Na Email mi chodi divné emaily bez odesilatele.

[mech50]

Dobrý vecer, v posledních dnech mi na email chodi zpravy od (neznamý odesilatel), menil jsem i heslo a nepomohlo, tak bych se chtěl ujistit, zda to neni zpusobeno nejakym virem v PC a je to pouze vec, kterou stači poslat do koše. Vadí mi, že email chodi normalne do schranky dorucene, nikoli spam. Mohl bych prosim poprosit o kontrolu logů?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Stanislav (administrator) on HRIBOVI (03-04-2019 19:00:56)
Running from C:\Users\Stanislav\Desktop
Loaded Profiles: Stanislav (Available Profiles: Stanislav & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0335076.inf_amd64_86bc242f42070102\B334840\atiesrxx.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0335076.inf_amd64_86bc242f42070102\B334840\atieclxx.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [177928 2019-03-15] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-20] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKU\S-1-5-21-3391450833-3303722570-559582778-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-3391450833-3303722570-559582778-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35179920 2019-03-28] (Epic Games Inc. -> Epic Games, Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.87.176.66 80.251.240.44
Tcpip\..\Interfaces\{0c60948a-1c98-4a93-896f-fdc3a542ea7b}: [DhcpNameServer] 80.87.176.66 80.251.240.44

Internet Explorer:
==================
HKU\S-1-5-21-3391450833-3303722570-559582778-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3391450833-3303722570-559582778-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-3391450833-3303722570-559582778-1000 -> {261DC589-8AD5-486D-BFC6-DE3E1C334675} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13554
SearchScopes: HKU\S-1-5-21-3391450833-3303722570-559582778-1000 -> {38E1B35A-A7D3-4C43-9234-E8C330C65747} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-3391450833-3303722570-559582778-1000 -> {4F8CAC52-08B6-4C9A-8AA4-16F96FC35A94} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13554
SearchScopes: HKU\S-1-5-21-3391450833-3303722570-559582778-1000 -> {5EA2E3CD-5A0B-455B-9410-23B3B6AA3834} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-3391450833-3303722570-559582778-1000 -> {7D5A893B-B605-4565-BDFF-36D21ECB9075} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-3391450833-3303722570-559582778-1000 -> {80ACA93D-55D5-4C84-BF27-AC7342FF6033} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-3391450833-3303722570-559582778-1000 -> {83E32759-8A76-4391-B81B-7C17742DF0F4} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13554
SearchScopes: HKU\S-1-5-21-3391450833-3303722570-559582778-1000 -> {982D6D6F-FEEF-4201-80B0-E17E9278B0C1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-3391450833-3303722570-559582778-1000 -> {C7C0A87B-7A5D-499E-AEB7-2E95478F9C3A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13554
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-09-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-09-20] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: idczboa7.default-1550085256698
FF ProfilePath: C:\Users\Stanislav\AppData\Roaming\Mozilla\Firefox\Profiles\idczboa7.default-1550085256698 [2019-04-03]
FF Extension: (AdBlock) - C:\Users\Stanislav\AppData\Roaming\Mozilla\Firefox\Profiles\idczboa7.default-1550085256698\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2019-03-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (Electronic Arts -> EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (Electronic Arts -> EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-09-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-09-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3391450833-3303722570-559582778-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Stanislav\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-03] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\Stanislav\AppData\Local\Google\Chrome\User Data\Default [2018-11-24]
CHR Extension: (Prezentace) - C:\Users\Stanislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-23]
CHR Extension: (Dokumenty) - C:\Users\Stanislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-23]
CHR Extension: (Disk Google) - C:\Users\Stanislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-23]
CHR Extension: (YouTube) - C:\Users\Stanislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-23]
CHR Extension: (Tabulky) - C:\Users\Stanislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-23]
CHR Extension: (Avira Browser Safety) - C:\Users\Stanislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-12-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Stanislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Stanislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-23]
CHR Extension: (Gmail) - C:\Users\Stanislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-23]
CHR Extension: (Chrome Media Router) - C:\Users\Stanislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0335076.inf_amd64_86bc242f42070102\B334840\atiesrxx.exe [508000 2018-10-25] (Advanced Micro Devices, Inc. -> AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-03-26] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-03-03] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-03-15] (ESET, spol. s r.o. -> ESET)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-20] (Logitech Inc -> Logitech Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2269504 2018-11-20] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3130184 2018-11-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75064 2017-06-03] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2017-06-03] (Even Balance, Inc. -> )
S4 Prime95 Service; C:\Program Files (x86)\Prime95\prime95.exe [4333568 2005-08-09] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0335076.inf_amd64_86bc242f42070102\B334840\atikmdag.sys [47503976 2018-10-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0335076.inf_amd64_86bc242f42070102\B334840\atikmpag.sys [589920 2018-10-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107496 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [145600 2019-03-15] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107744 2019-03-15] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188240 2019-03-15] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50280 2019-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82472 2019-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [110000 2019-03-15] (ESET, spol. s r.o. -> ESET)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45192 2017-10-20] (Logitech Inc -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-10-20] (Logitech Inc -> Logitech Inc.)
S3 nusb3hub; C:\WINDOWS\system32\drivers\nusb3hub.sys [80384 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 nusb3xhc; C:\WINDOWS\system32\drivers\nusb3xhc.sys [180736 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-08-08] (Realtek Semiconductor Corp -> Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-03 19:00 - 2019-04-03 19:02 - 000020249 _____ C:\Users\Stanislav\Desktop\FRST.txt
2019-04-03 18:58 - 2019-04-03 18:58 - 002434048 _____ (Farbar) C:\Users\Stanislav\Desktop\FRST64.exe
2019-03-30 18:12 - 2019-03-30 18:12 - 000000000 ____D C:\Users\Stanislav\AppData\LocalLow\TuneTheDev
2019-03-30 18:07 - 2019-03-30 18:07 - 000000222 _____ C:\Users\Stanislav\Desktop\Golf Galore.url
2019-03-27 21:23 - 2019-03-27 21:23 - 000000222 _____ C:\Users\Stanislav\Desktop\Hitman Absolution.url
2019-03-24 20:46 - 2019-03-24 20:48 - 000000000 ____D C:\Users\Stanislav\AppData\Roaming\Sekiro
2019-03-24 17:41 - 2019-03-24 17:41 - 000000222 _____ C:\Users\Stanislav\Desktop\Sekiro Shadows Die Twice.url
2019-03-17 22:08 - 2019-03-17 22:08 - 000000222 _____ C:\Users\Stanislav\Desktop\Business Tour - Online Multiplayer Board Game.url
2019-03-17 21:52 - 2019-03-17 21:52 - 000000000 ____D C:\Users\Stanislav\AppData\LocalLow\8floor
2019-03-15 15:46 - 2019-03-15 15:46 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2019-03-15 15:46 - 2019-03-15 15:46 - 000001258 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2019-03-15 15:44 - 2019-03-15 15:44 - 033652736 _____ C:\Users\Stanislav\Downloads\EpicInstaller-9.7.0-1ae8793905c8494ba9f3f1ed1a176087.msi
2019-03-10 13:22 - 2019-03-10 13:22 - 000000000 ____D C:\Users\Stanislav\AppData\Local\redout
2019-03-10 11:26 - 2019-03-10 11:26 - 000000222 _____ C:\Users\Stanislav\Desktop\Redout Enhanced Edition.url
2019-03-07 21:54 - 2019-03-07 21:54 - 000000000 ____D C:\Users\Stanislav\AppData\Local\Tropico6 - Beta
2019-03-05 16:20 - 2019-02-06 09:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-03-05 16:20 - 2019-02-06 09:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-03-05 16:20 - 2019-02-06 09:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-05 16:20 - 2019-02-06 09:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-03-05 16:20 - 2019-02-06 09:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-05 16:20 - 2019-02-06 09:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-05 16:20 - 2019-02-06 09:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-05 16:20 - 2019-02-06 09:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-03-05 16:20 - 2019-02-06 08:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-05 16:20 - 2019-02-06 08:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-05 16:20 - 2019-02-06 08:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-03-05 16:20 - 2019-02-06 08:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-05 16:20 - 2019-02-06 05:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-05 16:20 - 2019-02-06 05:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-03-05 16:20 - 2019-02-06 05:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-03-05 16:20 - 2019-02-06 05:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-03-05 16:20 - 2019-02-06 05:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-03-05 16:20 - 2019-02-06 05:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-03-05 16:20 - 2019-02-06 05:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-03-05 16:20 - 2019-02-06 05:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-03-05 16:20 - 2019-02-06 05:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-05 16:20 - 2019-02-06 05:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-05 16:20 - 2019-02-06 05:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-05 16:20 - 2019-02-06 05:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-05 16:20 - 2019-02-06 05:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-05 16:20 - 2019-02-06 05:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-05 16:20 - 2019-02-06 05:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-05 16:20 - 2019-02-06 05:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-05 16:20 - 2019-02-06 05:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-03-05 16:20 - 2019-02-06 05:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-03-05 16:20 - 2019-02-06 05:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-03-05 16:20 - 2019-02-06 05:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-03-05 16:20 - 2019-02-06 05:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-03-05 16:20 - 2019-02-06 05:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-05 16:20 - 2019-02-06 05:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-03-05 16:20 - 2019-02-06 05:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-03-05 16:20 - 2019-02-06 04:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-05 16:20 - 2019-02-06 04:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-05 16:20 - 2019-02-06 04:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-05 16:20 - 2019-02-06 04:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-03-05 16:20 - 2019-02-06 04:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-03-05 16:20 - 2019-02-06 04:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-05 16:20 - 2019-02-06 04:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-05 16:20 - 2019-02-06 04:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-03-05 16:20 - 2019-02-06 04:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-03-05 16:20 - 2019-02-06 04:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-03-05 16:20 - 2019-02-06 04:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-03-05 16:20 - 2019-02-06 04:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-03-05 16:20 - 2019-02-06 04:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-03-05 16:20 - 2019-02-06 04:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-03-05 16:20 - 2019-02-06 04:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-03-05 16:20 - 2019-02-06 04:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-05 16:20 - 2019-02-06 04:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-05 16:20 - 2019-02-06 04:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-05 16:20 - 2019-02-06 04:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-03-05 16:20 - 2019-02-06 04:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-05 16:20 - 2019-02-06 04:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-03-05 16:20 - 2019-02-06 04:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-05 16:20 - 2019-02-06 04:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-05 16:20 - 2019-02-06 04:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-03-05 16:20 - 2019-02-06 04:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-03-05 16:20 - 2019-02-06 04:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-05 16:20 - 2019-02-06 04:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-03-05 16:20 - 2019-02-06 04:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-03-05 16:20 - 2019-02-06 04:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-05 16:20 - 2019-02-06 04:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-03-05 16:20 - 2019-02-06 04:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-03-05 16:20 - 2019-02-06 04:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-03-05 16:20 - 2019-02-06 04:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-03-05 16:20 - 2019-02-06 04:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-03-05 16:20 - 2019-02-06 04:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-03-05 16:20 - 2019-02-06 04:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-05 16:20 - 2019-02-06 03:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-03-05 16:20 - 2019-01-12 10:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-03-05 16:20 - 2019-01-12 04:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-03-05 16:20 - 2019-01-09 20:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-05 16:20 - 2019-01-09 19:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-03-05 16:20 - 2019-01-09 19:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-05 16:20 - 2019-01-09 19:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-05 16:20 - 2019-01-09 19:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-03-05 16:20 - 2019-01-09 19:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-03-05 16:20 - 2019-01-09 19:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-03-05 16:20 - 2019-01-09 19:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-03-05 16:20 - 2019-01-09 12:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-03-05 16:20 - 2019-01-09 11:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-03-05 16:20 - 2019-01-09 11:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-03-05 16:20 - 2019-01-09 10:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-03-05 16:20 - 2019-01-09 10:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-03-05 16:20 - 2019-01-09 07:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-03-05 16:20 - 2019-01-09 07:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-03-05 16:20 - 2019-01-09 07:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-03-05 16:20 - 2019-01-09 07:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-03-05 16:20 - 2019-01-09 07:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-03-05 16:20 - 2019-01-09 07:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-03-05 16:20 - 2019-01-09 07:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-03-05 16:20 - 2019-01-09 07:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-03-05 16:20 - 2019-01-09 07:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-03-05 16:20 - 2019-01-09 07:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-03-05 16:20 - 2019-01-09 07:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-03-05 16:20 - 2019-01-09 07:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-03-05 16:20 - 2019-01-09 07:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-03-05 16:20 - 2019-01-09 07:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-05 16:20 - 2019-01-09 07:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-03-05 16:20 - 2019-01-09 07:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-03-05 16:20 - 2019-01-09 07:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-03-05 16:20 - 2019-01-09 07:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-03-05 16:20 - 2019-01-09 07:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-03-05 16:20 - 2019-01-09 07:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-03-05 16:20 - 2019-01-09 07:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-03-05 16:20 - 2019-01-09 07:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-03-05 16:20 - 2019-01-09 07:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-03-05 16:20 - 2019-01-09 07:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-03-05 16:20 - 2019-01-09 07:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-03-05 16:20 - 2019-01-09 07:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-03-05 16:20 - 2019-01-09 07:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-03-05 16:20 - 2019-01-09 07:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-03-05 16:20 - 2019-01-09 07:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-03-05 16:20 - 2019-01-09 07:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-03-05 16:20 - 2019-01-09 07:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-03-05 16:20 - 2019-01-09 07:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-03-05 16:20 - 2019-01-09 07:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-03-05 16:20 - 2019-01-09 07:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-03-05 16:20 - 2019-01-09 07:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-05 16:20 - 2019-01-09 07:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-03-05 16:20 - 2019-01-09 07:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-03-05 16:20 - 2019-01-09 07:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-03-05 16:20 - 2019-01-09 07:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-03-05 16:20 - 2019-01-09 07:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-03-05 16:20 - 2019-01-09 07:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-05 16:20 - 2019-01-09 07:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-03-05 16:20 - 2019-01-09 07:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-03-05 16:20 - 2019-01-09 07:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-03-05 16:20 - 2019-01-09 07:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-03-05 16:20 - 2019-01-09 07:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-03-05 16:20 - 2019-01-09 07:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-05 16:20 - 2019-01-09 07:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-03-05 16:20 - 2019-01-09 07:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-03-05 16:20 - 2019-01-09 07:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-03-05 16:20 - 2019-01-09 07:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-03-05 16:20 - 2019-01-09 07:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-03-05 16:20 - 2019-01-09 07:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-03-05 16:20 - 2019-01-09 07:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-03-05 16:20 - 2019-01-09 07:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-05 16:20 - 2019-01-09 07:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-03-05 16:20 - 2019-01-09 07:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-03-05 16:20 - 2019-01-09 07:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-03-05 16:20 - 2019-01-09 07:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-03-05 16:20 - 2019-01-09 07:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-03-05 16:20 - 2019-01-09 07:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-03-05 16:20 - 2019-01-09 07:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-03-05 16:20 - 2019-01-09 07:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-05 16:20 - 2019-01-09 07:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-03-05 16:20 - 2019-01-09 07:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-03-05 16:20 - 2019-01-09 07:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-03-05 16:20 - 2019-01-09 07:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-03-05 16:20 - 2019-01-09 07:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-03-05 16:20 - 2019-01-09 07:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-03-05 16:20 - 2019-01-09 07:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-03-05 16:20 - 2019-01-09 07:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-03-05 16:20 - 2019-01-09 07:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-03-05 16:20 - 2019-01-09 07:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-03-05 16:20 - 2019-01-09 07:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-03-05 16:20 - 2019-01-09 06:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-03-05 16:20 - 2019-01-09 06:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-03-05 16:20 - 2019-01-08 11:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-03-05 16:20 - 2019-01-08 05:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-03-05 16:20 - 2019-01-08 05:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-05 16:20 - 2019-01-08 05:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-03-05 16:11 - 2018-09-20 06:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-03 19:01 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-03 19:00 - 2018-09-27 21:34 - 000000000 ____D C:\FRST
2019-04-03 19:00 - 2016-11-15 18:44 - 000000000 ____D C:\Users\Stanislav\AppData\LocalLow\Mozilla
2019-04-03 18:53 - 2015-05-31 11:14 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-03 17:34 - 2018-07-28 20:23 - 000000000 ____D C:\Users\Stanislav\AppData\Local\D3DSCache
2019-04-03 15:49 - 2018-07-28 19:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-03 15:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-03 15:14 - 2018-10-01 11:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-04-03 15:14 - 2015-05-29 18:23 - 000000000 __SHD C:\Users\Stanislav\IntelGraphicsProfiles
2019-04-02 21:18 - 2016-06-19 10:32 - 000000000 ____D C:\Users\Stanislav\AppData\Local\Battle.net
2019-04-02 21:11 - 2017-12-05 19:29 - 000000000 ____D C:\Users\Stanislav\Documents\Euro Truck Simulator 2
2019-04-02 21:01 - 2016-02-02 20:17 - 000000000 ____D C:\Users\Stanislav\Documents\American Truck Simulator
2019-04-02 20:15 - 2016-06-19 10:31 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-04-02 19:29 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-02 18:13 - 2018-07-28 20:22 - 000004202 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5163B014-9AC5-4FEB-882E-DD3412A2B2AC}
2019-03-30 18:21 - 2015-06-14 15:27 - 000000000 ____D C:\Users\Stanislav\AppData\Local\Ubisoft Game Launcher
2019-03-28 20:51 - 2016-11-30 13:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-28 20:51 - 2015-05-30 12:43 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-28 20:51 - 2015-05-30 12:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-27 22:29 - 2016-07-18 16:54 - 000000000 ____D C:\Users\Stanislav\AppData\Roaming\Factorio
2019-03-21 21:22 - 2018-10-25 13:04 - 000000000 ____D C:\ProgramData\Epic
2019-03-16 20:21 - 2015-06-12 20:08 - 000000000 ____D C:\Users\Stanislav\Documents\My Games
2019-03-15 21:20 - 2018-07-28 20:16 - 001915368 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-15 21:20 - 2018-04-12 17:51 - 000779466 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-15 21:20 - 2018-04-12 17:51 - 000171298 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-15 21:20 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-15 21:16 - 2018-07-28 20:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-15 21:16 - 2017-07-30 10:30 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-15 21:15 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-15 21:15 - 2018-01-28 16:38 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-03-15 18:34 - 2018-07-28 19:42 - 000188240 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-03-15 18:34 - 2018-07-28 19:42 - 000145600 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-03-15 18:34 - 2018-07-28 19:42 - 000110000 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-03-15 18:34 - 2018-07-28 19:42 - 000107744 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2019-03-15 18:34 - 2018-07-28 19:42 - 000082472 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2019-03-15 18:34 - 2018-07-28 19:42 - 000050280 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2019-03-15 15:46 - 2018-12-08 21:33 - 000000000 ____D C:\Program Files (x86)\Epic Games
2019-03-12 20:57 - 2018-06-27 19:28 - 000000000 ____D C:\Users\Stanislav\AppData\Roaming\discord
2019-03-12 18:49 - 2018-06-27 19:28 - 000002290 _____ C:\Users\Stanislav\Desktop\Discord.lnk
2019-03-12 18:49 - 2018-06-27 19:28 - 000000000 ____D C:\Users\Stanislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-03-12 18:49 - 2018-06-27 19:28 - 000000000 ____D C:\Users\Stanislav\AppData\Local\Discord
2019-03-12 16:26 - 2018-07-28 20:22 - 000004646 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-12 16:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-03-12 16:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-03-11 16:46 - 2018-12-08 21:34 - 000000000 ____D C:\Users\Stanislav\AppData\Local\EpicGamesLauncher
2019-03-07 21:54 - 2015-12-04 08:22 - 000000000 ____D C:\Users\Stanislav\AppData\Local\UnrealEngine
2019-03-05 16:31 - 2018-07-28 19:57 - 000313144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-05 16:29 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-03-05 16:29 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-03-05 16:29 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-05 16:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-03-05 16:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-05 16:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-03-05 16:28 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-05 16:20 - 2018-07-28 18:31 - 000000000 ____D C:\Program Files\rempl
2019-03-05 16:19 - 2015-05-29 20:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-05 16:17 - 2015-05-29 20:02 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2016-02-21 14:58 - 2018-12-23 11:06 - 000007601 _____ () C:\Users\Stanislav\AppData\Local\Resmon.ResmonCfg
2018-09-07 22:19 - 2018-09-07 22:19 - 000000003 _____ () C:\Users\Stanislav\AppData\Local\updater.log
2018-09-07 22:20 - 2019-02-17 12:37 - 000000059 _____ () C:\Users\Stanislav\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
2019-03-26 21:45 - 2019-04-03 15:54 - 000000016 _____ () C:\Users\Stanislav\AppData\Local\Temp\efec34c13c34e94d0100890c376276ed.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-28 19:57

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Stanislav (03-04-2019 19:03:40)
Running from C:\Users\Stanislav\Desktop
Windows 10 Pro Version 1803 17134.590 (X64) (2018-07-28 18:23:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3391450833-3303722570-559582778-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3391450833-3303722570-559582778-503 - Limited - Disabled)
Guest (S-1-5-21-3391450833-3303722570-559582778-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3391450833-3303722570-559582778-1002 - Limited - Enabled)
Stanislav (S-1-5-21-3391450833-3303722570-559582778-1000 - Administrator - Enabled) => C:\Users\Stanislav
WDAGUtilityAccount (S-1-5-21-3391450833-3303722570-559582778-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1.0 (HKLM-x32\...\{Divotvorne udoli}_is1) (Version: - Spidla Data Processing, s.r.o.)
A.I.M. Racing (HKLM-x32\...\{2F52162B-0AAA-4E68-A12A-3CCF6040A3A3}) (Version: 1.0 - )
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.10.2 - Advanced Micro Devices, Inc.)
Assassin's Creed Chronicles China (HKLM-x32\...\Uplay Install 1651) (Version: - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Brain Training Deluxe Edition (HKLM-x32\...\{B19CA5C6-FA4C-4029-B4D3-E02C7B84B3D0}) (Version: 1.0.0 - MASC Software BV)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Call of Duty Black Ops 4 (HKLM-x32\...\Call of Duty Black Ops 4) (Version: - Blizzard Entertainment)
Canon MP210 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series) (Version: - )
Core Temp 1.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.7 - ALCPU)
CPUID HWMonitor 1.35 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.35 - CPUID, Inc.)
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-3391450833-3303722570-559582778-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dobrý farmář (HKLM-x32\...\Dobrý farmář) (Version: - )
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{0F462EFA-8AE8-4C2A-BC94-0AFFF17A8245}) (Version: 11.0.131.0 - ESET, spol. s r.o.)
Far Cry 5 (HKLM-x32\...\Uplay Install 1803) (Version: - Ubisoft)
Far Cry Primal (HKLM-x32\...\Uplay Install 2010) (Version: - Ubisoft)
Farming Simulator 17 (HKLM-x32\...\FarmingSimulator2017_is1) (Version: 1.0.0.0 - GIANTS Software)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Geeks3D FurMark 1.15.2.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kobra 11 V Utajení (HKLM-x32\...\Kobra 11 V Utajení_is1) (Version: 1.0 - Game shop, s.r.o.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 5.0.1.2 (HKLM-x32\...\{927AE35D-72BC-437D-BAC7-EE47D03DEE54}) (Version: 5.0.1.2 - The Document Foundation)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.2.7024 - Mozilla)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
MSI Kombustor 3.5.1 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD)
Nero 9 Essentials (HKLM-x32\...\{01d63d86-f178-4ed3-821b-bd14231370b3}) (Version: - Nero AG)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.30.15625 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 355.98 - NVIDIA Corporation) Hidden
PingPlotter 5 (HKLM-x32\...\{F513FFE3-ED3B-4DC1-BB41-DABEBCAE2F6F}) (Version: 5.5.14.4908 - Pingman Tools, LLC) Hidden
PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.5.14.4908) (Version: 5.5.14.4908 - Pingman Tools, LLC)
Prime95 (HKLM-x32\...\{5DE1B7CF-7429-40CA-987F-6BEE09B63787}) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Rapture3D 2.3.26 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
SequoiaView (HKLM-x32\...\SequoiaView) (Version: - )
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SOMA (HKLM-x32\...\1439487606_is1) (Version: 2.0.0.1 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.2 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Unity Web Player (HKU\S-1-5-21-3391450833-3303722570-559582778-1000\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-3) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-4) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-15] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-15] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-10-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-03-15] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A706995-B49B-46B0-9272-3BB020698C50} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {150E6430-E45C-4F5B-B597-10C80059A247} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {15A363EB-C677-4481-9C04-94862EE1AAC7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1EC75087-D99D-437E-AE17-501AA3F15E97} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {20B1C1FE-E264-4511-B917-47C877C73DB0} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {21C8C7EE-8A2A-4F33-BD9A-6D72BD00290F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {30BF7A69-F7B7-43ED-8FDC-B23422908079} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3707623A-6ED9-4E59-9EF6-B001DA861C9F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {40A41C31-5B55-4B92-9B0D-5FDD7D091700} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4382BCBF-8151-4A21-8E5A-90AA9894BEB7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4B3226A7-FB39-43E9-B306-AF996820107E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {638BA978-1715-4FA3-87AB-19DC5EF93B5D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {65F585F6-416D-4C17-92EF-7E5BF93C45A7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A6A6808-49B4-4F0A-8BAF-42EA427733F1} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7D58322C-806D-45AD-B15A-2C178C38179B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7E40CAA6-9B9E-4D0B-8723-10124CE18E02} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8352272B-DBF6-454C-B03A-5718988EFE1A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8E1193A9-9995-4D11-9014-AF0ADA784528} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {93E0BBE2-553C-4B28-9C84-4A0558273468} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {98656DB4-C170-4B1A-8BDA-2FDC36E7F461} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B16BCE93-BC30-49D2-859C-684E9BA4879F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {BEC6DACB-07DB-44D3-B40F-D3F65D2E729A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5ADDB01-CFED-43D4-B649-D9FC9522DED0} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (OOO Lightshot -> TODO: <Company name>)
Task: {D5CED587-D8BF-4EFF-A6F8-2FEFBB63138A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {E8BEA931-19F3-42A2-9815-EC6D6C21B245} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {ECA91DDC-83B0-4136-A2C3-EDC7B3ECDC21} - System32\Tasks\update-S-1-5-21-3391450833-3303722570-559582778-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (OOO Lightshot -> TODO: <Company name>)
Task: {F414A4F6-04EA-461C-AE45-EF8F5639D35F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F72A8585-D106-4690-9AEE-3D111BE63381} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-3391450833-3303722570-559582778-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2015-06-10 19:35 - 2009-07-14 03:40 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2015-05-19 09:11 - 2015-05-19 09:11 - 000335872 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2018-12-08 21:35 - 2018-12-08 21:35 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2018-12-08 21:35 - 2018-12-08 21:35 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-12-08 21:35 - 2018-12-08 21:35 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2018-12-08 21:35 - 2018-12-08 21:35 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 000359936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 003700224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 005603840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 076160000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 003559424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 006321152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 002822144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 000187904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-10-20 00:00 - 2018-10-20 00:00 - 005812224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 001412608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-06-27 23:15 - 2018-06-27 23:15 - 002552832 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-06-27 23:15 - 2018-06-27 23:15 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000502272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000328192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000059904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000053248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-06-27 23:16 - 2018-06-27 23:16 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2014-04-11 09:31 - 2014-04-11 09:31 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2014-04-11 09:31 - 2014-04-11 09:31 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Stanislav\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Stanislav\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-02 20:30 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3391450833-3303722570-559582778-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 80.87.176.66 - 80.251.240.44
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Prime95 Service => 2
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKU\S-1-5-21-3391450833-3303722570-559582778-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3391450833-3303722570-559582778-1000\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8EA44ACB-7F50-4966-B961-717D887B5674}] => (Allow) D:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{965A6F26-2AA0-42DA-ABD0-6AE595C4F553}] => (Allow) D:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{192CBBC0-F6C2-4CDB-BB0C-6B40BB28F8E0}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{D0C2591D-1C9C-4C4E-A2EA-33F7A3583F2A}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{5CAC465A-F66B-416B-B4F5-34CA57E2BDA6}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{B30D219F-07E7-47AC-87C0-3594E87BA690}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe (Wube Software) [File not signed]
FirewallRules: [{603452A9-1753-4902-9F37-7ABD89F9D7DF}] => (Allow) D:\SteamLibrary\steamapps\common\Bus Simulator 18\BusSimulator18.exe () [File not signed]
FirewallRules: [{2E8FA67A-D9B7-48B8-94E1-76FF4F73AFB9}] => (Allow) D:\SteamLibrary\steamapps\common\Bus Simulator 18\BusSimulator18.exe () [File not signed]
FirewallRules: [{3B201E24-1AF9-4326-A3EC-688B9A73F80B}] => (Allow) D:\SteamLibrary\steamapps\common\Tropico 5\Tropico5Steam.exe (Haemimont Games) [File not signed]
FirewallRules: [{D79EE953-64B5-43DB-BE23-ED3BA209BF44}] => (Allow) D:\SteamLibrary\steamapps\common\Tropico 5\Tropico5Steam.exe (Haemimont Games) [File not signed]
FirewallRules: [{4822E368-E01C-481E-8D4F-EB380E481F30}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect64.exe () [File not signed]
FirewallRules: [{FE57D8CC-A1F0-4D6F-B9EA-34C24F7DCD2A}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect64.exe () [File not signed]
FirewallRules: [{2E226A6C-AB2F-4277-9664-A6DF73EDEE44}] => (Allow) D:\SteamLibrary\steamapps\common\PureFarming\PureFarming_Launcher.exe (Quality Forge -> Techland Publishing) [File not signed]
FirewallRules: [{B578EBAD-6A1F-4A66-9965-5427BFA10FF7}] => (Allow) D:\SteamLibrary\steamapps\common\PureFarming\PureFarming_Launcher.exe (Quality Forge -> Techland Publishing) [File not signed]
FirewallRules: [{0618001C-B8A3-47D1-81CE-DD109ABE8980}] => (Allow) D:\Origin\Zuma's Revenge\ZumasRevenge.exe (Electronic Arts -> PopCap Games, Inc.)
FirewallRules: [{7A31B1CB-39E9-47AE-BF5C-B36E6F1CA93F}] => (Allow) D:\Origin\Zuma's Revenge\ZumasRevenge.exe (Electronic Arts -> PopCap Games, Inc.)
FirewallRules: [{D77A2F6D-FCFD-4D5F-A03F-ED11C6D38059}] => (Allow) D:\SteamLibrary\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{77CDFD14-1692-4081-AED7-B9E9BAC3A0E5}] => (Allow) D:\SteamLibrary\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{B02C52E4-2996-4659-8075-14FFBE2F6EC4}] => (Allow) D:\SteamLibrary\steamapps\common\PureFarming\PureFarming.exe () [File not signed]
FirewallRules: [{94570051-ACBF-48CF-B997-3FBC35481EEE}] => (Allow) D:\SteamLibrary\steamapps\common\PureFarming\PureFarming.exe () [File not signed]
FirewallRules: [{713124D3-2040-4D12-8381-26EFCBF487BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A37CA1C1-5D1F-48DF-9445-98E18BB15544}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5C9858E4-33D6-4362-8E76-1281B42C2060}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{642E57E0-0181-4560-9E72-AC39F298B077}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6E555CCA-A674-47B8-BC58-2EB4A1D8F6F5}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe No File
FirewallRules: [{1E9E870F-3912-4942-BD6C-B9F0A2B61C65}] => (Allow) D:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe No File
FirewallRules: [{446C3299-3316-4588-9A73-075CAACB954C}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator\eurotrucks.exe (SCS Software s.r.o. -> )
FirewallRules: [{16129E47-D8A9-4331-AC7E-99302F01A591}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator\eurotrucks.exe (SCS Software s.r.o. -> )
FirewallRules: [{FB070E07-5615-4642-8F09-8CE8F7A04416}] => (Allow) D:\SteamLibrary\steamapps\common\Flatout 3\Flatout.exe (Team6 game studios BV) [File not signed]
FirewallRules: [{C0E8177C-0750-4DAA-BE07-DC711C57A81C}] => (Allow) D:\SteamLibrary\steamapps\common\Flatout 3\Flatout.exe (Team6 game studios BV) [File not signed]
FirewallRules: [{DFAD24DE-3A94-4542-9C8C-8A2B8C422118}] => (Allow) D:\SteamLibrary\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{3E8D6A0A-C190-439F-91C7-57CA5F0B9942}] => (Allow) D:\SteamLibrary\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{5F12A3DB-A221-40C8-B752-EFD2B9586083}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe No File
FirewallRules: [{41D19757-AA63-4CFE-AB14-DD2B4EC6CF33}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F019E730-471E-4B45-BB97-24DA8FDE4992}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{047AB374-2737-4B0A-903B-566BD2B36E7F}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{207CD4EA-7D44-4112-9E02-D8F17A5164D9}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D9242FE1-F17A-4684-A6D0-66625603AB57}] => (Allow) D:\Origin\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe (Electronic Arts -> DOSBox Team)
FirewallRules: [{DA99508B-7730-47B9-A976-58593C8D0A2A}] => (Allow) D:\Origin\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe (Electronic Arts -> DOSBox Team)
FirewallRules: [{8A5A78E4-65F3-44A5-A827-A8648809FF69}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{6DE519E6-7513-4ACA-8C17-79EB9763BF20}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{406E7C52-5E23-4C00-BA02-5B6B011B9B3A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{2A67BD73-F0C8-46CD-B735-3D2F436C3038}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1D8038D6-BD9C-44EF-9D0A-4CCB5BA5C1A5}] => (Allow) D:\SteamLibrary\steamapps\common\Dirt 2\dirt2.exe (Sony DADC Austria AG -> Sony DADC Austria AG)
FirewallRules: [{A8CF28E1-519F-45A7-985F-25C9D73CF118}] => (Allow) D:\SteamLibrary\steamapps\common\Dirt 2\dirt2.exe (Sony DADC Austria AG -> Sony DADC Austria AG)
FirewallRules: [{FB45C26D-6636-4585-87FB-AEB99C35FDC6}] => (Allow) D:\Origin\Bejeweled 3\Bejeweled3.exe (PopCap Games -> )
FirewallRules: [{0895136D-3DD8-46A8-879D-E3C34BDAF1D2}] => (Allow) D:\Origin\Bejeweled 3\Bejeweled3.exe (PopCap Games -> )
FirewallRules: [{E5034F88-584A-408B-BF24-F8F5989EFF6F}] => (Allow) D:\SteamLibrary\steamapps\common\Alan Wake\AlanWake.exe No File
FirewallRules: [{9FB9F536-8DB8-4E11-B737-E1DD113E8289}] => (Allow) D:\SteamLibrary\steamapps\common\Alan Wake\AlanWake.exe No File
FirewallRules: [{4EF4A94F-799F-4868-B932-1BBF04D7E0EC}] => (Allow) C:\Program Files (x86)\Alawarhry.cz\Christmas Adventure Candy Storm\Christmas Adventure - Candy Storm.wrp.exe No File
FirewallRules: [{21C0F9DB-49D7-4137-87A5-290419948C38}] => (Allow) D:\Assassin's Creed III\AC3MP.exe No File
FirewallRules: [{19F8C5D2-D323-4F68-9D65-79B0E91855A8}] => (Allow) D:\Assassin's Creed III\AC3MP.exe No File
FirewallRules: [{07ABDC05-1A50-4608-99E1-83E3B7D5F539}] => (Allow) D:\Assassin's Creed III\AC3SP.exe No File
FirewallRules: [{CEC79391-C699-406E-9D88-371F4D27C2D2}] => (Allow) D:\Assassin's Creed III\AC3SP.exe No File
FirewallRules: [{63517DA6-9B1D-4A67-858D-ECAA19CC88A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File
FirewallRules: [{AFCC21CD-311E-463F-883F-13389CCD4439}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File
FirewallRules: [{8BE5ABC3-08C7-4419-9824-41DDEED9FDCC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{AA417151-2140-4E60-9EDC-AEC7817FF324}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe No File
FirewallRules: [{9BFFEF40-2A20-4118-9776-7EF3E353F13C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe No File
FirewallRules: [{53603435-D071-40C7-8C07-99E7214B98DD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{4F134017-DABA-491F-A0BD-E96E82B7DF33}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C3C197C0-F8EE-4F5B-90D6-F059FFD5EC0F}] => (Allow) C:\Program Files (x86)\Alawarhry.cz\Floria\F2PHttpDaemon.exe No File
FirewallRules: [{1DC49819-621F-4869-B876-8686CCFD29E9}] => (Allow) C:\Program Files (x86)\Alawarhry.cz\Floria\Floria.wrp.exe No File
FirewallRules: [{1423B791-A497-4304-A83A-CD3BE8CCF542}] => (Allow) D:\SteamLibrary\steamapps\common\Teeworlds\tw\teeworlds.exe () [File not signed]
FirewallRules: [{CDE57CEE-2FA7-4951-8EDD-CDC576F4AD76}] => (Allow) D:\SteamLibrary\steamapps\common\Teeworlds\tw\teeworlds.exe () [File not signed]
FirewallRules: [{56744D60-9B70-4AEA-BFD6-3D753365B898}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{501E10B2-7F07-43F5-AF59-A6702171135A}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{EE6ECA50-4082-47DF-A99C-E3703762CD75}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x86\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{22817455-1FD6-4560-A153-2C4777B8D14F}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\x86\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{142A3106-1032-45A3-B056-DF72658E1CC4}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\FarmingSimulator2017.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{A6ABBC8D-493B-4292-BDEE-1533A53A8460}] => (Allow) C:\Program Files (x86)\Farming Simulator 2017\FarmingSimulator2017.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{F0C84FD3-F491-42F7-8419-43A0506EC04D}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe No File
FirewallRules: [{A5892164-5F90-4C47-811D-C9EA6855484D}] => (Allow) D:\SteamLibrary\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe No File
FirewallRules: [{6B63D069-CEEC-4C11-AD61-D77166C339B1}] => (Allow) D:\SteamLibrary\steamapps\common\Limbo\limbo.exe (Playdead) [File not signed]
FirewallRules: [{4BBD2866-65A3-4F82-9B48-3B745FF74EAF}] => (Allow) D:\SteamLibrary\steamapps\common\Limbo\limbo.exe (Playdead) [File not signed]
FirewallRules: [{F102E1D9-3E4A-40AD-9262-BC8E53CCACA1}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe No File
FirewallRules: [{5B4CA90D-C438-438A-AC22-751FFC90C6F0}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe No File
FirewallRules: [{37202E85-6BF4-4E4C-9063-902F88E2AB15}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{BCB30BEE-0782-493D-9E80-BDB1B6E4C75F}] => (Allow) D:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe () [File not signed]
FirewallRules: [{70AD53B0-582D-43E2-93FC-E0174DEEEE6E}] => (Allow) D:\SteamLibrary\steamapps\common\Hitman™\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{2E46EE31-7FB4-49A0-9689-48531E0E1394}] => (Allow) D:\SteamLibrary\steamapps\common\Hitman™\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{5E628846-E8D3-42AB-8F71-178A39EFD432}] => (Allow) D:\Far Cry Primal\bin\FCPrimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{EBD17740-4393-4A94-B142-984580D36204}D:\zachranari\emergency 4\em4.exe] => (Block) D:\zachranari\emergency 4\em4.exe No File
FirewallRules: [TCP Query User{4F33253B-89D7-4E37-95D4-BBDF0C427240}D:\zachranari\emergency 4\em4.exe] => (Block) D:\zachranari\emergency 4\em4.exe No File
FirewallRules: [UDP Query User{D571E47F-041B-4E0A-B83C-C0E708417601}D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe No File
FirewallRules: [TCP Query User{7ED6BA61-7188-4BFF-A4D4-C93BC821C03C}D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\steamlibrary\steamapps\common\xcom 2\binaries\win64\xcom2.exe No File
FirewallRules: [{8F6BAF0B-FE62-469F-A61A-5D629BEB0DB4}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{66CC9063-954E-4884-B929-3A889E1C731A}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{6B8FFE95-058D-4BD4-8B23-7DB98810D4D1}] => (Allow) C:\Program Files (x86)\Emergency 2016\bin\x64r\emergency5.exe No File
FirewallRules: [{B9E25D97-B599-464C-B501-23500F33506B}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7DaysToDie.exe () [File not signed]
FirewallRules: [{AC51838A-0370-46E7-B722-04A127824BAD}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7DaysToDie.exe () [File not signed]
FirewallRules: [{8A16334D-AE7E-4A87-A72F-1326C470ACA0}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9885E8CE-C310-42BE-9149-DBAC07D0EF93}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{9D2444A2-CED2-4411-B248-F0F80C9C2C65}C:\program files\epic games\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe] => (Allow) C:\program files\epic games\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe No File
FirewallRules: [TCP Query User{CE45FBF6-54F9-4ED3-B174-410DC2D6F68B}C:\program files\epic games\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe] => (Allow) C:\program files\epic games\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe No File
FirewallRules: [UDP Query User{6EE0297E-1082-49C8-B923-0EDA2FB04B6A}D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe No File
FirewallRules: [TCP Query User{95EC22C8-2CD5-40E8-AD0F-77F008D35FBC}D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe No File
FirewallRules: [UDP Query User{9595DE75-DE7F-4126-8C54-E30703CF9A35}D:\assassin's creed syndicate\acs.exe] => (Block) D:\assassin's creed syndicate\acs.exe No File
FirewallRules: [TCP Query User{94CCD7CA-FD86-49D0-9DD0-D58FB7402E31}D:\assassin's creed syndicate\acs.exe] => (Block) D:\assassin's creed syndicate\acs.exe No File
FirewallRules: [{2E95B105-ACCA-4E11-B9D6-91D2FBBFC742}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CCAF293F-EF8A-4702-8253-00279D06B7CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3548712E-F085-4784-98D4-0E1D99151981}] => (Allow) D:\Origin\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{3FF991F4-EBF0-4BB4-9937-9EFFFC2F917B}] => (Allow) D:\Origin\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{F0260D45-3871-4AA1-99CB-C59D636EBC6D}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{132CBE66-AAFA-4674-9142-237B7D866077}] => (Allow) D:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe No File
FirewallRules: [{DAD6B50F-9716-4839-B975-8D85EC19DE7C}] => (Allow) D:\SteamLibrary\steamapps\common\BLACKHOLE\BLACKHOLE.exe No File
FirewallRules: [{378BE9BA-8526-4761-90A3-773D5CED74B3}] => (Allow) D:\SteamLibrary\steamapps\common\BLACKHOLE\BLACKHOLE.exe No File
FirewallRules: [{5D291EE7-4B0D-47C6-A913-3137A12D5499}] => (Allow) D:\SteamLibrary\steamapps\common\Stealth Inc 2\settings\settings.exe No File
FirewallRules: [{0C970D58-7F19-4ED7-8017-B0579401EDDA}] => (Allow) D:\SteamLibrary\steamapps\common\Stealth Inc 2\settings\settings.exe No File
FirewallRules: [{30DC30A4-80B4-4E27-8D49-88D0FDDEB067}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{29937D45-F5CE-461E-9BD5-CD55D9FF0D97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8331581F-992A-4409-89D4-193AEB4166D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8769441D-ACDB-46DF-AFFA-CDD7ACC72000}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0A3C806E-32C5-47C8-A8EE-6CBA60FF0CAC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{5EBCEF92-6069-4946-970E-25BC75D2E588}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [TCP Query User{D87ADA06-9F49-4061-B041-1CCEF8D94DC5}D:\steamlibrary\steamapps\common\enslaved\binaries\win32\enslaved.exe] => (Allow) D:\steamlibrary\steamapps\common\enslaved\binaries\win32\enslaved.exe No File
FirewallRules: [UDP Query User{FED5E818-050E-44DE-9B7B-5E87642C99E7}D:\steamlibrary\steamapps\common\enslaved\binaries\win32\enslaved.exe] => (Allow) D:\steamlibrary\steamapps\common\enslaved\binaries\win32\enslaved.exe No File
FirewallRules: [{B4B49FBF-EE8A-437B-A4EA-939576FE1D87}] => (Allow) D:\SteamLibrary\steamapps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe No File
FirewallRules: [{2018B992-F88F-4201-88D7-93545A2AD717}] => (Allow) D:\SteamLibrary\steamapps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe No File
FirewallRules: [{B292AD2C-62BE-49B4-87BD-F779243AE622}] => (Allow) D:\SteamLibrary\steamapps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe No File
FirewallRules: [{A3396DF1-204A-40B5-B65A-3B40D347B09B}] => (Allow) D:\SteamLibrary\steamapps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe No File
FirewallRules: [TCP Query User{D4C7FF3A-AA91-4390-8008-D077E518DE29}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{A080C7F5-260D-49FF-BFD3-6EC75F85FCD5}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{0A42B4D9-9F62-4063-8418-0214038183E2}D:\server.exe] => (Block) D:\server.exe () [File not signed]
FirewallRules: [UDP Query User{3E56B54E-35FE-4EB4-8557-8D5C709517CC}D:\server.exe] => (Block) D:\server.exe () [File not signed]
FirewallRules: [{3508A4FB-5245-4E99-82CA-0268B3B31FD3}] => (Allow) D:\Watch_Dogs\bin\watch_dogs.exe No File
FirewallRules: [{C965D1FD-F529-4AA2-8DDA-579907B81C28}] => (Allow) D:\Watch_Dogs\bin\watch_dogs.exe No File
FirewallRules: [{BC2477BF-FF82-4762-B1F6-A48BBB4803B7}] => (Allow) D:\SteamLibrary\steamapps\common\pCars\pCARS64.exe (Slightly Mad Studios Ltd) [File not signed]
FirewallRules: [{83AE6C66-EDF8-4EAC-AF63-F0986C898BF4}] => (Allow) D:\SteamLibrary\steamapps\common\pCars\pCARS64.exe (Slightly Mad Studios Ltd) [File not signed]
FirewallRules: [TCP Query User{6DC008C8-0B4F-4E62-BD4E-A5C0C351BE12}D:\overwatch\overwatch.exe] => (Block) D:\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{95A62251-67DD-42CC-98AA-E5EA92056AF1}D:\overwatch\overwatch.exe] => (Block) D:\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E762EE5C-7EA0-4DB1-9806-0F23C8B0A4EA}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{73700962-87AE-4357-957E-73E4C1343136}] => (Allow) D:\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{F572C502-98CB-4FAA-991B-1EA83C4AF02D}] => (Allow) D:\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe (Climax Studios Ltd -> Epic Games, Inc.)
FirewallRules: [{99298270-BD88-4C67-8B8A-E7FC32AF625D}] => (Allow) D:\Assassin's Creed Chronicles China\Binaries\Win32\ACCGame-Win32-Shipping.exe (Climax Studios Ltd -> Epic Games, Inc.)
FirewallRules: [{4004C18A-E896-420D-9529-9FE8C0F2E316}] => (Allow) D:\SteamLibrary\steamapps\common\WRC 4\WRC4.exe (Milestone S.r.l.) [File not signed]
FirewallRules: [{C0929A5E-97A2-4738-8E0E-310B94BE8A67}] => (Allow) D:\SteamLibrary\steamapps\common\WRC 4\WRC4.exe (Milestone S.r.l.) [File not signed]
FirewallRules: [{29E122D6-E633-41A0-B56C-C0757A9113FF}] => (Allow) D:\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{CA8EB909-1F6B-4677-A917-0D785E8D78D8}] => (Allow) D:\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{4D10EE96-5205-4440-9EFE-52EC2FB028B2}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2017\F1_2017.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{08C6D6E9-0060-4DDC-8CBA-DAF80F49B9CE}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2017\F1_2017.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{16990391-5359-4ADE-BF53-702CD50D5ECF}] => (Allow) D:\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{2FD23F88-80AC-4152-8E0C-4038273F75D2}] => (Allow) D:\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{D78527A3-F6DB-45BD-86E8-33CC5D86C314}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe No File
FirewallRules: [{8D1E0199-9FF0-40AE-8A30-D311892E33F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe No File
FirewallRules: [{F4301AF8-6043-4448-9E3C-633C4B5FF9AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe No File
FirewallRules: [{35391AAB-2B19-442D-A118-E0BAC4953CD9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File
FirewallRules: [{62094376-700E-4559-A32B-837FC6FBCDD4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe No File
FirewallRules: [{839B3BCD-59EC-40DA-93B8-E2F0483019A9}] => (Block) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4.exe No File
FirewallRules: [{62009E1F-99E8-4046-981C-BAB6CF79CB58}] => (Allow) D:\SteamLibrary\steamapps\common\Crash Bandicoot - N Sane Trilogy\CrashBandicootNSaneTrilogy.exe (Activision Publishing Inc -> )
FirewallRules: [{E7E33E2D-FE2B-442F-BB54-1F1536C4B3F6}] => (Allow) D:\SteamLibrary\steamapps\common\Crash Bandicoot - N Sane Trilogy\CrashBandicootNSaneTrilogy.exe (Activision Publishing Inc -> )
FirewallRules: [{C8E5BD27-AF9F-466A-9252-2E2BE463B44C}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{DCE2388D-E9EC-4542-BBB3-909A66299CFE}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{8DE61458-7F24-4301-9B35-851F5F72E4F3}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{5FEEED6C-CE28-453A-B11C-D871D76536C3}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{1AE63EBC-E542-4C81-96BC-22473F816154}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{36DEA994-B40E-43B2-A4EF-75DCE8225D37}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FD978645-A1AB-410F-980B-29DF29072EBD}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{9FFE9594-D44C-4FFD-B915-D8067593F13F}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{99CC414A-5C70-4102-8857-8A0B1A960B53}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG Corporation ) [File not signed]
FirewallRules: [{16CC0417-AF07-4185-87F8-04CE4493AD52}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG Corporation ) [File not signed]
FirewallRules: [{44CBC01F-472A-41DF-A342-42803B263117}] => (Allow) D:\SteamLibrary\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe (NSSTUDIO INC. -> NS Studio)
FirewallRules: [{0F14DFAF-4EF9-4541-A78F-29E387FE4ED3}] => (Allow) D:\SteamLibrary\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe (NSSTUDIO INC. -> NS Studio)
FirewallRules: [{92F1544C-F0E7-4A51-B636-A8CC11FB447D}] => (Allow) D:\SteamLibrary\steamapps\common\LEGO - The Hobbit\LEGOHobbit.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{D32C2DEC-AEF8-4A4F-AE21-015AAE2711B9}] => (Allow) D:\SteamLibrary\steamapps\common\LEGO - The Hobbit\LEGOHobbit.exe (Travellers Tales (UK) Ltd -> Warner Bros. Interactive Entertainment)
FirewallRules: [{BCED365B-EE51-4EB9-A093-C942FE3F2365}] => (Allow) D:\SteamLibrary\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe (NSSTUDIO INC. -> NS Studio, Inc.)
FirewallRules: [{10907111-7F35-44A8-86AC-B1DD5F7A30E7}] => (Allow) D:\SteamLibrary\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe (NSSTUDIO INC. -> NS Studio, Inc.)
FirewallRules: [{7BD90C25-6F27-410F-8FF2-270FB71D6D91}] => (Allow) D:\SteamLibrary\steamapps\common\Black Squad\binaries\win64\SteamLauncher.exe (NSSTUDIO INC. -> NS Studio)
FirewallRules: [{94A61C6F-2499-4C19-818D-2FA625610467}] => (Allow) D:\SteamLibrary\steamapps\common\Black Squad\binaries\win64\SteamLauncher.exe (NSSTUDIO INC. -> NS Studio)
FirewallRules: [{42C31154-B6A5-4A6F-8B96-118F58B4B649}] => (Allow) D:\SteamLibrary\steamapps\common\Black Squad\binaries\win64\BlackSquadGame.exe (NSSTUDIO INC. -> NS Studio, Inc.)
FirewallRules: [{562353CF-99AA-49E0-AE93-06EAA1008858}] => (Allow) D:\SteamLibrary\steamapps\common\Black Squad\binaries\win64\BlackSquadGame.exe (NSSTUDIO INC. -> NS Studio, Inc.)
FirewallRules: [{53C8554E-5491-4AFD-9D93-980146B3D048}] => (Allow) D:\SteamLibrary\steamapps\common\12 Labours of Hercules VII Fleecing the Fleece\12LaboursOfHercules7.exe () [File not signed]
FirewallRules: [{637C2DF5-BB1C-40C2-8965-0FC551BA33DF}] => (Allow) D:\SteamLibrary\steamapps\common\12 Labours of Hercules VII Fleecing the Fleece\12LaboursOfHercules7.exe () [File not signed]
FirewallRules: [{5B12AA61-5559-45FE-9C00-673B6B1E1A44}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{283B8F9A-14BC-441A-8730-75660EFA96A2}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{6DF6EA7D-F9DB-471C-B607-6F5C8A10C6B0}] => (Allow) D:\Far Cry 5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{310088B5-07C3-428F-868C-21BD134024D4}] => (Allow) D:\Far Cry 5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{0E98BAD9-8794-4F50-9957-96EFDC7EBDD3}] => (Allow) D:\Far Cry 5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{65D8C6DB-71F5-493B-B7B8-060D8F9E448C}] => (Allow) D:\Far Cry 5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{CE02DFAA-8E23-4ADC-9A07-67473F4E362D}] => (Allow) D:\SteamLibrary\steamapps\common\Redout\redout.exe () [File not signed]
FirewallRules: [{A1FDBA61-DC9E-4F5C-B11F-E4FDF96B33EE}] => (Allow) D:\SteamLibrary\steamapps\common\Redout\redout.exe () [File not signed]
FirewallRules: [{ACE8EC36-7FDF-4A2E-BDDA-EFF77F247A1F}] => (Allow) D:\SteamLibrary\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017.exe (GHI Media LLC -> Croteam)
FirewallRules: [{0B9EDF87-06E1-41FD-AC72-EC7FB8EABC45}] => (Allow) D:\SteamLibrary\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017.exe (GHI Media LLC -> Croteam)
FirewallRules: [{5B51BFAF-13D1-4397-9988-A73A9EF78E9E}] => (Allow) D:\SteamLibrary\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{4EE44952-664C-448E-A5CD-62AA8A87F3F2}] => (Allow) D:\SteamLibrary\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017_Unrestricted.exe (GHI Media LLC -> Croteam)
FirewallRules: [{6BBCFAD2-0468-418F-AB54-989C7F19743E}] => (Allow) D:\SteamLibrary\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{7FD45556-9C32-4376-82CA-7BC274FFF00C}] => (Allow) D:\SteamLibrary\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{CAFC6FE9-C389-446A-8B24-7B1B3C6BBE43}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C1DB9373-A489-40DC-A47A-245AD19A4598}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B742817B-9186-4CFA-9C48-9B8B4FB6B420}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{29ADF763-7D35-4DC2-8935-A5DAEFC80E1D}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{AFC4CE37-CA77-4699-A564-1B32C04F06B5}] => (Allow) D:\SteamLibrary\steamapps\common\Sekiro\sekiro.exe (Activision Publishing Inc -> FromSoftware, Inc.)
FirewallRules: [{A1D61326-22A5-414A-B855-BD47F907C33E}] => (Allow) D:\SteamLibrary\steamapps\common\Sekiro\sekiro.exe (Activision Publishing Inc -> FromSoftware, Inc.)
FirewallRules: [{E7F20526-14DB-4AF9-8F65-D41A5A9B9F39}] => (Allow) D:\SteamLibrary\steamapps\common\Sekiro\Artwork_MiniSoundtrack\DigitalArtwork_MiniSoundtrack.exe (Activision Publishing Inc -> DIGITAL ARTWORK & MINI SOUNDTRACK)
FirewallRules: [{66AD1962-9CE8-4FAB-B442-8432DDA899EF}] => (Allow) D:\SteamLibrary\steamapps\common\Sekiro\Artwork_MiniSoundtrack\DigitalArtwork_MiniSoundtrack.exe (Activision Publishing Inc -> DIGITAL ARTWORK & MINI SOUNDTRACK)
FirewallRules: [{242CB893-9B77-4B92-8876-0726E9F5C9FD}] => (Allow) D:\SteamLibrary\steamapps\common\Hitman Absolution\HMA.exe (Valve Corp. -> )
FirewallRules: [{E3BFB4F6-5807-4695-BCFE-680336346290}] => (Allow) D:\SteamLibrary\steamapps\common\Hitman Absolution\HMA.exe (Valve Corp. -> )
FirewallRules: [{25CCF79C-877C-4D2D-884F-4F094FF1FFF3}] => (Allow) D:\SteamLibrary\steamapps\common\Golf Galore\Golf Galore.exe () [File not signed]
FirewallRules: [{5ECC9DEA-0F78-41ED-B948-06B4835E5169}] => (Allow) D:\SteamLibrary\steamapps\common\Golf Galore\Golf Galore.exe () [File not signed]

==================== Restore Points =========================

13-03-2019 18:32:15 Naplánovaný kontrolní bod
23-03-2019 10:35:07 Naplánovaný kontrolní bod
02-04-2019 19:27:04 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/28/2019 08:50:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x000001868b209948
ID chybujícího procesu: 0x28d0
Čas spuštění chybující aplikace: 0x01d4e584983957e8
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 2d8fa446-2360-46a4-9e52-48ddb607c36b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/15/2019 03:48:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (03/13/2019 10:15:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17134.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 6b40

Čas spuštění: 01d4d9a9b0b89e36

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

ID hlášení: 3efe0c89-4728-49cb-b1f5-591cdcef3add

Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: App

Error: (03/12/2019 10:18:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchUI.exe verze 10.0.17134.590 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: cf8

Čas spuštění: 01d4d8df52697d06

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

ID hlášení: 7a071ac4-4096-4099-89aa-7a679810d832

Úplný název balíčku s chybou: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: CortanaUI

Error: (03/12/2019 10:18:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.17134.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 3ac8

Čas spuštění: 01d4d8df51177d7d

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

ID hlášení: 122e4c04-6e78-46b1-8be5-9cb9ca7ffaa4

Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: App

Error: (03/12/2019 06:50:22 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Hribovi)
Description: httphttp-2147467263

Error: (03/12/2019 06:50:16 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Hribovi)
Description: httphttp-2147467263

Error: (03/11/2019 07:08:36 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Hribovi)
Description: httphttp-2147467263


System errors:
=============
Error: (04/03/2019 03:49:41 PM) (Source: DCOM) (EventID: 10016) (User: Hribovi)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Hribovi\Stanislav (SID: S-1-5-21-3391450833-3303722570-559582778-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/03/2019 03:16:46 PM) (Source: DCOM) (EventID: 10016) (User: Hribovi)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli Hribovi\Stanislav (SID: S-1-5-21-3391450833-3303722570-559582778-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/03/2019 03:16:41 PM) (Source: DCOM) (EventID: 10016) (User: Hribovi)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli Hribovi\Stanislav (SID: S-1-5-21-3391450833-3303722570-559582778-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/02/2019 07:36:15 PM) (Source: DCOM) (EventID: 10016) (User: Hribovi)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli Hribovi\Stanislav (SID: S-1-5-21-3391450833-3303722570-559582778-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/02/2019 07:30:09 PM) (Source: DCOM) (EventID: 10016) (User: Hribovi)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Hribovi\Stanislav (SID: S-1-5-21-3391450833-3303722570-559582778-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/02/2019 06:50:07 PM) (Source: DCOM) (EventID: 10016) (User: Hribovi)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Hribovi\Stanislav (SID: S-1-5-21-3391450833-3303722570-559582778-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/02/2019 06:41:32 PM) (Source: DCOM) (EventID: 10016) (User: Hribovi)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Hribovi\Stanislav (SID: S-1-5-21-3391450833-3303722570-559582778-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/02/2019 06:36:02 PM) (Source: DCOM) (EventID: 10016) (User: Hribovi)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Hribovi\Stanislav (SID: S-1-5-21-3391450833-3303722570-559582778-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2019-03-05 22:20:00.613
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-05 22:20:00.436
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-29 17:29:41.029
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-29 17:29:40.893
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\PingPlotter 5\System.ValueTuple.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-25 15:02:23.938
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-25 15:02:23.927
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-25 15:02:23.839
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-25 15:02:23.828
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 42%
Total physical RAM: 8084.23 MB
Available physical RAM: 4675.68 MB
Total Virtual: 17516.6 MB
Available Virtual: 11370.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:145.43 GB) (Free:40.19 GB) NTFS
Drive d: () (Fixed) (Total:785.03 GB) (Free:139.58 GB) NTFS

\\?\Volume{c9ad8ebf-6127-4c91-b074-efb4b2219791}\ () (Fixed) (Total:0.83 GB) (Free:0.45 GB) NTFS
\\?\Volume{06272213-33f3-4b7d-8c1a-fce0a5328489}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B8B72C01)

Partition: GPT.

==================== End of Addition.txt ============================

[JaRon]

ahoj,
to, ze Ti chodi na mail spam prip. zavirene maily neznamena, ze Tvoj PC je zavireny.
Tvoja email.adresa sa dostala k nejakému spambotu prip. nejaky uzivatel z Tvojich kontaktov ma zavireny PC
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
2019-03-26 21:45 - 2019-04-03 15:54 - 000000016 _____ () C:\Users\Stanislav\AppData\Local\Temp\efec34c13c34e94d0100890c376276ed.dll
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Stanislav\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Stanislav\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]



EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[mech50]

prikladam log

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Stanislav (08-04-2019 12:26:43) Run:3
Running from C:\Users\Stanislav\Desktop
Loaded Profiles: Stanislav (Available Profiles: Stanislav & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
2019-03-26 21:45 - 2019-04-03 15:54 - 000000016 _____ () C:\Users\Stanislav\AppData\Local\Temp\efec34c13c34e94d0100890c376276ed.dll
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Stanislav\Data aplikac�:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Stanislav\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]



EmptyTemp:
Reboot:
End
*****************

[JaRon]

bud si ten log neskopiroval cely, alebo neprebehol fix

[mech50]

Zajimave, jelikoz me to odhlasilo od vseho v prohlizeci, takze neco probehnout muselo, kazdopadne zitra zkusim znovu.

[mech50]

Zdravim po delší době, neměl jsem dřive čas, chyba byla u mě. Zde je celý log

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Stanislav (08-04-2019 12:26:43) Run:3
Running from C:\Users\Stanislav\Desktop
Loaded Profiles: Stanislav (Available Profiles: Stanislav & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
2019-03-26 21:45 - 2019-04-03 15:54 - 000000016 _____ () C:\Users\Stanislav\AppData\Local\Temp\efec34c13c34e94d0100890c376276ed.dll
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Stanislav\Data aplikac�:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Stanislav\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]



EmptyTemp:
Reboot:
End
*****************

C:\Users\Stanislav\AppData\Local\Temp\efec34c13c34e94d0100890c376276ed.dll => moved successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
C:\WINDOWS\Temp => ":$DATA" ADS removed successfully
"C:\Users\Stanislav\Data aplikac�" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
C:\Users\Stanislav\AppData\Roaming => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8675328 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 79748810 B
Java, Flash, Steam htmlcache => 320647364 B
Windows/system/drivers => 75903 B
Edge => 1309902 B
Chrome => 0 B
Firefox => 1095152453 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 12274 B
LocalService => 9924 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Stanislav => 33928803 B
DefaultAppPool => 0 B

RecycleBin => 264144 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:27:57 ====

[Diallix]

Zaskocim za kolegy.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

AlternateDataStreams: C:\Users\Stanislav\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.