:55 - 2019-02-18 13:18 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-11 16:23 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-11 16:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-11 15:58 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-11 14:41 - 2019-10-03 23:11 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-10-11 14:35 - 2021-05-14 23:34 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-11 14:35 - 2019-12-07 16:43 - 000716762 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-11 14:35 - 2019-12-07 16:43 - 000144940 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-11 14:35 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-11 14:30 - 2017-05-17 15:10 - 000000000 ____D C:\Program Files\CCleaner
2021-10-11 14:29 - 2018-01-04 22:49 - 000000000 ___RD C:\Users\winki\iCloudDrive
2021-10-11 14:29 - 2017-03-13 02:38 - 000000000 ___DC C:\Users\winki\AppData\Local\Plex Media Server
2021-10-11 14:29 - 2017-02-26 11:31 - 000000000 ___RD C:\Users\winki\OneDrive
2021-10-11 14:28 - 2021-05-14 23:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-11 14:28 - 2021-05-14 22:59 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-11 14:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-11 14:28 - 2019-01-07 02:55 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-10-11 00:58 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-11 00:58 - 2017-10-27 09:59 - 000000000 ___DC C:\Users\winki\AppData\Local\Ubisoft Game Launcher
2021-10-10 22:03 - 2017-02-26 11:39 - 000000000 ___DC C:\Users\winki\AppData\Local\CrashDumps
2021-10-10 18:02 - 2017-02-26 12:02 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-10-10 12:35 - 2021-06-29 21:06 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7694fd9bd15f6
2021-10-10 12:35 - 2021-05-14 23:34 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-09 20:35 - 2021-05-14 22:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-09 12:06 - 2018-05-30 15:29 - 000000000 ___DC C:\Users\winki\AppData\Local\D3DSCache
2021-10-08 23:53 - 2018-08-07 22:23 - 000000000 ___DC C:\Users\winki\AppData\Local\BattlEye
2021-10-08 23:50 - 2017-02-26 11:52 - 000000000 ___DC C:\Users\winki\AppData\Local\NVIDIA
2021-10-08 23:48 - 2017-04-19 12:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-10-08 23:40 - 2017-03-23 21:11 - 000000000 ___DC C:\Users\winki\Documents\My Games
2021-10-08 23:40 - 2017-02-26 11:52 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-08 23:25 - 2017-02-26 23:26 - 000000000 ___DC C:\Users\winki\AppData\Roaming\Origin
2021-10-08 23:25 - 2017-02-26 23:22 - 000000000 ____D C:\ProgramData\Origin
2021-10-08 23:07 - 2017-02-26 23:22 - 000000000 ___DC C:\Users\winki\AppData\Local\Origin
2021-10-08 00:11 - 2017-03-01 23:17 - 000000000 ___DC C:\Users\winki\AppData\Roaming\DAEMON Tools Lite
2021-10-08 00:03 - 2017-12-07 14:17 - 000000000 ___DC C:\Users\winki\AppData\Local\Packages
2021-10-07 16:14 - 2020-10-20 21:48 - 000000000 ____D C:\Users\winki\AppData\Local\Ori and the Blind Forest DE
2021-10-07 16:03 - 2017-03-02 19:39 - 000000000 ___DC C:\Users\winki\AppData\Local\Spotify
2021-10-07 16:03 - 2017-03-02 19:37 - 000000000 ___DC C:\Users\winki\AppData\Roaming\Spotify
2021-10-07 13:44 - 2017-02-27 11:44 - 000000000 ___DC C:\Users\winki\AppData\Roaming\vlc
2021-10-07 12:20 - 2020-04-18 10:19 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-10-07 12:20 - 2019-12-14 20:37 - 000315856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-10-07 12:20 - 2019-10-10 11:27 - 000061880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-10-07 12:20 - 2019-06-13 22:25 - 002208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-10-07 12:20 - 2019-06-13 22:25 - 000213432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-10-07 12:20 - 2019-06-13 22:25 - 000188880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-10-07 11:16 - 2020-02-05 19:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-07 11:16 - 2017-04-07 11:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-06 20:33 - 2020-02-05 19:00 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-06 19:37 - 2017-02-26 23:26 - 000000000 ____D C:\Program Files (x86)\Origin
2021-10-06 15:25 - 2017-02-26 11:37 - 000002543 ____C C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-06 15:25 - 2017-02-26 11:37 - 000002506 ____C C:\Users\winki\Desktop\Google Chrome.lnk
2021-10-06 14:57 - 2018-05-20 13:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-05 23:56 - 2018-05-03 00:35 - 000000000 ____D C:\Program Files\Opera
2021-10-05 17:32 - 2021-05-14 23:34 - 000004170 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1600814896
2021-10-05 13:52 - 2021-05-14 23:34 - 000003958 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1525300582
2021-10-05 13:52 - 2018-05-03 00:36 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-10-04 11:47 - 2017-03-06 21:03 - 000000000 ___DC C:\Users\winki\AppData\Local\MisterHorse
2021-10-04 10:10 - 2017-03-10 14:48 - 000000000 ___DC C:\Users\winki\AppData\Roaming\Anvsoft
2021-10-03 13:17 - 2020-10-01 13:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-02 22:10 - 2020-08-22 02:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-02 22:10 - 2020-08-22 02:14 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-02 21:24 - 2017-02-26 23:52 - 000000000 ___DC C:\Users\winki\AppData\Roaming\uTorrent
2021-10-01 17:36 - 2017-02-26 19:42 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-01 10:20 - 2021-06-22 14:21 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-10-01 00:06 - 2021-05-14 23:34 - 000003730 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA
2021-10-01 00:06 - 2021-05-14 23:34 - 000003462 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core
2021-09-30 23:38 - 2021-05-14 23:34 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-30 23:38 - 2021-05-14 23:34 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-30 17:24 - 2021-05-14 23:34 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-09-30 17:24 - 2021-05-14 21:55 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-30 09:56 - 2021-05-17 12:39 - 000003352 _____ C:\WINDOWS\system32\Tasks\SamsungMagician
2021-09-29 12:58 - 2017-03-21 13:33 - 000000000 ___DC C:\Users\winki\AppData\Roaming\obs-studio
2021-09-28 22:51 - 2018-01-04 22:49 - 000000000 ___DC C:\Users\winki\Documents\Soubory Outlooku
2021-09-23 11:16 - 2017-07-21 19:37 - 000002272 ____C C:\Users\winki\Desktop\Discord.lnk
2021-09-18 17:43 - 2019-04-18 22:12 - 000000000 ___DC C:\Users\winki\Documents\Euro Truck Simulator 2
2021-09-17 19:01 - 2021-05-14 22:59 - 007073336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-17 16:25 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-17 16:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-17 16:25 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-17 13:22 - 2017-03-06 21:24 - 000000033 _____ C:\Users\winki\AppData\Roaming\AdobeWLCMCache.dat
2021-09-17 12:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-17 12:23 - 2017-02-26 19:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-17 12:19 - 2017-02-26 19:28 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-16 05:24 - 2021-01-02 14:46 - 000750200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-09-16 05:22 - 2021-01-02 14:46 - 007280840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-09-15 21:15 - 2021-05-14 23:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-15 13:09 - 2021-04-18 16:35 - 000000000 ___DC C:\WINDOWS\Panther
2021-09-15 12:45 - 2021-05-14 23:34 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

==================== Files in the root of some directories ========

2017-03-06 21:24 - 2021-09-17 13:22 - 000000033 _____ () C:\Users\winki\AppData\Roaming\AdobeWLCMCache.dat
2020-10-25 22:06 - 2020-10-25 22:06 - 000000047 _____ () C:\Users\winki\AppData\Roaming\~SiMPLEX.ini
2018-07-24 17:29 - 2021-06-19 18:04 - 000001480 ____C () C:\Users\winki\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-02-26 22:32 - 2020-08-27 22:55 - 000000081 ____C () C:\Users\winki\AppData\Local\FILM_AE_LogFile.txt
2018-09-27 21:16 - 2018-09-27 21:16 - 000000000 ____C () C:\Users\winki\AppData\Local\oobelibMkey.log
2020-07-19 22:59 - 2020-08-17 13:58 - 000004995 _____ () C:\Users\winki\AppData\Local\PlariumPlay.log
2017-03-12 12:39 - 2021-05-22 12:33 - 000007640 ____C () C:\Users\winki\AppData\Local\Resmon.ResmonCfg
2018-06-29 12:57 - 2018-06-29 12:57 - 000000003 ____C () C:\Users\winki\AppData\Local\updater.log
2018-06-29 12:57 - 2018-06-29 12:57 - 000000425 ____C () C:\Users\winki\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 114587
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola po spuštění fake aplikace (Phishing)

#7 Příspěvek od Rudy »

Rudy píše: 11 říj 2021 16:49 Nalezenou položku smažte (dejte do karantény) a potom dejte nové logy FRST+Addition.
Log Addition tu nevidím. Měl by být v souboru addition.txt v C:\Users\winki\Desktop\FRST-OlderVersion.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

windyOMG
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 03 úno 2017 17:29

Re: Kontrola po spuštění fake aplikace (Phishing)

#8 Příspěvek od windyOMG »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2021
Ran by winki (11-10-2021 19:12:58)
Running from C:\Users\winki\Desktop\FRST-OlderVersion
Microsoft Windows 10 Pro Version 21H1 19043.1237 (X64) (2021-05-14 21:35:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-116116240-444440880-2871013289-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-116116240-444440880-2871013289-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-116116240-444440880-2871013289-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-116116240-444440880-2871013289-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-116116240-444440880-2871013289-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-116116240-444440880-2871013289-504 - Limited - Disabled)
winki (S-1-5-21-116116240-444440880-2871013289-1001 - Administrator - Enabled) => C:\Users\winki

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader (HKLM\...\{29F889EE-CD6A-48B7-8197-9E37E54336C9}) (Version: 4.18.1.4500 - Open Media LLC)
A Plague Tale Innocence (HKLM-x32\...\A Plague Tale Innocence_is1) (Version: - )
ADATA SSD ToolBox version 4.1.0 (HKLM-x32\...\{C0991D3E-8786-48E7-A5DB-57FBACB0A03A}_is1) (Version: 4.1.0 - ADATA, Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20095 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_2) (Version: 17.0.2 - Adobe Inc.)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_0_0) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_0) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_1_2) (Version: 24.1.2 - Adobe Inc.)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1887, 19.02.2017 - AIMP DevTeam)
Any Video Converter Ultimate 6.0.4 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
A-PDF Split 2.7 (HKLM-x32\...\A-PDF Split_is1) (Version: - A-PDF.com)
Apeaksoft Data Recovery 1.2.18 (HKLM-x32\...\{DB8A74C3-8F3E-4711-B152-436BDD91DAE1}_is1) (Version: 1.2.18 - Apeaksoft Studio)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Ashampoo Burning Studio 19 (HKLM-x32\...\{91B33C97-BA3F-5C99-C2A6-0EB17CC9054B}_is1) (Version: 19.0.2 - Ashampoo GmbH & Co. KG)
Balíček ovladače systému Windows - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION(R)3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Wallpaper (HKLM-x32\...\{9C94D5E4-22D6-457B-9263-9C68DBF669DD}) (Version: 1.0.9.3 - Microsoft Corporation)
BitLord 2.4 (HKLM-x32\...\BitLord) (Version: 2.4.6-350 - House of Life)
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.0.1022 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Cities Skylines Industries (HKLM-x32\...\Cities Skylines Industries_is1) (Version: - )
Cooking Simulator Pizza (HKLM-x32\...\Cooking Simulator Pizza_is1) (Version: - )
Core Temp 1.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.7 - ALCPU)
Crucial Storage Executive (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Crucial Storage Executive 3.55.032018.04) (Version: 7.01.012021.03 - Crucial)
CrystalDiskInfo 8.12.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.0 - Crystal Dew World)
CrystalDiskMark 8.0.1 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.1 - Crystal Dew World)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: Build_3214677Change_4155897 - GOG.com)
Cyberpunk 2077 (HKLM-x32\...\Cyberpunk 2077_is1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Deezloader Remix 4.3.0 (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\5eed4b40-1ed5-51be-ab52-56cdb94a998f) (Version: 4.3.0 - RemixDevs)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Delta 0.9.2 (only current user) (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\0161ecdc-2041-5655-9e4e-ee442fb322e0) (Version: 0.9.2 - Opus Labs CVBA)
Desperados III (HKLM-x32\...\Desperados III_is1) (Version: - )
Discord (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EaseUS Todo Backup 13.2 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 13.2 - CHENGDU YIWO Tech Development Co., Ltd)
Effects Suite 64-bit (HKLM\...\{A9462025-681A-44C7-9F6F-70C96320F4C2}) (Version: 11.0.0 - Red Giant Software) Hidden
Effects Suite 64-bit (HKLM-x32\...\InstallShield_{A9462025-681A-44C7-9F6F-70C96320F4C2}) (Version: 11.0.0 - Red Giant Software)
Electrum (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Electrum) (Version: 2.9.3 - Electrum Technologies GmbH)
Epic Games Launcher (HKLM-x32\...\{AFC6C4B8-57A3-43C3-9F1C-C4239CAECDAC}) (Version: 1.1.215.0 - Epic Games, Inc.)
Far Cry 6 (HKLM-x32\...\Uplay Install 5266) (Version: - Ubisoft)
Folder Marker Pro (HKLM\...\Folder Marker Pro_is1) (Version: 4.2 - ArcticLine Software)
FontForge verze 31-07-2017 (HKLM-x32\...\{56748B9C-19AE-4689-B8C5-5A45AE0A993A}_is1) (Version: 31-07-2017 - FontForgeBuilds)
FormApps Signing Extension (HKLM-x32\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeFileSync 9.9 (HKLM-x32\...\FreeFileSync_is1) (Version: 9.9 - FreeFileSync.org)
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
Garden Flipper (HKLM-x32\...\1833342145_is1) (Version: 1.2189 (43428) - GOG.com)
Ghostbusters The Video Game Remastered (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Ghostbusters The Video Game Remastered) (Version: - HOODLUM)
Going Medieval (HKLM-x32\...\1697094317_is1) (Version: 0.5.28.4-REL - GOG.com)
Google Chrome (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Google Chrome) (Version: 94.0.4606.71 - Google LLC)
Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 9.0.7.0 - Google LLC.)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HGTV Flipper (HKLM-x32\...\1689378242_is1) (Version: 1.2189 (43428) - GOG.com)
House Flipper (HKLM-x32\...\1140907376_is1) (Version: 1.2189 (43428) - GOG.com)
HUMANKIND™ (HKLM-x32\...\FLT_Humankind) (Version: - )
Chia Blockchain (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\chia-blockchain) (Version: 1.1.7 - Chia Network)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
IOTA Wallet 2.5.6 (only current user) (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\85125e2a-0211-5c49-9018-9358da1074b1) (Version: 2.5.6 - IOTA Foundation)
iTunes (HKLM\...\{81B253F3-31F6-48CD-96D1-5325EA0E093F}) (Version: 12.11.4.15 - Apple Inc.)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Kena Bridge of Spirits (HKLM-x32\...\Kena Bridge of Spirits_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Life is Strange True Colors (HKLM-x32\...\Life is Strange True Colors_is1) (Version: - )
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.9.3.5 - Hermann Schinagl)
Little Nightmares II (HKLM-x32\...\Little Nightmares II_is1) (Version: - )
Logitech Options (HKLM\...\LogiOptions) (Version: 6.90.135 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Mafia - Definitve Edition (HKLM-x32\...\{D383B15E-3CE1-4B7F-8E88-F93D39BB2E5C}_is1) (Version: - hangar 13)
Magic Bullet Suite v12.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 12.1.4 - Red Giant, LLC)
Malwarebytes version 4.4.8.137 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.8.137 - Malwarebytes)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.38 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.38 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.2.116.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Mister Horse Product Manager (HKLM\...\Mister Horse Product Manager_is1) (Version: 2.0.3 - )
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 93.0 (x64 cs)) (Version: 93.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
MultiBit HD 0.5.1 (HKLM\...\6925-4794-5772-4956) (Version: 0.5.1 - KeepKey,LLC)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NBA 2K22 (HKLM-x32\...\NBA 2K22_is1) (Version: - )
Neon 2.0.0 (only current user) (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\211a501f-25dd-501b-8c98-509ac17aedfa) (Version: 2.0.0 - Ethan Fast)
NetLimiter 4 (HKLM\...\{B3EE94C1-7558-41F1-90B3-EBD718193F95}) (Version: 4.0.68.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.68.0) (Version: 4.0.68.0 - Locktime Software)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 472.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.12 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Opera Stable 79.0.4143.72 (HKLM-x32\...\Opera 79.0.4143.72) (Version: 79.0.4143.72 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.105.49133 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Plex Media Server (HKLM-x32\...\{b5de1a1d-c377-415c-8d61-6513b39c0b0a}) (Version: 1.20.1.3252 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{ED54B00E-46E5-42F2-9590-7727CCE52133}) (Version: 1.20.1252 - Plex, Inc.) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Project CARS 3 (HKLM-x32\...\Project CARS 3_is1) (Version: - )
ProtonVPN (HKLM-x32\...\{3047853A-7C09-4DF6-9B3C-3758F1DBC82F}) (Version: 1.17.1 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.17.1) (Version: 1.17.1 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.10.0 - Red Giant, LLC)
Revo Uninstaller Pro 4.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.5 - VS Revo Group, Ltd.)
RimWorld Ideology (HKLM-x32\...\RimWorld Ideology_is1) (Version: - )
Road 96 (HKLM-x32\...\Road 96_is1) (Version: - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.0.0.510 - Samsung Electronics)
Skype verze 8.25 (HKLM-x32\...\Skype_is1) (Version: 8.25 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Spotify) (Version: 1.1.69.612.gb7409abc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{4AE34600-E4A1-4025-831A-F95EA1EF0FC2}) (Version: 1.20.1252 - Plex, Inc.) Hidden
SuperLuminal StarDust v1.1.2 CE for After Effects (HKLM\...\StarDust_is1) (Version: 1.1.2 - Team V.R)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Telegram Desktop version 1.5.15 (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.15 - Telegram Messenger LLP)
The Wolf Among Us čeština verze 5.0 (HKLM-x32\...\{47E808C7-0C07-4DF8-877F-7FD653DCDE7B}_is1) (Version: 5.0 - )
Thumbnail me 3.0 (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\Thumbnail me 3.0) (Version: - )
Trackmania (HKLM-x32\...\Uplay Install 5595) (Version: - Ubisoft)
Train Valley 2 (HKLM\...\TinyISO - Train Valley 2) (Version: - TinyISO)
Trapcode Suite v13.0.1 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 13.0.1 - Red Giant, LLC)
TrucksBook Client verze 1.3.2 (HKLM-x32\...\TrucksBook Client_is1) (Version: 1.3.2 - TrucksBook)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 50.0 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Skype for Business 2016 (KB4493155) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5376168B-3DBF-4B19-9F74-2ECBDC1BFB46}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4493155) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5376168B-3DBF-4B19-9F74-2ECBDC1BFB46}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4493155) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{5376168B-3DBF-4B19-9F74-2ECBDC1BFB46}) (Version: - Microsoft)
VdhCoApp 1.6.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Waves Client 1.0.21 (only current user) (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\f077d7c1-dd13-50a1-8533-9deb9aba8648) (Version: 1.0.21 - Waves Platform)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WizTree v3.25 (HKLM\...\WizTree_is1) (Version: - Antibody Software)
WRC 10 FIA World Rally Championship (HKLM-x32\...\WRC 10 FIA World Rally Championship_is1) (Version: - )
ZXP Installer (HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\5dbc225fc0bf0a3b) (Version: 0.5.0.124 - aescripts + aeplugins)

Packages:
=========
A Plague Tale: Innocence -> C:\Program Files\WindowsApps\FocusHomeInteractiveSA.APlagueTaleInnocence-Window_1.0.6.0_x64__4hny5m903y3g0 [2020-08-17] (Focus Home Interactive SA)
Daily Desktop Wallpaper -> C:\Program Files\WindowsApps\41879VbfnetApps.DailyBingWallpaper_2.9.6.0_x64__7casf8sqhfy78 [2021-10-11] (Vbfnet Apps)
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_5.30.70.0_x86__q7m17pa7q8kj0 [2021-10-01] (Deezer SA)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc)
Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.474.687.2_x64__8wekyb3d8bbwe [2021-09-06] (Microsoft Studios)
Forza Horizon 4 Formula Drift Car Pack -> C:\Program Files\WindowsApps\Microsoft.FormulaDriftCarPack_1.0.3.2_neutral__8wekyb3d8bbwe [2021-05-16] (Microsoft Studios)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.17.0_neutral__8xx8rvfyw5nnt [2021-10-02] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-14] (Microsoft Corporation) [MS Ad]
Microsoft Flight Simulator -> C:\Program Files\WindowsApps\Microsoft.FlightSimulator_1.19.9.0_x64__8wekyb3d8bbwe [2021-10-08] (Microsoft Studios)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-08] (NVIDIA Corp.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-25] (Microsoft Corporation)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-04-06] (Samsung Electronics Co. Ltd.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.93\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{9B57F475-CCB0-4C85-88A9-2AA9A6C0809A} -> [Amazon Drive] => C:\Users\winki\Amazon Drive
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\winki\AppData\Local\Google\Chrome\Application\94.0.4606.71\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{bb271103-d1ae-4967-855f-b2a5c5d165e3}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ShellIconOverlayIdentifiers: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ShellIconOverlayIdentifiers-x32: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-03-07] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2020-04-16] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2020-04-16] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-10-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-03-07] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2020-04-16] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\nvshext.dll [2021-09-16] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [FMMenuExt] -> {47C91696-894C-46A1-B196-2C7CA1952F45} => C:\Program Files (x86)\Folder Marker\ShellExt64.dll [2013-08-21] (ArcticLine Software) [File not signed]
ContextMenuHandlers6: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2021-01-17] (schinagl.priv.at -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-10-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Link Shell Extension\Donate.lnk -> hxxp://schinagl.priv.at/nt/hardlinkshellext/linkshellextension.htm
ShortcutWithArgument: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Plex.lnk -> C:\Users\winki\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fpniocchabmgenibceglhnfeimmdhdfm
ShortcutWithArgument: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\TREZOR Chrome Extension.lnk -> C:\Users\winki\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jcjjhjgimijdkoamemaghajlhegmoclj
ShortcutWithArgument: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Users\winki\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\winki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\WavesLiteApp.lnk -> C:\Users\winki\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kfmcaklajknfekomaflnhkjjkcjabogm

==================== Loaded Modules (Whitelisted) =============

2020-10-04 11:04 - 2020-10-04 11:04 - 000336896 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\ac3_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 000394752 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\ac3_encoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 000608256 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\dca_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 001558528 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\h264_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 000818176 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\hevc_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 001800704 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\libx264_encoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 000560640 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\mpeg2video_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 001268224 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\mpeg4_decoder.dll
2020-10-04 11:04 - 2020-10-04 11:04 - 002117632 ____C () [File not signed] \\?\C:\Users\winki\AppData\Local\Plex Media Server\Codecs\96550d8-3281-windows-x86\vc1_decoder.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2021-05-14 19:24 - 2020-02-24 13:05 - 001291264 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2021-05-14 19:24 - 2020-02-24 13:05 - 000055808 _____ () [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2021-09-30 09:56 - 2021-09-16 10:46 - 002661888 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\ffmpeg.dll
2021-09-30 09:56 - 2021-09-16 10:46 - 000367104 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libegl.dll
2021-09-30 09:56 - 2021-09-16 10:46 - 006631936 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libglesv2.dll
2021-09-30 09:56 - 2021-09-16 10:46 - 000458752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magutils-napi.node
2021-09-30 09:56 - 2021-09-16 10:46 - 000445440 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magvibrancy-napi.node
2021-09-30 09:56 - 2021-09-16 10:46 - 001411072 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\uimpewrapper-napi.node
2020-03-06 00:11 - 2020-03-06 00:11 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2017-03-07 18:22 - 2017-03-07 18:22 - 002059848 _____ (Artem Izmaylov -> AIMP DevTeam) [File not signed] C:\Program Files (x86)\AIMP\System\aimp_menu64.dll
2021-05-14 19:24 - 2020-02-24 13:05 - 000892928 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\iconv.dll
2018-06-29 12:57 - 2017-05-23 14:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-06-29 12:57 - 2017-05-23 14:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
2021-05-14 19:23 - 2020-02-24 13:06 - 001359872 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\LIBEAY32.dll
2021-05-14 19:23 - 2020-02-24 13:06 - 000365056 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\SSLEAY32.dll
2021-05-14 19:23 - 2020-02-24 11:45 - 001359872 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\LIBEAY32.dll
2017-02-26 23:26 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2017-02-26 23:26 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, http://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2017-02-26 23:26 - 2020-01-22 21:30 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-10-06 19:37 - 2020-01-22 21:30 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [294]
AlternateDataStreams: C:\Users\winki\Desktop\Metro: 2033 Redux.url [269]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-116116240-444440880-2871013289-1001 -> {574D8BD1-9409-46EB-818C-BE355B2D96B5} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2021-05-14 19:27 - 000000342 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 activation.easeus.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Crucial\Crucial Storage Executive;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\EaseUS\Todo Backup\bin
HKU\S-1-5-21-116116240-444440880-2871013289-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-116116240-444440880-2871013289-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\winki\AppData\Local\Microsoft\BingWallpaperApp\WPImages\20211011.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{712E6954-992E-4ADE-872E-401F36F95A9E}A:0\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) A:0\users\winki\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [TCP Query User{4E9BC4ED-1BED-4EFF-BDF9-3B0CB75BBC59}A:0\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) A:0\users\winki\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [{FC52BCC8-16E6-4B40-8074-0EACF022CEE5}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{D37209DF-594E-4C4D-80FB-5480E4D506B8}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{3F09E09F-D892-4D2E-979E-00E4B7CED378}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{AABBE277-15DF-4F02-82D0-1FCDB05EEC71}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{D4AF6A38-4D28-4361-AE50-35DB7954ED5C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{407A8AA3-05DE-4C9B-8919-5F2194A31864}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{D3D8139F-5023-44EF-BB38-8797A6B900E9}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\CMC\bin\EBCClient.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{551C27F3-3016-49B0-ABE1-D54834201848}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.0\ABService.exe => No File
FirewallRules: [{91AB568A-6D21-476A-80F0-C73A3989D3F7}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.0\ABService.exe => No File
FirewallRules: [{222D03B8-EEAD-4EFB-9315-C4F84594C262}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{71FC3D61-FB46-40FB-861A-405FBD33DF23}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [UDP Query User{35861AA1-490B-4515-B118-78A1F3AB0C1C}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [TCP Query User{E226A334-7229-4576-8693-9CDA80D512A1}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [UDP Query User{2EB280D9-7230-411C-B0A8-473AEE45209E}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [TCP Query User{61A9A55B-1C87-40B7-AF4C-3CA21FA3E964}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [{CFCF6F53-7857-44F9-B151-0E4980626EA9}] => (Allow) E:\SteamLibrary\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe (Tarsier Studios) [File not signed]
FirewallRules: [{7E719B94-8807-42D6-A39A-FFD33573448B}] => (Allow) E:\SteamLibrary\steamapps\common\Little Nightmares\Atlas\Binaries\Win64\LittleNightmares.exe (Tarsier Studios) [File not signed]
FirewallRules: [{63D5B6C5-6FB6-425E-93EF-70AD2A71A9BA}] => (Allow) E:\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{6590DA4C-6706-42E0-B4AF-86A7053804A2}] => (Allow) E:\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{4DCA0EA8-EFC6-4A70-8001-A121806E3980}] => (Allow) E:\SteamLibrary\steamapps\common\Mad Games Tycoon 2\Mad Games Tycoon 2.exe () [File not signed]
FirewallRules: [{43EFB8A8-2201-4557-834A-833C86CD86B1}] => (Allow) E:\SteamLibrary\steamapps\common\Mad Games Tycoon 2\Mad Games Tycoon 2.exe () [File not signed]
FirewallRules: [{81CC502F-8864-4C0B-8FEE-1AA3E881B282}] => (Allow) E:\SteamLibrary\steamapps\common\OpenTTD\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [{8AECA067-250A-4305-AAA1-F1065654C7AF}] => (Allow) E:\SteamLibrary\steamapps\common\OpenTTD\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [UDP Query User{5B492200-B9C9-4C70-AF37-A447F571795F}E:\hry\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{D91C7840-C720-42B4-86CB-02D4C80C9B0A}E:\hry\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{3DBC287B-EF2D-46CB-A20D-6F4BDBF7C316}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{DF2E0085-55DC-43EB-A72A-04A6B40178DA}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{974A3A82-8203-49D8-B4AE-50934E756C60}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [UDP Query User{A5F04EF0-884C-4754-9A17-C72F9C6BCCA9}D:\games\city car driving\bin\win32\starter.exe] => (Block) D:\games\city car driving\bin\win32\starter.exe => No File
FirewallRules: [TCP Query User{FA056E0D-F5EB-4C31-B5CC-B241F3912E94}D:\games\city car driving\bin\win32\starter.exe] => (Block) D:\games\city car driving\bin\win32\starter.exe => No File
FirewallRules: [{4C18741E-3914-42B5-BF43-1447B2B2893A}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{1D70A612-8CC7-4843-961C-74F9A40A60D8}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{78BF7E95-E701-4434-9058-EA461735AC63}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{07F4FD12-84BF-4701-A254-2293DCBFD7CE}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [UDP Query User{4E5FD0AA-C28F-4B5D-96FB-90D855D0EFF7}E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{026527F2-C00B-4784-8404-298E56142F81}E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{7391A361-D1D0-4479-BFCD-344566ACCE06}E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{E17268C9-0DAF-4DB1-B93D-43C22D2739EE}E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{EE171875-6B91-4028-B430-14B53C699ADD}E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{C55BAC28-86FD-4DC6-AFAA-6D35DF8186F9}E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{D9718FCE-94D5-4254-B194-7F90CE057566}I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{3D35A7A2-382D-4477-BDC8-227532AC2F6A}I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{2D891445-E443-46E9-96F9-8C0ABA05D396}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{67A4408F-681D-4AB1-96D9-429DBBA515EC}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{353FC105-B594-4FA7-A80A-7631AE5418AA}] => (Allow) E:\UPLAY Game\Assassin's Creed Valhalla\ACValhalla_Plus.exe => No File
FirewallRules: [TCP Query User{6C532995-BF06-4F25-837F-257347D0C454}E:\uplay game\anno 1800\bin\win64\anno1800_plus.exe] => (Allow) E:\uplay game\anno 1800\bin\win64\anno1800_plus.exe => No File
FirewallRules: [{DE09F60F-5EEF-4CE2-A89A-BBA62BFF1E5C}] => (Allow) E:\UPLAY Game\Anno 1800\Bin\Win64\Anno1800.exe => No File
FirewallRules: [{7D451BEF-9906-41D7-9E6D-2570E2E96285}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{939EA703-6FBB-4334-BF1E-185A556DE519}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{25744F62-A558-4CF9-8F39-32C0FC384CCC}] => (Allow) E:\SteamLibrary\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{AB332A27-5BA4-404D-AEAB-EE5B2BDE529D}] => (Allow) E:\SteamLibrary\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{1A3D8CF9-FC85-41A7-85CC-2AE373975D54}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{AFB8B49B-E151-4250-999E-E9834F0CE8B6}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{050FDBFE-AA9C-444F-90AF-0B1575D1915B}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{4246A919-94EE-484E-B5F6-96E4DD07C4E6}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{73C8EE0F-1A90-4848-9D31-E4ECE7990A9D}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{F72C7959-10DF-4337-BBDD-2194573B79B9}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{7FCA6964-66E2-46B8-B68B-3B0DA03C93EE}] => (Allow) E:\Hry\Trackmania\trackmania.exe => No File
FirewallRules: [{E4A72B79-FD00-47AF-BA82-7AE5BE5DE867}] => (Allow) E:\Hry\Trackmania\trackmania.exe => No File
FirewallRules: [{24569E89-CD1B-46B7-BA13-D30B1127BBDD}] => (Allow) E:\SteamLibrary\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{1D75D7C2-B8FC-49B8-9E05-556BC403F9A0}] => (Allow) E:\SteamLibrary\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [UDP Query User{D2F7C868-7CDB-47BB-809B-6342EB6317B9}C:\users\winki\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\winki\appdata\local\programs\deezloader remix\deezloader remix.exe (RemixDevs) [File not signed]
FirewallRules: [TCP Query User{09D01B29-97C9-4980-B792-ADC1973E30D5}C:\users\winki\appdata\local\programs\deezloader remix\deezloader remix.exe] => (Allow) C:\users\winki\appdata\local\programs\deezloader remix\deezloader remix.exe (RemixDevs) [File not signed]
FirewallRules: [UDP Query User{0A76A6D9-0CB6-4BAC-8674-F195C9A31E24}E:\hry\good.company.early.access\good company\goodcompany.exe] => (Block) E:\hry\good.company.early.access\good company\goodcompany.exe => No File
FirewallRules: [TCP Query User{34360024-7DB3-4A92-AF2A-B9E9D3C027A7}E:\hry\good.company.early.access\good company\goodcompany.exe] => (Block) E:\hry\good.company.early.access\good company\goodcompany.exe => No File
FirewallRules: [UDP Query User{A72D0A3F-576B-4D07-971E-DC7677454E8A}E:\battle net\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{FEB3AFA8-7D37-4365-BCA1-76D14B24FC6D}E:\battle net\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [{C3E5334A-26DF-46DB-B982-B73A8AD22B79}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe (House of Life) [File not signed]
FirewallRules: [{2ABDA6FA-AAF2-4162-BD87-4E00BF5A8DE2}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe (House of Life) [File not signed]
FirewallRules: [{38C4353F-F999-42F3-954A-3F03D32AB33F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79B3D9A5-C6F1-4033-A70F-B93214742DED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6A09DA51-603D-4184-8940-E1405C4C6589}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{67388E39-ED65-4CFD-85D0-EDEFEB47F3B5}] => (Allow) E:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{FE261482-3C81-43D6-8C16-0A94D4E1C4FC}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{7B7B5243-0311-421D-8F70-B5E1E024495B}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{E483D9C6-77FD-44CF-A99B-75B3AD798BE8}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{3C697972-F5BD-460B-9E64-2A1CA73371CF}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [UDP Query User{0DB031E1-A8F1-4E03-A5B1-65400B89BBC0}G:\origin\download\fifa 20\fifa20.exe] => (Allow) G:\origin\download\fifa 20\fifa20.exe => No File
FirewallRules: [TCP Query User{273C28A2-D4DD-4C92-9D8B-F5AD9B6C511A}G:\origin\download\fifa 20\fifa20.exe] => (Allow) G:\origin\download\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{0FA6194E-FDAC-413A-86D9-E17EE36B0318}E:\hry\rebel inc escalation\rebel inc. escalation.exe] => (Allow) E:\hry\rebel inc escalation\rebel inc. escalation.exe => No File
FirewallRules: [TCP Query User{A970B428-E095-4A68-8911-F5C09CBA6433}E:\hry\rebel inc escalation\rebel inc. escalation.exe] => (Allow) E:\hry\rebel inc escalation\rebel inc. escalation.exe => No File
FirewallRules: [UDP Query User{649EBA64-1A17-48DB-805B-F82A1EBD1A3C}E:\battle net\hearthstone\hearthstone.exe] => (Allow) E:\battle net\hearthstone\hearthstone.exe => No File
FirewallRules: [TCP Query User{C5B4F4CE-312B-415A-941F-1AAD4527384B}E:\battle net\hearthstone\hearthstone.exe] => (Allow) E:\battle net\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{FD7FE6C4-C79B-4903-9EFC-B9628B6AA1F2}E:\battle net\call of duty modern warfare beta\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare beta\modernwarfare.exe => No File
FirewallRules: [TCP Query User{EFD94769-A765-4D5F-87BB-32626B5DB5F3}E:\battle net\call of duty modern warfare beta\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare beta\modernwarfare.exe => No File
FirewallRules: [UDP Query User{859BD477-FDCF-4D97-A669-408AFFA82CF1}E:\origin\fifa 20 demo\fifa20_demo.exe] => (Allow) E:\origin\fifa 20 demo\fifa20_demo.exe => No File
FirewallRules: [TCP Query User{508A4D26-B581-44B2-AB0D-2C4983C538FF}E:\origin\fifa 20 demo\fifa20_demo.exe] => (Allow) E:\origin\fifa 20 demo\fifa20_demo.exe => No File
FirewallRules: [UDP Query User{F3D96B2D-7276-46B8-B8D0-2B546FFCD0E8}E:\origin\fifa 18 demo\fifa18_demo.exe] => (Block) E:\origin\fifa 18 demo\fifa18_demo.exe => No File
FirewallRules: [TCP Query User{1D9494D8-42B6-49DA-9FC0-35F2CD7EAE34}E:\origin\fifa 18 demo\fifa18_demo.exe] => (Block) E:\origin\fifa 18 demo\fifa18_demo.exe => No File
FirewallRules: [{44C6BDC9-F009-4B7C-8988-39DA80968A24}] => (Allow) G:\STEAM Library\SteamApps\common\Project CARS 2\pCARS2.exe => No File
FirewallRules: [{279792C2-FDCF-43A5-A52C-94420DF28B0E}] => (Allow) G:\STEAM Library\SteamApps\common\Project CARS 2\pCARS2.exe => No File
FirewallRules: [{70B595F0-5A7F-4EB2-97CF-051429540B3E}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{696DDBBA-0E13-4E84-A7B1-14BE80F22C71}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{3E0D6E26-D68E-4FEC-A40B-AE1D7DAB2E18}] => (Allow) G:\STEAM Library\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe => No File
FirewallRules: [{F3919D95-47EB-4926-9181-D6ED4F2511D1}] => (Allow) G:\STEAM Library\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe => No File
FirewallRules: [UDP Query User{8B58F83A-B5BA-46EB-9B82-BAF2D42DCDE8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [TCP Query User{E0A647E0-7A9E-4B4C-BB3F-D4EDA7C4629E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [UDP Query User{67C40BB5-F35A-4377-9810-4433D1EB70E8}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{79F893DA-2B81-4CBD-A457-1FB0663A1E45}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{0DA3F07D-37B8-473E-8A54-E80EC1BDFC96}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{EFE5EEA6-2333-4400-B2F6-01C23023BAB9}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{F91CC537-8729-404D-9538-8EB360472777}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe => No File
FirewallRules: [{7BAC759C-0383-4869-8460-7E39C0867411}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe => No File
FirewallRules: [{D6326257-FE76-4E23-86AE-6F6FC96F4FFA}] => (Allow) G:\STEAM Library\SteamApps\common\Farm Frenzy Collection\FarmFrenzyMegaPack.exe => No File
FirewallRules: [{B277E5A3-EA94-49D7-84A1-2971BF8E441D}] => (Allow) G:\STEAM Library\SteamApps\common\Farm Frenzy Collection\FarmFrenzyMegaPack.exe => No File
FirewallRules: [{44F406F2-FE8F-4CA3-B7BB-C6C5AA5ED1AC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{3B042E80-EF41-4180-9231-0CD57C64EB22}G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{96732A90-2CB3-4F66-AF08-67107EC465EA}G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{5FB29185-3694-4A3D-A5EC-7A94E686DE36}] => (Allow) G:\STEAM Library\SteamApps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{33C65872-C67B-45A9-8C50-A78C24835A46}] => (Allow) G:\STEAM Library\SteamApps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [UDP Query User{BC720004-B591-4991-8CBC-09F255FA6D8E}C:\users\winki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\winki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{321C0D19-4A92-47DD-805F-E69FC4C43937}C:\users\winki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\winki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{82D90212-31DA-46C8-B17F-AE1F76F36B90}C:\users\winki\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\winki\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{AD992CC5-1007-4A75-AAC1-46896643960E}C:\users\winki\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\winki\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{98448801-6A94-4FDC-8753-0FA7E26387A0}C:\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\winki\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{4640D0CC-06A5-4E12-9C68-4EE592A2EDD4}C:\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\winki\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D73785E6-F57E-4BB3-8E14-28658E56A164}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3950A9A0-3AEB-45E2-918A-CD5A2E1E7DB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{40A88AC0-48C7-4136-805A-B53F0DE10C8A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CF014B45-129E-4139-A760-D7655A86EFF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{74F693CD-A7C5-4666-953D-9817E47A3976}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A93CD9CE-565C-4E84-A2C4-7707613FE3A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0FC46975-F27B-4599-A3CB-C05A89ADF97E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D18E68F1-86A8-4B5C-A038-4B99FEC095DB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2C2F5385-3762-4692-8FE3-39892BB0DB0A}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{D0548856-DD0B-4974-B77D-ABF9FC101DCF}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{A22787EB-FE2E-4490-8F2C-532C37D9C571}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1.exe => No File
FirewallRules: [{4AE780DE-58DE-425E-8602-F394D398E881}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1.exe => No File
FirewallRules: [{3D66F668-1BD2-4829-939B-EE058CD1FBF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB5FF2BB-D37D-44BF-82B9-E75EA1633F71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB510BBF-B05B-4D0C-9482-7FEBE9029E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A4753161-2B8C-4C6D-9017-00F3ABA24D98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{24164311-B2FF-453F-A72B-B7B96213BE52}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe () [File not signed]
FirewallRules: [UDP Query User{6FE118C4-47F6-4772-9E3D-E0F390D8AC3F}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe () [File not signed]
FirewallRules: [TCP Query User{C92F4E0C-A7EA-4CCE-AAFF-6FB93F1A33DA}C:\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\winki\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{4B81A7F8-A47F-464C-8AE7-48F27FFEFB9E}C:\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\winki\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{0480E7B9-017A-4765-BA5C-8BB937FCC4F3}C:\users\winki\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\winki\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{76DCFC87-3ACD-43AA-81BC-DACAEFA973AD}C:\users\winki\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\winki\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{70C86191-A7B3-4C9A-9262-CFB5ECA36A94}C:\users\winki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\winki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{97B5893F-ED46-4BB9-9A2D-503A0B40F6E1}C:\users\winki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\winki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{52DDF782-1ED1-42E9-A542-8528B0E269F1}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [UDP Query User{3FE3F6F6-C05E-4B84-AE3A-8149631D26AB}C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cc 2017\support files\afterfx.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{5733D149-3032-448F-A321-CE3F6F7A7071}G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{629C5957-8A9F-4ACE-867F-B6F52A6F304F}G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{2E0CD233-F733-4273-9F4C-D8A6E6FF55BD}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe () [File not signed]
FirewallRules: [UDP Query User{3CEFF28C-33A9-475C-A3D6-D75E222E01C0}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe () [File not signed]
FirewallRules: [{0BA9BC29-DF64-42CB-BD0B-FB0B15853978}] => (Allow) G:\STEAM Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [{08E7DBBC-9BC6-47B4-AA38-D339B27C4DA1}] => (Allow) G:\STEAM Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [TCP Query User{AC6B54F1-F24A-4D49-930D-AD8EE1F58288}C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe () [File not signed]
FirewallRules: [UDP Query User{61F5218F-6F20-4D08-9FA7-D4FEFA8C3319}C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\fontforgebuilds\bin\vcxsrv\vcxsrv.exe () [File not signed]
FirewallRules: [{28036375-0B3C-421D-8420-A4F9476A675C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BBE87F96-C1C6-470E-8B1D-FF975EFD6CB2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{76DD6E0D-11E1-47AD-87E9-9F7742E87271}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6DEC1814-18BB-4277-B53F-CA6B8AEA1A4F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{777339A6-2E89-435D-B5C5-BD24789DE2C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{87183634-1B1F-40CC-A6F4-934ADC3342FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{A20F4D63-C417-4B42-9350-4C4E1A5D1A33}D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{CE3D5D18-7BE1-47F1-935A-745F0A4D4546}D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe => No File
FirewallRules: [{3F5D9630-D9B7-46F5-ABDC-D067A7F89DAF}] => (Allow) G:\STEAM Library\SteamApps\common\Football Tactics Demo\game.exe => No File
FirewallRules: [{4BDB7126-F233-4EF4-8598-3F65B0676AA6}] => (Allow) G:\STEAM Library\SteamApps\common\Football Tactics Demo\game.exe => No File
FirewallRules: [{16722EAD-07E5-4537-A614-69CC3AA25550}] => (Allow) G:\STEAM Library\SteamApps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{DE9FB1E8-DCEC-45A4-9B41-9F50EC2F9B99}] => (Allow) G:\STEAM Library\SteamApps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{B623CAE5-BD03-4CA8-8D9E-47FA6164DDF9}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{B232DCA9-EC18-4B34-B1B3-865B7C8F56F1}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{70B1534E-F5EE-46DB-AE23-AEF48404E2B2}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{69E7DD0E-E56E-48A8-9244-C1148DB8317E}C:\program files\adobe\adobe photoshop cc 2017\required\dynamiclinkmediaserver\amecommand.exe] => (Block) C:\program files\adobe\adobe photoshop cc 2017\required\dynamiclinkmediaserver\amecommand.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [UDP Query User{DD8B28D5-4ECE-4034-91E8-BF9BAAE76D36}C:\program files\adobe\adobe photoshop cc 2017\required\dynamiclinkmediaserver\amecommand.exe] => (Block) C:\program files\adobe\adobe photoshop cc 2017\required\dynamiclinkmediaserver\amecommand.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
FirewallRules: [{96EB2E45-8869-4EBE-BEF6-9517348F045F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8CE72AEB-2252-4402-8476-98963A87FBE1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FB281968-A753-4D67-83ED-C143B85AD3F4}] => (Allow) C:\Users\winki\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{A47FDDDB-A196-44C6-9412-64378A364BB7}] => (Allow) C:\Users\winki\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{E589E35C-F7BD-44D1-833C-4E3954174AEC}] => (Allow) G:\STEAM Library\SteamApps\common\Desperados Wanted Dead or Alive\desperados.exe => No File
FirewallRules: [{AE5340C3-D8B5-487D-8569-521B1C3B9923}] => (Allow) G:\STEAM Library\SteamApps\common\Desperados Wanted Dead or Alive\desperados.exe => No File
FirewallRules: [{E421A2D8-BF18-43C8-BFFC-2177AE3565BC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FCF9A245-AD99-4BAF-8CFB-2B0E7376301F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B2D2AA65-844F-41A9-8FA9-56D87439A051}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{ABBC9076-091F-459B-B6EA-F256DC001CE9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{981EBEB2-C33D-4ABB-BBCB-BE4B7D524A03}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1987EECD-1950-4C74-B5C2-3011B31D30E9}] => (Allow) LPort=2869
FirewallRules: [{A4CFA20E-A863-419E-85B1-FC2159BDD382}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{0194A920-600A-4472-913E-A3ABD71CF2EC}G:\hry\foundation.early.access\foundation\foundation.exe] => (Allow) G:\hry\foundation.early.access\foundation\foundation.exe => No File
FirewallRules: [UDP Query User{D432268D-8DDE-40F8-99FB-DC26DA5C884E}G:\hry\foundation.early.access\foundation\foundation.exe] => (Allow) G:\hry\foundation.early.access\foundation\foundation.exe => No File
FirewallRules: [{8F851BC9-D613-44AE-869C-E9E4598AA0D8}] => (Allow) G:\STEAM Library\SteamApps\common\Production Line\ProductionLine.exe => No File
FirewallRules: [{87719851-FD60-4E1C-9A04-DCE31E864214}] => (Allow) G:\STEAM Library\SteamApps\common\Production Line\ProductionLine.exe => No File
FirewallRules: [TCP Query User{7E398FA9-D8FE-49D1-8AD0-7471DEF60F29}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9C8320E6-489E-4626-A679-65789BDA8891}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{1237AF2F-5865-4E29-9CCE-9D246098EFB2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{995C095B-24E1-4247-A296-359FD5D40648}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9A5F928E-7B76-46CE-99BC-76BB8DADF46B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{92EFB39E-5D0D-4337-8242-446B61C31D6A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DB7DF9CB-7F3D-42DF-930C-70651C48FC6A}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{E267FE67-09EF-4BC4-AB3B-A099D807C552}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [TCP Query User{AC134181-674B-442D-81D7-B3CB2AAF17F8}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [UDP Query User{BC36A58E-76F7-405D-B77A-972F99353008}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [TCP Query User{7567D16C-3206-4164-A56C-8BD4B68F62CA}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [UDP Query User{B72672E9-CAD8-44E4-A015-17EDB189A6A6}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [{853332CE-3EE2-40A3-A5EB-7F27186ECF64}] => (Allow) E:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{DA5BE6CC-6A12-49DF-81BA-DC87A0B59890}] => (Allow) E:\SteamLibrary\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [TCP Query User{481C4EF9-CB4C-4D59-A208-22D177D94059}K:7\flightsimulator.exe] => (Allow) K:7\flightsimulator.exe => No File
FirewallRules: [UDP Query User{1AE3EB92-EC85-4663-AB44-BCD7E3B33C60}K:7\flightsimulator.exe] => (Allow) K:7\flightsimulator.exe => No File
FirewallRules: [TCP Query User{B8C2CD7F-6B67-4986-8FBD-C29C69AE4EDF}H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{3D8159EC-4410-46E0-A1BA-7EB0D34E0C8F}H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{94BBD6BB-F129-4DDD-8F6D-FFBE380EADF5}H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe] => (Allow) H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{3C876C09-1C34-4394-81CD-38263710CA4E}H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe] => (Allow) H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe => No File
FirewallRules: [TCP Query User{0A184AF5-90DC-4AD8-8B23-127FB59AEBC3}C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_farmer.exe (CHIA NETWORK INC. -> )
FirewallRules: [UDP Query User{4F98B66C-A239-4D02-8F1D-8056E6644A9F}C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_farmer.exe (CHIA NETWORK INC. -> )
FirewallRules: [TCP Query User{3604C6F7-C39D-4276-A739-3087BC9B4096}C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_full_node.exe (CHIA NETWORK INC. -> )
FirewallRules: [UDP Query User{C28C3F18-00AF-42A7-8553-81415503AECE}C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.7\resources\app.asar.unpacked\daemon\start_full_node.exe (CHIA NETWORK INC. -> )
FirewallRules: [{AF650B7F-4C27-4080-8306-5712572FB372}] => (Allow) H:\SteamLibrary\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A9E48391-1CCF-4BD5-8520-EFCED627C075}] => (Allow) H:\SteamLibrary\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{E7D01ABD-8402-4972-B31A-4AE2458BEB5E}G:\hry\mini.motorways\mini.motorways\mini motorways\mini motorways.exe] => (Block) G:\hry\mini.motorways\mini.motorways\mini motorways\mini motorways.exe () [File not signed]
FirewallRules: [UDP Query User{77CA0E98-FD1B-4776-86B8-BFE018C99EC0}G:\hry\mini.motorways\mini.motorways\mini motorways\mini motorways.exe] => (Block) G:\hry\mini.motorways\mini.motorways\mini motorways\mini motorways.exe () [File not signed]
FirewallRules: [{B25F81CA-E109-4993-B4F7-919C6A85E21A}] => (Allow) H:\SteamLibrary\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [{218F28B3-904E-4499-934B-CD0F9545EB2C}] => (Allow) H:\SteamLibrary\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [{306AFC88-7E91-4CA5-A479-7D13CA3C1124}] => (Allow) K:\SteamLibrary\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [{4811FDA1-3B7E-4692-9C1C-6DE4C0F69535}] => (Allow) K:\SteamLibrary\steamapps\common\PapersPlease\PapersPlease.exe () [File not signed]
FirewallRules: [{948C15AA-CD49-44CF-95FB-A12EFF543BD3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34F342DE-44CF-4170-AF62-8A97F6094471}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA64D215-82D1-4FE0-AEF9-B8A2D1456E11}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{886092C7-E882-441D-B727-83D940F52A77}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5EAB39AD-DDCD-4876-9590-97D8E82955EE}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{585E418A-A565-4455-A19C-01C1381BFC97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1749CB2C-943E-4C2F-9415-87A17BD6A6DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8A3C8FD-4F19-4CD8-BB56-4229E57AE990}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{62C9C2EE-422F-4F68-90FA-3B6ED4FEF19F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{049E8D22-4680-4D47-A28F-C70D1E472B55}] => (Allow) K:\SteamLibrary\steamapps\common\Gas Station Simulator\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C7AF6440-F81A-4E98-9CC4-5D2F3F89B022}] => (Allow) K:\SteamLibrary\steamapps\common\Gas Station Simulator\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{52C3161A-2160-4EF9-8756-BF03E7C49B18}] => (Allow) C:\Program Files\Opera\79.0.4143.50\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{81F08A38-30B9-44FC-8FE0-38A0D38B1FBE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.38\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4C932917-4206-4FA7-83AF-EB227CA9382D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{64E9F5ED-2A98-46B4-8072-C5FC6C80C472}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3DE85681-F361-4BAC-90BE-654483C95EB5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{37F3DEFB-4B6D-4108-9F08-A614F3A7C5FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A72CC295-1251-42E9-849C-EB952BA5E5CA}] => (Allow) C:\Program Files\Opera\79.0.4143.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{F42EA774-545D-4FCE-91F1-4E9761F18D94}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [{D14432E9-89B7-4BEA-8C68-F0565150D4C6}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed] [File is in use]
FirewallRules: [TCP Query User{6A8BC594-99B4-4DED-AE43-D90E2AD43FD6}K:\steamlibrary\steamapps\common\battlefield 2042 open beta\bf.exe] => (Allow) K:\steamlibrary\steamapps\common\battlefield 2042 open beta\bf.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{67BB9519-F5A7-40AF-AA0B-7280C5453C11}K:\steamlibrary\steamapps\common\battlefield 2042 open beta\bf.exe] => (Allow) K:\steamlibrary\steamapps\common\battlefield 2042 open beta\bf.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{31D86E91-299D-43F6-95F4-758B91128EA5}] => (Allow) K:\Games\Far Cry 6\bin\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{16DAF5E8-C00C-4B04-B394-CCCC51ADC6C4}] => (Allow) K:\Games\Far Cry 6\bin\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{0CCC9882-3C29-4A09-9099-369C84D5E89C}] => (Allow) K:\Games\Far Cry 6\bin_plus\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{AD281155-4570-4EBC-9254-31D9C124EE89}] => (Allow) K:\Games\Far Cry 6\bin_plus\FarCry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{9A0C3674-D2B4-42FC-9364-280CCAB5CB2E}] => (Allow) E:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{F14D9FCD-C0D8-44E3-9BFE-A92CB1895174}] => (Allow) E:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{4397833A-A84B-4D6D-813A-22A4CF3D91E7}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{CC904883-D654-4CF1-A7D7-AEE206F45576}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{7FFA999C-0BAA-49CD-A81C-A9F086A836B8}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{5596212C-A97F-4E71-9010-949DB11DB596}] => (Allow) E:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)

==================== Restore Points =========================

08-10-2021 11:54:32 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/11/2021 04:50:39 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na TOMAŠ (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (10/11/2021 03:57:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na TOMAŠ (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (10/11/2021 02:29:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\winki\AppData\Local\Chromium\Application\chrome.exe se nezdařilo.
Závislé sestavení 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/11/2021 12:48:42 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/10/2021 10:03:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x61527f30
Název chybujícího modulu: EOSSDK-Win64-Shipping.dll, verze: 1.13.0.0, časové razítko: 0x61252e78
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000407dcf
ID chybujícího procesu: 0x19b8
Čas spuštění chybující aplikace: 0x01d7be0c6265da16
Cesta k chybující aplikaci: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Cesta k chybujícímu modulu: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
ID zprávy: ebef4b84-390c-4dce-85c0-5043c4ad3b03
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/10/2021 07:26:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x61527f30
Název chybujícího modulu: EOSSDK-Win64-Shipping.dll, verze: 1.13.0.0, časové razítko: 0x61252e78
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000407dcf
ID chybujícího procesu: 0x143c
Čas spuštění chybující aplikace: 0x01d7bdf7ecba3fe8
Cesta k chybující aplikaci: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Cesta k chybujícímu modulu: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
ID zprávy: 0509f4f1-ca6f-4fde-879c-9da0b5010049
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/10/2021 05:59:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\winki\AppData\Local\Chromium\Application\chrome.exe se nezdařilo.
Závislé sestavení 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/10/2021 03:06:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\winki\AppData\Local\Chromium\Application\chrome.exe se nezdařilo.
Závislé sestavení 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (10/11/2021 03:58:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MV0B5HZVK9Z-Microsoft.GamingApp.

Error: (10/11/2021 03:58:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.

Error: (10/08/2021 11:50:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (10/08/2021 11:50:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (10/08/2021 12:11:52 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-0S50FER)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (10/07/2021 04:14:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/07/2021 04:14:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (10/07/2021 12:20:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MWPM2CQNLHN-Microsoft.GamingServices.


Windows Defender:
================
Date: 2021-10-11 16:00:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {355D8943-5327-415F-AA13-B579093485D0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-08 00:57:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {16C57CC9-66B5-43C5-B990-2D738D011D44}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-0S50FER\winki

Date: 2021-10-07 15:36:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7AEF4776-563C-4D28-9AFA-C46C7A2C6B16}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-07 12:23:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {266001C3-D81C-45D3-907B-A6A738DC620E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-05 16:52:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C9D32EFB-2FF7-473C-BC15-4DA5FBFC3E4C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-10-11 16:23:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.3 06/06/2013
Motherboard: MSI Z87-G43 (MS-7816)
Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 39%
Total physical RAM: 32712.05 MB
Available physical RAM: 19815.98 MB
Total Virtual: 37576.05 MB
Available Virtual: 20111.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.13 GB) (Free:215.76 GB) NTFS
Drive d: (TOMAŠ) (Fixed) (Total:78.12 GB) (Free:20.99 GB) NTFS
Drive e: (DATA II) (Fixed) (Total:1863.01 GB) (Free:359.31 GB) NTFS
Drive f: (DAVID) (Fixed) (Total:146.48 GB) (Free:142.14 GB) NTFS
Drive g: (DATA) (Fixed) (Total:1638.4 GB) (Free:309.19 GB) NTFS
Drive h: (SSD) (Fixed) (Total:111.79 GB) (Free:84.36 GB) NTFS
Drive i: (AE) (Fixed) (Total:119.24 GB) (Free:75.36 GB) NTFS
Drive j: (Chia) (Fixed) (Total:3725.99 GB) (Free:76.4 GB) NTFS
Drive k: (SSD 1TB) (Fixed) (Total:953.87 GB) (Free:451.42 GB) NTFS

\\?\Volume{609ec42c-0000-0000-0080-000000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{947c07af-575c-588f-8330-9332f450bc9d}\ () (Fixed) (Total:41.56 GB) (Free:0 GB) NTFS
\\?\Volume{7e8a192f-53d3-82e6-50ae-cf7d7e7f54d7}\ () (Fixed) (Total:1.12 GB) (Free:0 GB) NTFS
\\?\Volume{609ec42c-0000-0000-0000-804e74000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 609EC42C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=545 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: F41F2085)
Partition 1: (Active) - (Size=119.2 GB) - (Type=42)
Partition 2: (Not Active) - (Size=313 KB) - (Type=42)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 339FA51A)
Partition 1: (Not Active) - (Size=78.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1638.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B37CEE99)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: EB4C3A42)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 59C77ABE)
Partition 1: (Not Active) - (Size=953.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 6 (Size: 3726 GB) (Disk ID: 16F2A91F)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 7.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 8.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 114587
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola po spuštění fake aplikace (Phishing)

#9 Příspěvek od Rudy »

OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.93\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [294]
AlternateDataStreams: C:\Users\winki\Desktop\Metro: 2033 Redux.url [269]
FirewallRules: [UDP Query User{712E6954-992E-4ADE-872E-401F36F95A9E}A:0\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) A:0\users\winki\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [TCP Query User{4E9BC4ED-1BED-4EFF-BDF9-3B0CB75BBC59}A:0\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) A:0\users\winki\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [{551C27F3-3016-49B0-ABE1-D54834201848}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.0\ABService.exe => No File
FirewallRules: [{91AB568A-6D21-476A-80F0-C73A3989D3F7}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.0\ABService.exe => No File
FirewallRules: [UDP Query User{35861AA1-490B-4515-B118-78A1F3AB0C1C}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [TCP Query User{E226A334-7229-4576-8693-9CDA80D512A1}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [UDP Query User{2EB280D9-7230-411C-B0A8-473AEE45209E}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [TCP Query User{61A9A55B-1C87-40B7-AF4C-3CA21FA3E964}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [{DF2E0085-55DC-43EB-A72A-04A6B40178DA}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{974A3A82-8203-49D8-B4AE-50934E756C60}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [UDP Query User{A5F04EF0-884C-4754-9A17-C72F9C6BCCA9}D:\games\city car driving\bin\win32\starter.exe] => (Block) D:\games\city car driving\bin\win32\starter.exe => No File
FirewallRules: [TCP Query User{FA056E0D-F5EB-4C31-B5CC-B241F3912E94}D:\games\city car driving\bin\win32\starter.exe] => (Block) D:\games\city car driving\bin\win32\starter.exe => No File
FirewallRules: [UDP Query User{4E5FD0AA-C28F-4B5D-96FB-90D855D0EFF7}E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{026527F2-C00B-4784-8404-298E56142F81}E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{7391A361-D1D0-4479-BFCD-344566ACCE06}E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{E17268C9-0DAF-4DB1-B93D-43C22D2739EE}E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{EE171875-6B91-4028-B430-14B53C699ADD}E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{C55BAC28-86FD-4DC6-AFAA-6D35DF8186F9}E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{D9718FCE-94D5-4254-B194-7F90CE057566}I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{3D35A7A2-382D-4477-BDC8-227532AC2F6A}I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{2D891445-E443-46E9-96F9-8C0ABA05D396}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{67A4408F-681D-4AB1-96D9-429DBBA515EC}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{353FC105-B594-4FA7-A80A-7631AE5418AA}] => (Allow) E:\UPLAY Game\Assassin's Creed Valhalla\ACValhalla_Plus.exe => No File
FirewallRules: [TCP Query User{6C532995-BF06-4F25-837F-257347D0C454}E:\uplay game\anno 1800\bin\win64\anno1800_plus.exe] => (Allow) E:\uplay game\anno 1800\bin\win64\anno1800_plus.exe => No File
FirewallRules: [{DE09F60F-5EEF-4CE2-A89A-BBA62BFF1E5C}] => (Allow) E:\UPLAY Game\Anno 1800\Bin\Win64\Anno1800.exe => No File
FirewallRules: [{7D451BEF-9906-41D7-9E6D-2570E2E96285}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{939EA703-6FBB-4334-BF1E-185A556DE519}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{73C8EE0F-1A90-4848-9D31-E4ECE7990A9D}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{F72C7959-10DF-4337-BBDD-2194573B79B9}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{7FCA6964-66E2-46B8-B68B-3B0DA03C93EE}] => (Allow) E:\Hry\Trackmania\trackmania.exe => No File
FirewallRules: [{E4A72B79-FD00-47AF-BA82-7AE5BE5DE867}] => (Allow) E:\Hry\Trackmania\trackmania.exe => No File
FirewallRules: [UDP Query User{0A76A6D9-0CB6-4BAC-8674-F195C9A31E24}E:\hry\good.company.early.access\good company\goodcompany.exe] => (Block) E:\hry\good.company.early.access\good company\goodcompany.exe => No File
FirewallRules: [TCP Query User{34360024-7DB3-4A92-AF2A-B9E9D3C027A7}E:\hry\good.company.early.access\good company\goodcompany.exe] => (Block) E:\hry\good.company.early.access\good company\goodcompany.exe => No File
FirewallRules: [UDP Query User{A72D0A3F-576B-4D07-971E-DC7677454E8A}E:\battle net\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{FEB3AFA8-7D37-4365-BCA1-76D14B24FC6D}E:\battle net\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{0DB031E1-A8F1-4E03-A5B1-65400B89BBC0}G:\origin\download\fifa 20\fifa20.exe] => (Allow) G:\origin\download\fifa 20\fifa20.exe => No File
FirewallRules: [TCP Query User{273C28A2-D4DD-4C92-9D8B-F5AD9B6C511A}G:\origin\download\fifa 20\fifa20.exe] => (Allow) G:\origin\download\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{0FA6194E-FDAC-413A-86D9-E17EE36B0318}E:\hry\rebel inc escalation\rebel inc. escalation.exe] => (Allow) E:\hry\rebel inc escalation\rebel inc. escalation.exe => No File
FirewallRules: [TCP Query User{A970B428-E095-4A68-8911-F5C09CBA6433}E:\hry\rebel inc escalation\rebel inc. escalation.exe] => (Allow) E:\hry\rebel inc escalation\rebel inc. escalation.exe => No File
FirewallRules: [UDP Query User{649EBA64-1A17-48DB-805B-F82A1EBD1A3C}E:\battle net\hearthstone\hearthstone.exe] => (Allow) E:\battle net\hearthstone\hearthstone.exe => No File
FirewallRules: [TCP Query User{C5B4F4CE-312B-415A-941F-1AAD4527384B}E:\battle net\hearthstone\hearthstone.exe] => (Allow) E:\battle net\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{FD7FE6C4-C79B-4903-9EFC-B9628B6AA1F2}E:\battle net\call of duty modern warfare beta\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare beta\modernwarfare.exe => No File
FirewallRules: [TCP Query User{EFD94769-A765-4D5F-87BB-32626B5DB5F3}E:\battle net\call of duty modern warfare beta\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare beta\modernwarfare.exe => No File
FirewallRules: [UDP Query User{859BD477-FDCF-4D97-A669-408AFFA82CF1}E:\origin\fifa 20 demo\fifa20_demo.exe] => (Allow) E:\origin\fifa 20 demo\fifa20_demo.exe => No File
FirewallRules: [TCP Query User{508A4D26-B581-44B2-AB0D-2C4983C538FF}E:\origin\fifa 20 demo\fifa20_demo.exe] => (Allow) E:\origin\fifa 20 demo\fifa20_demo.exe => No File
FirewallRules: [UDP Query User{F3D96B2D-7276-46B8-B8D0-2B546FFCD0E8}E:\origin\fifa 18 demo\fifa18_demo.exe] => (Block) E:\origin\fifa 18 demo\fifa18_demo.exe => No File
FirewallRules: [TCP Query User{1D9494D8-42B6-49DA-9FC0-35F2CD7EAE34}E:\origin\fifa 18 demo\fifa18_demo.exe] => (Block) E:\origin\fifa 18 demo\fifa18_demo.exe => No File
FirewallRules: [{44C6BDC9-F009-4B7C-8988-39DA80968A24}] => (Allow) G:\STEAM Library\SteamApps\common\Project CARS 2\pCARS2.exe => No File
FirewallRules: [{279792C2-FDCF-43A5-A52C-94420DF28B0E}] => (Allow) G:\STEAM Library\SteamApps\common\Project CARS 2\pCARS2.exe => No File
FirewallRules: [{70B595F0-5A7F-4EB2-97CF-051429540B3E}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{696DDBBA-0E13-4E84-A7B1-14BE80F22C71}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{3E0D6E26-D68E-4FEC-A40B-AE1D7DAB2E18}] => (Allow) G:\STEAM Library\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe => No File
FirewallRules: [{F3919D95-47EB-4926-9181-D6ED4F2511D1}] => (Allow) G:\STEAM Library\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe => No File
FirewallRules: [UDP Query User{8B58F83A-B5BA-46EB-9B82-BAF2D42DCDE8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [TCP Query User{E0A647E0-7A9E-4B4C-BB3F-D4EDA7C4629E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [{EFE5EEA6-2333-4400-B2F6-01C23023BAB9}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{F91CC537-8729-404D-9538-8EB360472777}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe => No File
FirewallRules: [{7BAC759C-0383-4869-8460-7E39C0867411}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe => No File
FirewallRules: [{D6326257-FE76-4E23-86AE-6F6FC96F4FFA}] => (Allow) G:\STEAM Library\SteamApps\common\Farm Frenzy Collection\FarmFrenzyMegaPack.exe => No File
FirewallRules: [{B277E5A3-EA94-49D7-84A1-2971BF8E441D}] => (Allow) G:\STEAM Library\SteamApps\common\Farm Frenzy Collection\FarmFrenzyMegaPack.exe => No File
FirewallRules: [UDP Query User{3B042E80-EF41-4180-9231-0CD57C64EB22}G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{96732A90-2CB3-4F66-AF08-67107EC465EA}G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{5FB29185-3694-4A3D-A5EC-7A94E686DE36}] => (Allow) G:\STEAM Library\SteamApps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{33C65872-C67B-45A9-8C50-A78C24835A46}] => (Allow) G:\STEAM Library\SteamApps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{D73785E6-F57E-4BB3-8E14-28658E56A164}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3950A9A0-3AEB-45E2-918A-CD5A2E1E7DB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2C2F5385-3762-4692-8FE3-39892BB0DB0A}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{D0548856-DD0B-4974-B77D-ABF9FC101DCF}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{A22787EB-FE2E-4490-8F2C-532C37D9C571}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1.exe => No File
FirewallRules: [{4AE780DE-58DE-425E-8602-F394D398E881}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1.exe => No File
FirewallRules: [TCP Query User{5733D149-3032-448F-A321-CE3F6F7A7071}G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{629C5957-8A9F-4ACE-867F-B6F52A6F304F}G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{0BA9BC29-DF64-42CB-BD0B-FB0B15853978}] => (Allow) G:\STEAM Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [{08E7DBBC-9BC6-47B4-AA38-D339B27C4DA1}] => (Allow) G:\STEAM Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
irewallRules: [TCP Query User{A20F4D63-C417-4B42-9350-4C4E1A5D1A33}D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{CE3D5D18-7BE1-47F1-935A-745F0A4D4546}D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe => No File
FirewallRules: [{3F5D9630-D9B7-46F5-ABDC-D067A7F89DAF}] => (Allow) G:\STEAM Library\SteamApps\common\Football Tactics Demo\game.exe => No File
FirewallRules: [{4BDB7126-F233-4EF4-8598-3F65B0676AA6}] => (Allow) G:\STEAM Library\SteamApps\common\Football Tactics Demo\game.exe => No File
FirewallRules: [{16722EAD-07E5-4537-A614-69CC3AA25550}] => (Allow) G:\STEAM Library\SteamApps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{DE9FB1E8-DCEC-45A4-9B41-9F50EC2F9B99}] => (Allow) G:\STEAM Library\SteamApps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{E589E35C-F7BD-44D1-833C-4E3954174AEC}] => (Allow) G:\STEAM Library\SteamApps\common\Desperados Wanted Dead or Alive\desperados.exe => No File
FirewallRules: [{AE5340C3-D8B5-487D-8569-521B1C3B9923}] => (Allow) G:\STEAM Library\SteamApps\common\Desperados Wanted Dead or Alive\desperados.exe => No File
FirewallRules: [TCP Query User{0194A920-600A-4472-913E-A3ABD71CF2EC}G:\hry\foundation.early.access\foundation\foundation.exe] => (Allow) G:\hry\foundation.early.access\foundation\foundation.exe => No File
FirewallRules: [UDP Query User{D432268D-8DDE-40F8-99FB-DC26DA5C884E}G:\hry\foundation.early.access\foundation\foundation.exe] => (Allow) G:\hry\foundation.early.access\foundation\foundation.exe => No File
FirewallRules: [{8F851BC9-D613-44AE-869C-E9E4598AA0D8}] => (Allow) G:\STEAM Library\SteamApps\common\Production Line\ProductionLine.exe => No File
FirewallRules: [{87719851-FD60-4E1C-9A04-DCE31E864214}] => (Allow) G:\STEAM Library\SteamApps\common\Production Line\ProductionLine.exe => No File
FirewallRules: [{DB7DF9CB-7F3D-42DF-930C-70651C48FC6A}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{E267FE67-09EF-4BC4-AB3B-A099D807C552}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [TCP Query User{AC134181-674B-442D-81D7-B3CB2AAF17F8}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [UDP Query User{BC36A58E-76F7-405D-B77A-972F99353008}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [TCP Query User{7567D16C-3206-4164-A56C-8BD4B68F62CA}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [UDP Query User{B72672E9-CAD8-44E4-A015-17EDB189A6A6}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [TCP Query User{481C4EF9-CB4C-4D59-A208-22D177D94059}K:7\flightsimulator.exe] => (Allow) K:7\flightsimulator.exe => No File
FirewallRules: [UDP Query User{1AE3EB92-EC85-4663-AB44-BCD7E3B33C60}K:7\flightsimulator.exe] => (Allow) K:7\flightsimulator.exe => No File
FirewallRules: [TCP Query User{B8C2CD7F-6B67-4986-8FBD-C29C69AE4EDF}H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{3D8159EC-4410-46E0-A1BA-7EB0D34E0C8F}H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{94BBD6BB-F129-4DDD-8F6D-FFBE380EADF5}H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe] => (Allow) H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{3C876C09-1C34-4394-81CD-38263710CA4E}H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe] => (Allow) H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\MountPoints2: {51189c54-fea3-11e6-84cd-d43d7ebdf362} - "L:\setup.exe"
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\MountPoints2: {51189c68-fea3-11e6-84cd-d43d7ebdf362} - "M:\setup.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {688B931F-ABB5-4F77-92D3-18F4F7A3D913} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS\AutoKMS.exe
Task: {B13AE8B6-9ACC-4FA3-A220-D79E3300EA89} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA => C:\Users\winki\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-02-26] (Google Inc -> Google Inc.)
Task: {BB0935CC-BD63-464F-886F-D1CC7280830E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {BBA3FD37-275D-4B33-A946-D68E471B46A1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core => C:\Users\winki\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-02-26] (Google Inc -> Google Inc.)
Task: {D59A6508-6049-4F6C-802D-3047A26F7FE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {FD3D6E59-19D1-4E34-A813-430D0A075BBA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End
Uložte do C:\Users\winki\Desktop\FRST-OlderVersion jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

windyOMG
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 03 úno 2017 17:29

Re: Kontrola po spuštění fake aplikace (Phishing)

#10 Příspěvek od windyOMG »

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-10-2021
Ran by winki (12-10-2021 00:10:48) Run:1
Running from C:\Users\winki\Desktop\FRST-OlderVersion
Loaded Profiles: defaultuser0 & winki
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.93\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\winki\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [294]
AlternateDataStreams: C:\Users\winki\Desktop\Metro: 2033 Redux.url [269]
FirewallRules: [UDP Query User{712E6954-992E-4ADE-872E-401F36F95A9E}A:0\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) A:0\users\winki\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [TCP Query User{4E9BC4ED-1BED-4EFF-BDF9-3B0CB75BBC59}A:0\users\winki\appdata\local\google\chrome\application\chrome.exe] => (Allow) A:0\users\winki\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [{551C27F3-3016-49B0-ABE1-D54834201848}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.0\ABService.exe => No File
FirewallRules: [{91AB568A-6D21-476A-80F0-C73A3989D3F7}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.0\ABService.exe => No File
FirewallRules: [UDP Query User{35861AA1-490B-4515-B118-78A1F3AB0C1C}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [TCP Query User{E226A334-7229-4576-8693-9CDA80D512A1}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [UDP Query User{2EB280D9-7230-411C-B0A8-473AEE45209E}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [TCP Query User{61A9A55B-1C87-40B7-AF4C-3CA21FA3E964}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [{DF2E0085-55DC-43EB-A72A-04A6B40178DA}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{974A3A82-8203-49D8-B4AE-50934E756C60}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe => No File
FirewallRules: [UDP Query User{A5F04EF0-884C-4754-9A17-C72F9C6BCCA9}D:\games\city car driving\bin\win32\starter.exe] => (Block) D:\games\city car driving\bin\win32\starter.exe => No File
FirewallRules: [TCP Query User{FA056E0D-F5EB-4C31-B5CC-B241F3912E94}D:\games\city car driving\bin\win32\starter.exe] => (Block) D:\games\city car driving\bin\win32\starter.exe => No File
FirewallRules: [UDP Query User{4E5FD0AA-C28F-4B5D-96FB-90D855D0EFF7}E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{026527F2-C00B-4784-8404-298E56142F81}E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{7391A361-D1D0-4479-BFCD-344566ACCE06}E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{E17268C9-0DAF-4DB1-B93D-43C22D2739EE}E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe] => (Block) E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{EE171875-6B91-4028-B430-14B53C699ADD}E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{C55BAC28-86FD-4DC6-AFAA-6D35DF8186F9}E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{D9718FCE-94D5-4254-B194-7F90CE057566}I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{3D35A7A2-382D-4477-BDC8-227532AC2F6A}I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{2D891445-E443-46E9-96F9-8C0ABA05D396}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{67A4408F-681D-4AB1-96D9-429DBBA515EC}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{353FC105-B594-4FA7-A80A-7631AE5418AA}] => (Allow) E:\UPLAY Game\Assassin's Creed Valhalla\ACValhalla_Plus.exe => No File
FirewallRules: [TCP Query User{6C532995-BF06-4F25-837F-257347D0C454}E:\uplay game\anno 1800\bin\win64\anno1800_plus.exe] => (Allow) E:\uplay game\anno 1800\bin\win64\anno1800_plus.exe => No File
FirewallRules: [{DE09F60F-5EEF-4CE2-A89A-BBA62BFF1E5C}] => (Allow) E:\UPLAY Game\Anno 1800\Bin\Win64\Anno1800.exe => No File
FirewallRules: [{7D451BEF-9906-41D7-9E6D-2570E2E96285}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{939EA703-6FBB-4334-BF1E-185A556DE519}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{73C8EE0F-1A90-4848-9D31-E4ECE7990A9D}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{F72C7959-10DF-4337-BBDD-2194573B79B9}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{7FCA6964-66E2-46B8-B68B-3B0DA03C93EE}] => (Allow) E:\Hry\Trackmania\trackmania.exe => No File
FirewallRules: [{E4A72B79-FD00-47AF-BA82-7AE5BE5DE867}] => (Allow) E:\Hry\Trackmania\trackmania.exe => No File
FirewallRules: [UDP Query User{0A76A6D9-0CB6-4BAC-8674-F195C9A31E24}E:\hry\good.company.early.access\good company\goodcompany.exe] => (Block) E:\hry\good.company.early.access\good company\goodcompany.exe => No File
FirewallRules: [TCP Query User{34360024-7DB3-4A92-AF2A-B9E9D3C027A7}E:\hry\good.company.early.access\good company\goodcompany.exe] => (Block) E:\hry\good.company.early.access\good company\goodcompany.exe => No File
FirewallRules: [UDP Query User{A72D0A3F-576B-4D07-971E-DC7677454E8A}E:\battle net\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{FEB3AFA8-7D37-4365-BCA1-76D14B24FC6D}E:\battle net\call of duty modern warfare\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{0DB031E1-A8F1-4E03-A5B1-65400B89BBC0}G:\origin\download\fifa 20\fifa20.exe] => (Allow) G:\origin\download\fifa 20\fifa20.exe => No File
FirewallRules: [TCP Query User{273C28A2-D4DD-4C92-9D8B-F5AD9B6C511A}G:\origin\download\fifa 20\fifa20.exe] => (Allow) G:\origin\download\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{0FA6194E-FDAC-413A-86D9-E17EE36B0318}E:\hry\rebel inc escalation\rebel inc. escalation.exe] => (Allow) E:\hry\rebel inc escalation\rebel inc. escalation.exe => No File
FirewallRules: [TCP Query User{A970B428-E095-4A68-8911-F5C09CBA6433}E:\hry\rebel inc escalation\rebel inc. escalation.exe] => (Allow) E:\hry\rebel inc escalation\rebel inc. escalation.exe => No File
FirewallRules: [UDP Query User{649EBA64-1A17-48DB-805B-F82A1EBD1A3C}E:\battle net\hearthstone\hearthstone.exe] => (Allow) E:\battle net\hearthstone\hearthstone.exe => No File
FirewallRules: [TCP Query User{C5B4F4CE-312B-415A-941F-1AAD4527384B}E:\battle net\hearthstone\hearthstone.exe] => (Allow) E:\battle net\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{FD7FE6C4-C79B-4903-9EFC-B9628B6AA1F2}E:\battle net\call of duty modern warfare beta\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare beta\modernwarfare.exe => No File
FirewallRules: [TCP Query User{EFD94769-A765-4D5F-87BB-32626B5DB5F3}E:\battle net\call of duty modern warfare beta\modernwarfare.exe] => (Allow) E:\battle net\call of duty modern warfare beta\modernwarfare.exe => No File
FirewallRules: [UDP Query User{859BD477-FDCF-4D97-A669-408AFFA82CF1}E:\origin\fifa 20 demo\fifa20_demo.exe] => (Allow) E:\origin\fifa 20 demo\fifa20_demo.exe => No File
FirewallRules: [TCP Query User{508A4D26-B581-44B2-AB0D-2C4983C538FF}E:\origin\fifa 20 demo\fifa20_demo.exe] => (Allow) E:\origin\fifa 20 demo\fifa20_demo.exe => No File
FirewallRules: [UDP Query User{F3D96B2D-7276-46B8-B8D0-2B546FFCD0E8}E:\origin\fifa 18 demo\fifa18_demo.exe] => (Block) E:\origin\fifa 18 demo\fifa18_demo.exe => No File
FirewallRules: [TCP Query User{1D9494D8-42B6-49DA-9FC0-35F2CD7EAE34}E:\origin\fifa 18 demo\fifa18_demo.exe] => (Block) E:\origin\fifa 18 demo\fifa18_demo.exe => No File
FirewallRules: [{44C6BDC9-F009-4B7C-8988-39DA80968A24}] => (Allow) G:\STEAM Library\SteamApps\common\Project CARS 2\pCARS2.exe => No File
FirewallRules: [{279792C2-FDCF-43A5-A52C-94420DF28B0E}] => (Allow) G:\STEAM Library\SteamApps\common\Project CARS 2\pCARS2.exe => No File
FirewallRules: [{70B595F0-5A7F-4EB2-97CF-051429540B3E}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{696DDBBA-0E13-4E84-A7B1-14BE80F22C71}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{3E0D6E26-D68E-4FEC-A40B-AE1D7DAB2E18}] => (Allow) G:\STEAM Library\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe => No File
FirewallRules: [{F3919D95-47EB-4926-9181-D6ED4F2511D1}] => (Allow) G:\STEAM Library\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp_server.exe => No File
FirewallRules: [UDP Query User{8B58F83A-B5BA-46EB-9B82-BAF2D42DCDE8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [TCP Query User{E0A647E0-7A9E-4B4C-BB3F-D4EDA7C4629E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe => No File
FirewallRules: [{EFE5EEA6-2333-4400-B2F6-01C23023BAB9}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe => No File
FirewallRules: [{F91CC537-8729-404D-9538-8EB360472777}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe => No File
FirewallRules: [{7BAC759C-0383-4869-8460-7E39C0867411}] => (Allow) G:\STEAM Library\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe => No File
FirewallRules: [{D6326257-FE76-4E23-86AE-6F6FC96F4FFA}] => (Allow) G:\STEAM Library\SteamApps\common\Farm Frenzy Collection\FarmFrenzyMegaPack.exe => No File
FirewallRules: [{B277E5A3-EA94-49D7-84A1-2971BF8E441D}] => (Allow) G:\STEAM Library\SteamApps\common\Farm Frenzy Collection\FarmFrenzyMegaPack.exe => No File
FirewallRules: [UDP Query User{3B042E80-EF41-4180-9231-0CD57C64EB22}G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{96732A90-2CB3-4F66-AF08-67107EC465EA}G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{5FB29185-3694-4A3D-A5EC-7A94E686DE36}] => (Allow) G:\STEAM Library\SteamApps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{33C65872-C67B-45A9-8C50-A78C24835A46}] => (Allow) G:\STEAM Library\SteamApps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{D73785E6-F57E-4BB3-8E14-28658E56A164}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3950A9A0-3AEB-45E2-918A-CD5A2E1E7DB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2C2F5385-3762-4692-8FE3-39892BB0DB0A}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{D0548856-DD0B-4974-B77D-ABF9FC101DCF}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{A22787EB-FE2E-4490-8F2C-532C37D9C571}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1.exe => No File
FirewallRules: [{4AE780DE-58DE-425E-8602-F394D398E881}] => (Allow) G:\ORIGIN\DOWNLOAD\Battlefield 1\bf1.exe => No File
FirewallRules: [TCP Query User{5733D149-3032-448F-A321-CE3F6F7A7071}G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{629C5957-8A9F-4ACE-867F-B6F52A6F304F}G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{0BA9BC29-DF64-42CB-BD0B-FB0B15853978}] => (Allow) G:\STEAM Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
FirewallRules: [{08E7DBBC-9BC6-47B4-AA38-D339B27C4DA1}] => (Allow) G:\STEAM Library\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => No File
irewallRules: [TCP Query User{A20F4D63-C417-4B42-9350-4C4E1A5D1A33}D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{CE3D5D18-7BE1-47F1-935A-745F0A4D4546}D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe => No File
FirewallRules: [{3F5D9630-D9B7-46F5-ABDC-D067A7F89DAF}] => (Allow) G:\STEAM Library\SteamApps\common\Football Tactics Demo\game.exe => No File
FirewallRules: [{4BDB7126-F233-4EF4-8598-3F65B0676AA6}] => (Allow) G:\STEAM Library\SteamApps\common\Football Tactics Demo\game.exe => No File
FirewallRules: [{16722EAD-07E5-4537-A614-69CC3AA25550}] => (Allow) G:\STEAM Library\SteamApps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{DE9FB1E8-DCEC-45A4-9B41-9F50EC2F9B99}] => (Allow) G:\STEAM Library\SteamApps\common\FarCry5\bin\ArcadeEditor64.exe => No File
FirewallRules: [{E589E35C-F7BD-44D1-833C-4E3954174AEC}] => (Allow) G:\STEAM Library\SteamApps\common\Desperados Wanted Dead or Alive\desperados.exe => No File
FirewallRules: [{AE5340C3-D8B5-487D-8569-521B1C3B9923}] => (Allow) G:\STEAM Library\SteamApps\common\Desperados Wanted Dead or Alive\desperados.exe => No File
FirewallRules: [TCP Query User{0194A920-600A-4472-913E-A3ABD71CF2EC}G:\hry\foundation.early.access\foundation\foundation.exe] => (Allow) G:\hry\foundation.early.access\foundation\foundation.exe => No File
FirewallRules: [UDP Query User{D432268D-8DDE-40F8-99FB-DC26DA5C884E}G:\hry\foundation.early.access\foundation\foundation.exe] => (Allow) G:\hry\foundation.early.access\foundation\foundation.exe => No File
FirewallRules: [{8F851BC9-D613-44AE-869C-E9E4598AA0D8}] => (Allow) G:\STEAM Library\SteamApps\common\Production Line\ProductionLine.exe => No File
FirewallRules: [{87719851-FD60-4E1C-9A04-DCE31E864214}] => (Allow) G:\STEAM Library\SteamApps\common\Production Line\ProductionLine.exe => No File
FirewallRules: [{DB7DF9CB-7F3D-42DF-930C-70651C48FC6A}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{E267FE67-09EF-4BC4-AB3B-A099D807C552}] => (Allow) G:\STEAM Library\SteamApps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [TCP Query User{AC134181-674B-442D-81D7-B3CB2AAF17F8}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [UDP Query User{BC36A58E-76F7-405D-B77A-972F99353008}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [TCP Query User{7567D16C-3206-4164-A56C-8BD4B68F62CA}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [UDP Query User{B72672E9-CAD8-44E4-A015-17EDB189A6A6}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe] => (Allow) C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe => No File
FirewallRules: [TCP Query User{481C4EF9-CB4C-4D59-A208-22D177D94059}K:7\flightsimulator.exe] => (Allow) K:7\flightsimulator.exe => No File
FirewallRules: [UDP Query User{1AE3EB92-EC85-4663-AB44-BCD7E3B33C60}K:7\flightsimulator.exe] => (Allow) K:7\flightsimulator.exe => No File
FirewallRules: [TCP Query User{B8C2CD7F-6B67-4986-8FBD-C29C69AE4EDF}H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{3D8159EC-4410-46E0-A1BA-7EB0D34E0C8F}H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{94BBD6BB-F129-4DDD-8F6D-FFBE380EADF5}H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe] => (Allow) H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe => No File
FirewallRules: [UDP Query User{3C876C09-1C34-4394-81CD-38263710CA4E}H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe] => (Allow) H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\MountPoints2: {51189c54-fea3-11e6-84cd-d43d7ebdf362} - "L:\setup.exe"
HKU\S-1-5-21-116116240-444440880-2871013289-1001\...\MountPoints2: {51189c68-fea3-11e6-84cd-d43d7ebdf362} - "M:\setup.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {688B931F-ABB5-4F77-92D3-18F4F7A3D913} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS\AutoKMS.exe
Task: {B13AE8B6-9ACC-4FA3-A220-D79E3300EA89} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA => C:\Users\winki\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-02-26] (Google Inc -> Google Inc.)
Task: {BB0935CC-BD63-464F-886F-D1CC7280830E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {BBA3FD37-275D-4B33-A946-D68E471B46A1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core => C:\Users\winki\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-02-26] (Google Inc -> Google Inc.)
Task: {D59A6508-6049-4F6C-802D-3047A26F7FE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-15] (Google Inc -> Google Inc.)
Task: {FD3D6E59-19D1-4E34-A813-430D0A075BBA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
C:\ProgramData\TEMP => ":4FC01C57" ADS removed successfully
C:\Users\winki\Desktop\Metro => ": 2033 Redux.url" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{712E6954-992E-4ADE-872E-401F36F95A9E}A:0\users\winki\appdata\local\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4E9BC4ED-1BED-4EFF-BDF9-3B0CB75BBC59}A:0\users\winki\appdata\local\google\chrome\application\chrome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{551C27F3-3016-49B0-ABE1-D54834201848}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91AB568A-6D21-476A-80F0-C73A3989D3F7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{35861AA1-490B-4515-B118-78A1F3AB0C1C}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E226A334-7229-4576-8693-9CDA80D512A1}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_farmer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2EB280D9-7230-411C-B0A8-473AEE45209E}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{61A9A55B-1C87-40B7-AF4C-3CA21FA3E964}C:\users\winki\appdata\local\chia-blockchain\app-1.1.4\resources\app.asar.unpacked\daemon\start_full_node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF2E0085-55DC-43EB-A72A-04A6B40178DA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{974A3A82-8203-49D8-B4AE-50934E756C60}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A5F04EF0-884C-4754-9A17-C72F9C6BCCA9}D:\games\city car driving\bin\win32\starter.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FA056E0D-F5EB-4C31-B5CC-B241F3912E94}D:\games\city car driving\bin\win32\starter.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4E5FD0AA-C28F-4B5D-96FB-90D855D0EFF7}E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{026527F2-C00B-4784-8404-298E56142F81}E:\hry\instal\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7391A361-D1D0-4479-BFCD-344566ACCE06}E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E17268C9-0DAF-4DB1-B93D-43C22D2739EE}E:\hry\instal\the sims 4 snowy escape\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EE171875-6B91-4028-B430-14B53C699ADD}E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C55BAC28-86FD-4DC6-AFAA-6D35DF8186F9}E:\hry\instal\instal\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D9718FCE-94D5-4254-B194-7F90CE057566}I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3D35A7A2-382D-4477-BDC8-227532AC2F6A}I:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D891445-E443-46E9-96F9-8C0ABA05D396}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{67A4408F-681D-4AB1-96D9-429DBBA515EC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{353FC105-B594-4FA7-A80A-7631AE5418AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6C532995-BF06-4F25-837F-257347D0C454}E:\uplay game\anno 1800\bin\win64\anno1800_plus.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE09F60F-5EEF-4CE2-A89A-BBA62BFF1E5C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D451BEF-9906-41D7-9E6D-2570E2E96285}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{939EA703-6FBB-4334-BF1E-185A556DE519}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73C8EE0F-1A90-4848-9D31-E4ECE7990A9D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F72C7959-10DF-4337-BBDD-2194573B79B9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7FCA6964-66E2-46B8-B68B-3B0DA03C93EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E4A72B79-FD00-47AF-BA82-7AE5BE5DE867}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0A76A6D9-0CB6-4BAC-8674-F195C9A31E24}E:\hry\good.company.early.access\good company\goodcompany.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{34360024-7DB3-4A92-AF2A-B9E9D3C027A7}E:\hry\good.company.early.access\good company\goodcompany.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A72D0A3F-576B-4D07-971E-DC7677454E8A}E:\battle net\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FEB3AFA8-7D37-4365-BCA1-76D14B24FC6D}E:\battle net\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0DB031E1-A8F1-4E03-A5B1-65400B89BBC0}G:\origin\download\fifa 20\fifa20.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{273C28A2-D4DD-4C92-9D8B-F5AD9B6C511A}G:\origin\download\fifa 20\fifa20.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0FA6194E-FDAC-413A-86D9-E17EE36B0318}E:\hry\rebel inc escalation\rebel inc. escalation.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A970B428-E095-4A68-8911-F5C09CBA6433}E:\hry\rebel inc escalation\rebel inc. escalation.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{649EBA64-1A17-48DB-805B-F82A1EBD1A3C}E:\battle net\hearthstone\hearthstone.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C5B4F4CE-312B-415A-941F-1AAD4527384B}E:\battle net\hearthstone\hearthstone.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FD7FE6C4-C79B-4903-9EFC-B9628B6AA1F2}E:\battle net\call of duty modern warfare beta\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EFD94769-A765-4D5F-87BB-32626B5DB5F3}E:\battle net\call of duty modern warfare beta\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{859BD477-FDCF-4D97-A669-408AFFA82CF1}E:\origin\fifa 20 demo\fifa20_demo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{508A4D26-B581-44B2-AB0D-2C4983C538FF}E:\origin\fifa 20 demo\fifa20_demo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F3D96B2D-7276-46B8-B8D0-2B546FFCD0E8}E:\origin\fifa 18 demo\fifa18_demo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1D9494D8-42B6-49DA-9FC0-35F2CD7EAE34}E:\origin\fifa 18 demo\fifa18_demo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44C6BDC9-F009-4B7C-8988-39DA80968A24}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{279792C2-FDCF-43A5-A52C-94420DF28B0E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70B595F0-5A7F-4EB2-97CF-051429540B3E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{696DDBBA-0E13-4E84-A7B1-14BE80F22C71}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E0D6E26-D68E-4FEC-A40B-AE1D7DAB2E18}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F3919D95-47EB-4926-9181-D6ED4F2511D1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8B58F83A-B5BA-46EB-9B82-BAF2D42DCDE8}C:\program files (x86)\mozilla firefox\firefox.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E0A647E0-7A9E-4B4C-BB3F-D4EDA7C4629E}C:\program files (x86)\mozilla firefox\firefox.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFE5EEA6-2333-4400-B2F6-01C23023BAB9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F91CC537-8729-404D-9538-8EB360472777}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BAC759C-0383-4869-8460-7E39C0867411}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6326257-FE76-4E23-86AE-6F6FC96F4FFA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B277E5A3-EA94-49D7-84A1-2971BF8E441D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3B042E80-EF41-4180-9231-0CD57C64EB22}G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{96732A90-2CB3-4F66-AF08-67107EC465EA}G:\steam library\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5FB29185-3694-4A3D-A5EC-7A94E686DE36}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{33C65872-C67B-45A9-8C50-A78C24835A46}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D73785E6-F57E-4BB3-8E14-28658E56A164}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3950A9A0-3AEB-45E2-918A-CD5A2E1E7DB2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C2F5385-3762-4692-8FE3-39892BB0DB0A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0548856-DD0B-4974-B77D-ABF9FC101DCF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A22787EB-FE2E-4490-8F2C-532C37D9C571}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4AE780DE-58DE-425E-8602-F394D398E881}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5733D149-3032-448F-A321-CE3F6F7A7071}G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{629C5957-8A9F-4ACE-867F-B6F52A6F304F}G:\steam library\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BA9BC29-DF64-42CB-BD0B-FB0B15853978}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{08E7DBBC-9BC6-47B4-AA38-D339B27C4DA1}" => removed successfully
irewallRules: [TCP Query User{A20F4D63-C417-4B42-9350-4C4E1A5D1A33}D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Block) D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CE3D5D18-7BE1-47F1-935A-745F0A4D4546}D:\games\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F5D9630-D9B7-46F5-ABDC-D067A7F89DAF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BDB7126-F233-4EF4-8598-3F65B0676AA6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16722EAD-07E5-4537-A614-69CC3AA25550}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE9FB1E8-DCEC-45A4-9B41-9F50EC2F9B99}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E589E35C-F7BD-44D1-833C-4E3954174AEC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AE5340C3-D8B5-487D-8569-521B1C3B9923}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0194A920-600A-4472-913E-A3ABD71CF2EC}G:\hry\foundation.early.access\foundation\foundation.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D432268D-8DDE-40F8-99FB-DC26DA5C884E}G:\hry\foundation.early.access\foundation\foundation.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F851BC9-D613-44AE-869C-E9E4598AA0D8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87719851-FD60-4E1C-9A04-DCE31E864214}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB7DF9CB-7F3D-42DF-930C-70651C48FC6A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E267FE67-09EF-4BC4-AB3B-A099D807C552}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AC134181-674B-442D-81D7-B3CB2AAF17F8}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BC36A58E-76F7-405D-B77A-972F99353008}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7567D16C-3206-4164-A56C-8BD4B68F62CA}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B72672E9-CAD8-44E4-A015-17EDB189A6A6}C:\users\winki\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_full_node.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{481C4EF9-CB4C-4D59-A208-22D177D94059}K:7\flightsimulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1AE3EB92-EC85-4663-AB44-BCD7E3B33C60}K:7\flightsimulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B8C2CD7F-6B67-4986-8FBD-C29C69AE4EDF}H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3D8159EC-4410-46E0-A1BA-7EB0D34E0C8F}H:\games\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{94BBD6BB-F129-4DDD-8F6D-FFBE380EADF5}H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3C876C09-1C34-4394-81CD-38263710CA4E}H:\steamlibrary\steamapps\common\fifa 21\fifa21.exe" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{51189c54-fea3-11e6-84cd-d43d7ebdf362} => removed successfully
HKU\S-1-5-21-116116240-444440880-2871013289-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{51189c68-fea3-11e6-84cd-d43d7ebdf362} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{688B931F-ABB5-4F77-92D3-18F4F7A3D913}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{688B931F-ABB5-4F77-92D3-18F4F7A3D913}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"C:\Windows\AutoKMS\AutoKMS.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B13AE8B6-9ACC-4FA3-A220-D79E3300EA89}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B13AE8B6-9ACC-4FA3-A220-D79E3300EA89}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB0935CC-BD63-464F-886F-D1CC7280830E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB0935CC-BD63-464F-886F-D1CC7280830E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BBA3FD37-275D-4B33-A946-D68E471B46A1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BBA3FD37-275D-4B33-A946-D68E471B46A1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D59A6508-6049-4F6C-802D-3047A26F7FE1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D59A6508-6049-4F6C-802D-3047A26F7FE1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD3D6E59-19D1-4E34-A813-430D0A075BBA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD3D6E59-19D1-4E34-A813-430D0A075BBA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001UA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-116116240-444440880-2871013289-1001Core" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 2097152 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1942043916 B
Java, Flash, Steam htmlcache => 569984473 B
Windows/system/drivers => 62803488 B
Edge => 21504 B
Chrome => 1401880637 B
Firefox => 1247363318 B
Opera => 16873410 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 422218 B
systemprofile32 => 575892 B
LocalService => 592098 B
NetworkService => 612790 B
defaultuser0 => 612790 B
winki => 24180298525 B

RecycleBin => 59601 B
EmptyTemp: => 27.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:34:27 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 114587
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola po spuštění fake aplikace (Phishing)

#11 Příspěvek od Rudy »

Bylo smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

windyOMG
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 03 úno 2017 17:29

Re: Kontrola po spuštění fake aplikace (Phishing)

#12 Příspěvek od windyOMG »

díky

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 114587
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola po spuštění fake aplikace (Phishing)

#13 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno