kontrola po podivné aktivitě jednoho souboru

[out_of_space]

Dobrý den, poprosil bych o kontrolu logu. Včera ZoneAlarm zaznamenal podivnou aktivitu souboru cef_subprocess.exe, která je v adresáři s hrou World of tanks. Během několika minut zkoušel šahat na hromadu rozličných souborů (systémové, Firefox, CCleaner, grafický programy, Avira, atd.). Všechno jsem zamítnul a soubor hodil do koše, úplně ještě nemazal, kdyby byl potřeba. Projel jsem ho Avirou a virustotal a vypadá v pořádku.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-01-2021
Ran by jakub (administrator) on JAKUB-PC (18-01-2021 17:19:05)
Running from C:\Users\jakub\Desktop
Loaded Profiles: jakub
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\2.00.10\atkexComSvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [325856 2020-01-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Run: [] => [X]
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55872 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2015B39B-EC85-4784-AF46-46DA41073525} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-05] (Google LLC -> Google LLC)
Task: {533085DC-48DD-47E2-ACA8-F6843C64211E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5495550A-3C02-4C33-A0D0-A5E9AA4CF6BE} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233184 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {77024E4C-6B2E-4433-8D2B-29348FFB4C53} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {914A09D4-0AE8-4C15-8A71-204F7B95EAFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-05] (Google LLC -> Google LLC)
Task: {9D48CE40-E6C9-42CC-82B7-2D567141251E} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {C38E3BF6-EA7E-426A-9073-A8A9648BACF4} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2020-12-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {EAB8389D-10AF-40A7-B8AD-CB2164745344} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F4CFB372-2790-459D-B874-80B372C2828C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-08] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AD083C53-B007-4D18-9361-58B144428CDE}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\jakub\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-28]

FireFox:
========
FF DefaultProfile: nlhpu5mp.default
FF ProfilePath: C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release [2021-01-18]
FF DownloadDir: F:\rozbaleno
FF Session Restore: Mozilla\Firefox\Profiles\2mscpk3t.default-release -> is enabled.
FF NewTabOverride: Mozilla\Firefox\Profiles\2mscpk3t.default-release -> Enabled: pavel.sherbakov@gmail.com
FF NewTabOverride: Mozilla\Firefox\Profiles\2mscpk3t.default-release -> Enabled: @contain-facebook
FF NewTabOverride: Mozilla\Firefox\Profiles\2mscpk3t.default-release -> Enabled: uBlock0@raymondhill.net
FF NewTabOverride: Mozilla\Firefox\Profiles\2mscpk3t.default-release -> Enabled: wikipedia@search.mozilla.org
FF Extension: (Facebook Container) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\@contain-facebook.xpi [2020-09-29]
FF Extension: (BetterTTV) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\firefox@betterttv.net.xpi [2020-12-18]
FF Extension: (New Tab Page) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\pavel.sherbakov@gmail.com.xpi [2020-11-16]
FF Extension: (RescueTime for Firefox) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\rescuetime_firefox@rescuetime.com.xpi [2020-05-27]
FF Extension: (uBlock Origin) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-01-04]
FF Extension: (Matte Black (Red)) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2020-10-21]
FF ProfilePath: C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default [2021-01-18]
FF DownloadDir: F:\staženo
FF Homepage: Mozilla\Firefox\Profiles\nlhpu5mp.default -> resource://firefox-at-usepanda-dot-com/data/index.html
FF NewTab: Mozilla\Firefox\Profiles\nlhpu5mp.default -> resource://firefox-at-usepanda-dot-com/data/index.html
FF Session Restore: Mozilla\Firefox\Profiles\nlhpu5mp.default -> is enabled.
FF NewTabOverride: Mozilla\Firefox\Profiles\nlhpu5mp.default -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\nlhpu5mp.default -> Enabled: {d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}
FF Extension: (Avira Browser Safety) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\abs@avira.com.xpi [2020-01-23]
FF Extension: (Group Speed Dial) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2020-01-25]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2019-05-14]
FF Extension: (QR Code Generator) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\jid0-RwTySlpoKU14fw7yw2AflOAihhA@jetpack.xpi [2017-07-27]
FF Extension: (To Google Translate) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-08-21]
FF Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2020-01-11]
FF Extension: (Avira Password Manager) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\passwordmanager@avira.com [2020-02-03]
FF Extension: (TinEye Reverse Image Search) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\tineye@ideeinc.com.xpi [2019-07-10]
FF Extension: (Toggl Button: Productivity & Time Tracker) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\toggl-button@toggl.com.xpi [2020-01-28]
FF Extension: (uBlock Origin) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\uBlock0@raymondhill.net.xpi [2019-12-28]
FF Extension: (ColorZilla) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2017-07-14]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2019-12-28]
FF Extension: (Ecosia - The search engine that plants trees) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2018-08-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2020-02-04] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default [2021-01-18]
CHR Extension: (Avira Password Manager) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2020-06-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-02]
CHR Extension: (Chrome Media Router) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-15]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\2.00.10\atkexComSvc.exe [411096 2017-07-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [975832 2017-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [244888 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-12-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1748552 2020-05-06] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-05-06] (GOG Sp. z o.o. -> GOG.com)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2021-01-16] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2021-01-16] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2020-03-06] (Even Balance, Inc. -> )
R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2020-01-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2020-01-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-06-01] (ASUSTeK Computer Inc. -> )
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222200 2020-11-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [178720 2020-05-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-31] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 VBAudio100VMVAIO3MME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio364_win7.sys [63936 2020-10-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [63936 2020-10-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [63936 2020-10-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [461240 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
U3 iswSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-18 17:19 - 2021-01-18 17:19 - 000027293 _____ C:\Users\jakub\Desktop\FRST.txt
2021-01-18 17:18 - 2021-01-18 17:17 - 002295296 _____ (Farbar) C:\Users\jakub\Desktop\FRST64.exe
2021-01-16 18:00 - 2021-01-16 18:00 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Free Lives
2021-01-15 20:40 - 2021-01-15 20:40 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2021-01-12 19:17 - 2021-01-13 16:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-01-09 23:59 - 2021-01-09 23:59 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Octavi Navarro
2021-01-09 17:43 - 2021-01-09 17:43 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Alt Shift
2021-01-08 17:06 - 2021-01-08 17:06 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-01-07 17:17 - 2021-01-07 17:17 - 000001805 _____ C:\Users\jakub\Desktop\Spotify.lnk
2021-01-07 17:17 - 2021-01-07 17:17 - 000001791 _____ C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2021-01-04 20:49 - 2021-01-04 20:49 - 000000811 _____ C:\Users\jakub\Desktop\World of Tanks EU.lnk
2021-01-04 20:29 - 2021-01-04 20:29 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Acid Wizard Studio
2021-01-03 01:20 - 2021-01-03 01:20 - 000000000 ____D C:\Users\jakub\AppData\Local\Frontier Developments
2021-01-03 01:20 - 2021-01-03 01:20 - 000000000 ____D C:\ProgramData\Frontier Developments
2021-01-01 18:06 - 2021-01-01 18:06 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Beam Team Games
2020-12-31 17:53 - 2020-12-31 17:53 - 000000000 ____D C:\Users\jakub\AppData\Local\Solitairica
2020-12-25 10:30 - 2020-12-25 10:30 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Size Five Games
2020-12-25 10:22 - 2020-12-25 10:22 - 000000000 ____D C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2020-12-23 23:06 - 2021-01-09 09:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-23 17:33 - 2020-12-23 17:33 - 000000000 ____D C:\Users\jakub\AppData\Local\Kalypso Media
2020-12-23 17:32 - 2020-12-27 09:42 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Tropico 5
2020-12-23 17:32 - 2020-12-23 17:32 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Kalypso Media
2020-12-22 17:31 - 2020-12-22 17:31 - 000000000 ____D C:\Users\jakub\AppData\Local\The Creative Assembly
2020-12-21 20:11 - 2020-12-21 20:11 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Attu Games
2020-12-20 17:38 - 2020-12-20 17:38 - 000000000 ____D C:\Users\jakub\AppData\Local\DefenseGrid
2020-12-19 11:51 - 2020-12-19 11:51 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-18 17:19 - 2019-04-10 17:24 - 000000000 ____D C:\FRST
2021-01-18 16:58 - 2020-04-16 07:38 - 000000000 ____D C:\Program Files\CCleaner
2021-01-18 16:53 - 2009-07-14 05:45 - 000031664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-18 16:53 - 2009-07-14 05:45 - 000031664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-18 16:52 - 2011-04-12 09:34 - 000676832 _____ C:\Windows\system32\perfh005.dat
2021-01-18 16:52 - 2011-04-12 09:34 - 000145750 _____ C:\Windows\system32\perfc005.dat
2021-01-18 16:52 - 2009-07-14 06:13 - 001609358 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-18 16:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-01-18 16:50 - 2020-02-03 19:59 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-18 16:49 - 2020-02-03 20:00 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Mozilla
2021-01-18 16:47 - 2020-02-03 20:20 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-18 16:47 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-18 01:51 - 2020-02-03 20:26 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-18 01:51 - 2018-08-22 20:44 - 000000000 ____D C:\Users\jakub\AppData\Roaming\discord
2021-01-17 21:47 - 2017-08-13 00:05 - 000000000 ____D C:\Users\jakub\AppData\Roaming\obs-studio
2021-01-17 00:28 - 2020-12-05 13:21 - 000000000 ____D C:\ProgramData\Origin
2021-01-17 00:28 - 2015-06-13 13:15 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Origin
2021-01-16 21:03 - 2020-12-05 13:22 - 000000000 ____D C:\Program Files (x86)\Origin
2021-01-16 21:03 - 2015-06-13 13:32 - 000000000 ____D C:\Users\jakub\AppData\Local\Origin
2021-01-15 20:41 - 2020-11-21 18:55 - 000000015 _____ C:\Users\jakub\AppData\Roaming\obs-virtualcam.txt
2021-01-15 20:40 - 2020-11-22 16:35 - 000000000 ____D C:\Users\jakub\Documents\SavedGames
2021-01-14 16:30 - 2020-02-03 20:12 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2021-01-14 16:26 - 2020-02-03 22:29 - 000000000 ____D C:\Windows\system32\MRT
2021-01-14 16:22 - 2020-02-03 22:29 - 135062968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-01-14 16:19 - 2020-02-03 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-13 16:03 - 2020-04-16 07:38 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-11 22:16 - 2020-02-05 21:09 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-07 17:27 - 2017-07-13 20:07 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Spotify
2021-01-07 17:17 - 2017-07-14 11:07 - 000000000 ____D C:\Users\jakub\AppData\Local\Spotify
2021-01-05 20:41 - 2020-11-26 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-01-04 20:49 - 2020-06-28 09:50 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-01-04 20:48 - 2020-06-28 09:50 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Wargaming.net
2021-01-03 01:20 - 2020-02-03 20:07 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-03 01:20 - 2018-12-16 21:32 - 000000000 ____D C:\Users\jakub\AppData\Local\EpicGamesLauncher
2021-01-01 09:31 - 2020-07-08 08:36 - 000003596 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-12-30 17:06 - 2019-12-28 18:42 - 000000000 ____D C:\Users\jakub\AppData\Local\Ori and the Blind Forest DE
2020-12-29 19:19 - 2020-02-03 20:54 - 000003664 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-12-27 11:40 - 2020-02-04 10:02 - 000000000 ____D C:\Users\jakub\AppData\Roaming\EasyAntiCheat
2020-12-27 09:22 - 2020-10-11 18:04 - 000000000 ____D C:\Users\jakub\Documents\Giana Sisters - Twisted Dreams
2020-12-27 09:21 - 2020-12-05 13:36 - 000000000 ____D C:\Users\jakub\AppData\Local\BLACKHOLE
2020-12-19 11:02 - 2014-02-03 20:03 - 000000132 _____ C:\Users\jakub\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2020-12-19 10:59 - 2020-10-10 13:41 - 000001195 _____ C:\Users\jakub\Desktop\Stream Raiders.lnk

==================== Files in the root of some directories ========

2020-04-27 11:38 - 2020-04-27 11:38 - 000000016 ____H () C:\Program Files (x86)\Common Files\asv2-astg
2020-04-27 11:39 - 2020-04-27 11:39 - 000000016 ____H () C:\Program Files (x86)\Common Files\cld2-astg
2020-04-27 11:40 - 2020-04-27 11:40 - 000000016 ____H () C:\Program Files (x86)\Common Files\dys1-astg
2020-04-27 11:41 - 2020-04-27 11:41 - 000000020 ____H () C:\Program Files (x86)\Common Files\inq1-astg
2020-04-27 11:42 - 2020-04-27 11:42 - 000000016 ____H () C:\Program Files (x86)\Common Files\ins1-astg
2020-04-27 11:44 - 2020-04-27 11:44 - 000000016 ____H () C:\Program Files (x86)\Common Files\mir1-astg
2020-04-27 11:45 - 2020-04-27 11:45 - 000000016 ____H () C:\Program Files (x86)\Common Files\pcs2-astg
2020-04-27 11:46 - 2020-04-27 11:46 - 000000016 ____H () C:\Program Files (x86)\Common Files\rst1-astg
2020-04-27 11:47 - 2020-04-27 11:47 - 000000016 ____H () C:\Program Files (x86)\Common Files\sty1-astg
2020-04-27 11:50 - 2020-04-27 11:50 - 000000016 ____H () C:\Program Files (x86)\Common Files\vs2-astg
2020-04-27 11:52 - 2020-04-27 11:52 - 000000016 ____H () C:\Program Files (x86)\Common Files\ws2-astg
2018-07-20 08:02 - 2018-07-20 08:02 - 000000132 _____ () C:\Users\jakub\AppData\Roaming\Adobe Formát AIFF CS6 – předvolby
2014-11-01 00:02 - 2017-11-15 22:19 - 000000132 _____ () C:\Users\jakub\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2014-02-03 20:03 - 2020-12-19 11:02 - 000000132 _____ () C:\Users\jakub\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-01-28 15:45 - 2016-07-23 13:41 - 000000620 _____ () C:\Users\jakub\AppData\Roaming\burnaware.ini
2014-07-27 20:02 - 2014-09-05 19:35 - 000000132 _____ () C:\Users\jakub\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2020-11-21 18:55 - 2021-01-15 20:41 - 000000015 _____ () C:\Users\jakub\AppData\Roaming\obs-virtualcam.txt
2020-09-26 08:34 - 2020-09-26 08:34 - 000332800 _____ () C:\Users\jakub\AppData\Roaming\patcher.dll
2020-10-02 12:05 - 2020-10-02 12:08 - 000060311 _____ () C:\Users\jakub\AppData\Roaming\VoiceMeeterPotatoDefault.xml
2020-02-24 18:45 - 2020-04-11 08:25 - 000000081 _____ () C:\Users\jakub\AppData\Local\.bidstack.fault
2014-02-17 19:38 - 2020-11-14 19:15 - 000001480 _____ () C:\Users\jakub\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-07-23 13:38 - 2016-07-23 13:38 - 000000031 _____ () C:\Users\jakub\AppData\Local\burnaware.ini
2020-01-31 12:27 - 2020-01-31 12:27 - 000000000 _____ () C:\Users\jakub\AppData\Local\oobelibMkey.log
2020-06-10 23:14 - 2020-06-10 23:14 - 000000750 _____ () C:\Users\jakub\AppData\Local\recently-used.xbel
2014-03-22 23:12 - 2014-03-30 14:04 - 000007605 _____ () C:\Users\jakub\AppData\Local\Resmon.ResmonCfg
2008-02-05 14:28 - 2008-02-05 14:28 - 000000051 _____ () C:\Users\jakub\AppData\Local\setup.txt
2016-08-17 19:27 - 2017-07-14 23:05 - 000000425 _____ () C:\Users\jakub\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-01-12 01:17
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2021
Ran by jakub (18-01-2021 17:20:08)
Running from C:\Users\jakub\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2020-02-03 18:43:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3002702695-1329728289-897546576-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3002702695-1329728289-897546576-1004 - Limited - Enabled)
Guest (S-1-5-21-3002702695-1329728289-897546576-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3002702695-1329728289-897546576-1002 - Limited - Enabled)
jakub (S-1-5-21-3002702695-1329728289-897546576-1000 - Administrator - Enabled) => C:\Users\jakub

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - Eastern European (Group 1) (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe Creative Suite 6 Design Standard (HKLM-x32\...\{0327A4BF-62BF-48BB-8928-B971B749E9E1}) (Version: 6 - Adobe Systems Incorporated)
Affinity Photo (HKLM\...\{D39FC096-62B2-4F21-BA48-04DAC525F929}) (Version: 1.8.3.641 - Serif (Europe) Ltd)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.45.1 - Asmedia Technology)
Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team)
Autosaviour v2.0.1 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{4304D0CC-D1F7-48B7-A1FA-6AFB26418E02}) (Version: 2.0.1 - Astute Graphics Limited)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2101.2069 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.42.14101 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.9.0.11050 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blender (HKLM\...\{892913E7-EB3C-43F8-ABDE-9333ABBF959A}) (Version: 2.82.0 - Blender Foundation)
Boxshot 5 (HKLM\...\Boxshot 5) (Version: 5.2.8 - Appsforlife Ltd)
calibre 64bit (HKLM\...\{69BA0606-DA61-4747-BF34-00A6BE8E9B6B}) (Version: 4.13.0 - Kovid Goyal)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Carmageddon TDR 2000 (HKLM-x32\...\1146738698_is1) (Version: 1.0 - GOG.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Close To The Sun CZ (HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Close To The Sun CZ) (Version: - )
ColliderScribe v2.0.0 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{BCF1C01A-71C1-4E21-8F24-5309A08A2BB1}) (Version: 2.0.0 - Astute Graphics Limited)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
DynamicSketch v1.6.6 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{C23A8A3A-E18C-4B1E-BD12-F1C4E4E8E3DD}) (Version: 1.6.6 - Astute Graphics Limited)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version: - Q, Timeslip)
Fe (HKLM-x32\...\{D6F315B0-EAB6-4210-963F-6393BE9EA1CD}) (Version: - Electronic Arts, Inc.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Check Point SBA (HKLM\...\{C8325D51-E514-475B-AFF2-550C3527E563}) (Version: 86.5.9511 - Check Point Software Technologies Ltd.) Hidden
InkQuest v1.1.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{83FA3DA6-F8BB-421A-ADE0-EDABC6C7838A}) (Version: 1.1.5 - Astute Graphics Limited)
InkScribe v1.6.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{D49A283C-F7A6-49FF-BB62-C946AE44F1A2}) (Version: 1.6.5 - Astute Graphics Limited)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.68.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.68.1 - Hendrik Leppkes)
LibreOffice 6.3.5.2 (HKLM\...\{9FEFBA80-8687-4AC1-83F7-3CD3E9BAF275}) (Version: 6.3.5.2 - The Document Foundation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MirrorMe v1.1.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{229CD2F2-481D-4EEE-88D6-DDE2FB1E250E}) (Version: 1.1.5 - Astute Graphics Limited)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.4.2 - Mozilla)
Mozilla Thunderbird 78.6.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.6.1 (x86 cs)) (Version: 78.6.1 - Mozilla)
My Game Long Name (HKLM\...\UDK-870a4197-06dd-4440-9bbb-e834aff98d10) (Version: - Epic Games, Inc.)
NexusFile (5.3.3.5532) (HKLM-x32\...\{ED0FB0C1-CD06-4C29-B903-8A91D4BF5B61}_is1) (Version: - xiles)
nexusfont 2.6 (ver 2.6.2.1870) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.79 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenToonz version 1.4.0 (HKLM\...\{DF519282-600D-4E03-9190-6046329B1CB4}_is1) (Version: 1.4.0 - DWANGO Co., Ltd.)
Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 460.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 460.79 - NVIDIA Corporation) Hidden
Pantone Color Manager 2.4.0.66 (HKLM-x32\...\Pantone Color Manager_is1) (Version: 2.4.0.66 - PANTONE)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Phantasm v3.1.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{EA439092-029D-4AAD-844F-93A99D8A8928}) (Version: 3.1.5 - Astute Graphics Limited)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Rasterino v1.1.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{03D8C4A5-7B98-4BC1-9E34-CECDB3993470}) (Version: 1.1.5 - Astute Graphics Limited)
RawTherapee verze 5.8 (HKLM\...\RawTherapee5.8_is1) (Version: 5.8 - rawtherapee.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
RescueTime 2.14.5.3 (HKLM-x32\...\{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1) (Version: - RescueTime.com)
Sea of Solitude (HKLM-x32\...\{E954B6D6-AE32-401E-8628-D2FF1F30119D}}) (Version: - Electronic Arts, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Spotify) (Version: 1.1.47.684.g136419d9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stream Raiders (HKLM-x32\...\Stream Raiders) (Version: - )
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 20.12.9.680 - StreamElements)
Stylism v1.1.4 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{EC2992E2-A4B1-40C8-B2E6-5AA41527D594}) (Version: 1.1.4 - Astute Graphics Limited)
SubScribe v1.2.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{8B8CE331-DF4B-4B42-87E2-455A3A8E9AAB}) (Version: 1.2.5 - Astute Graphics Limited)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: - Electronic Arts, Inc.)
UNRAVEL™ two (HKLM-x32\...\{5DB117FE-6F05-40AC-B7A3-5C67641F14C0}) (Version: - Electronic Arts, Inc.)
Updated Unofficial Fallout 3 Patch v2.3.2 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 2.3.2 - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.4 - Ubisoft)
VectorScribe v2.3.4 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{B3F8A265-5130-4C00-8433-019BA17AB328}) (Version: 2.3.4 - Astute Graphics Limited)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.2.11 - Black Tree Gaming Ltd.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
Wargaming.net Game Center (HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Wargaming.net Game Center) (Version: 20.7.2.2851 - Wargaming.net)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WidthScribe v2.0.2 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{4FA40650-07AA-4490-B59E-E07CD3566563}) (Version: 2.0.2 - Astute Graphics Limited)
World of Tanks EU (HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.002.1006 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{2F77A309-CAB9-4C8A-8ED0-8C8DA3FF0744}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.8.038.18284 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{DA17D180-7193-4070-B085-9827DB80C2F8}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio) [File not signed]
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2015-09-24 16:41 - 2015-09-24 16:41 - 000019968 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\cs_CZ\acrotray.cze
2020-02-05 22:09 - 2021-01-18 16:48 - 000024576 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\2.00.10\PEbiosinterface32.dll
2019-11-04 15:09 - 2019-11-04 15:09 - 000059392 _____ () [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\SA\dict-vectorizer.dll
2015-09-24 16:41 - 2015-09-24 16:41 - 000334848 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\cs_CZ\Acrobat Elements\ContextMenu64.cze
2020-02-05 22:10 - 2017-06-01 15:24 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.31\ASACPI.DLL
2019-11-27 11:18 - 2019-11-27 11:18 - 000067072 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt64.dll
2019-11-27 11:18 - 2019-11-27 11:18 - 000019968 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr64.dll
2020-02-04 14:36 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-02-03 20:47 - 2013-05-09 17:45 - 000277504 _____ (JetAudio) [File not signed] C:\Program Files (x86)\JetAudio\JetFlExt64.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2020-01-20 21:16 - 2020-01-20 21:16 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
2003-02-20 19:19 - 2003-02-20 19:19 - 000253952 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
2003-02-21 04:42 - 2003-02-21 04:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll
2019-11-10 11:38 - 2019-11-10 11:38 - 001124352 _____ (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll
2019-11-27 11:27 - 2019-11-27 11:27 - 001189888 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\x86\SQLite.Interop.dll
2020-02-04 03:06 - 2020-02-04 03:06 - 000913920 _____ (ServiceStack) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\1c451b416fc7b4c8b1ecd15a4bb91187\ServiceStack.Text.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\jakub\AppData\Local\Temp:com.affinity.photo.2 [241]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-3002702695-1329728289-897546576-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Calibre2\
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RescueTime.lnk => C:\Windows\pss\RescueTime.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B5D07D6B-1214-4107-B722-BC17AE899170}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{58ABBA5F-1105-4A18-AA04-015217BD2B4E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B979981C-AF1C-4AC1-9125-F363A0BA9442}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{12AD1B9D-E08C-4C13-9377-C18B652FD832}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{24CBB147-754D-4E7D-9726-778AB02BD3DB}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.) [File not signed]
FirewallRules: [{D7A532C6-F177-49BC-9F94-A3D9237EC123}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.) [File not signed]
FirewallRules: [{C7B59647-3F83-4765-960B-E38F8A2EFA7B}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe => No File
FirewallRules: [{C9D05E8A-98D0-444B-BE3E-ACBEDA838D20}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe => No File
FirewallRules: [{8E949993-12E6-4780-A59C-EB5210D18D5A}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe => No File
FirewallRules: [{EC26444E-D77C-42E8-A189-FBDAA4FF2AE7}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe => No File
FirewallRules: [{7BA3E189-60B0-40F5-94D3-DECA7ADCCDA7}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe => No File
FirewallRules: [{5C06E40B-4893-4449-AFE8-5463005940E1}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe => No File
FirewallRules: [{42397776-AA01-4ADE-ADE9-CC2AEBCE062A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EB7A4E79-CB4B-4A21-9F47-5D561A644780}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C5B72334-C455-497E-AC50-B7EB2CC9D14E}] => (Allow) F:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe => No File
FirewallRules: [{E037A63C-774F-4566-A673-EEBFF1E3714C}] => (Allow) F:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe => No File
FirewallRules: [{4B41E720-4310-470C-829F-BA292A46EDC5}] => (Allow) F:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe => No File
FirewallRules: [{AAFFCBF0-A5EF-4A65-8F75-3336F1ED1DFA}] => (Allow) F:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe => No File
FirewallRules: [{4030C564-0844-47DF-ADAA-F87FFD052882}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{62A4F09A-DB92-4BAB-A8B7-2FB96B6EB9FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D81D2404-CB81-4EAA-AFD9-D77BEA755CD2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{CA9A57D7-D26F-4DC2-B5BB-68BCBBDF1949}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{822C9083-C868-4B84-A13B-69FB04BE06AA}] => (Allow) F:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe => No File
FirewallRules: [{5D13C990-4D6E-49DC-98B1-69B32DF6A39A}] => (Allow) F:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe => No File
FirewallRules: [{17412ADE-8D6D-4B21-95A6-848DB89EAE2F}] => (Allow) F:\hry\steam\steamapps\common\Mashinky\Mashinky.exe => No File
FirewallRules: [{B179C414-5C15-45AC-9311-0721248FE85A}] => (Allow) F:\hry\steam\steamapps\common\Mashinky\Mashinky.exe => No File
FirewallRules: [{ED138204-27A5-4889-A5DD-B47223199F94}] => (Allow) F:\hry\steam\steamapps\common\PUSS!\PUSS!.exe => No File
FirewallRules: [{1EC13E62-5E6F-4E5F-9A08-6B80B53D12DF}] => (Allow) F:\hry\steam\steamapps\common\PUSS!\PUSS!.exe => No File
FirewallRules: [{B38EA7DC-178D-4968-8375-924097E9BD79}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe => No File
FirewallRules: [{BFEC7C83-F3BA-41F9-B1A6-9B86AC2B2AD0}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe => No File
FirewallRules: [{AAA8B981-1869-4C42-8193-C26E35A638E4}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe => No File
FirewallRules: [{A95249A9-97E2-43EA-A749-99EA7ACA6ABB}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe => No File
FirewallRules: [{9F3F9569-D3A8-44DE-BD9B-5911D5BBB9CF}] => (Allow) F:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe => No File
FirewallRules: [{C31F7F5A-7A19-478A-857C-8C9420E67FF3}] => (Allow) F:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe => No File
FirewallRules: [{E8928B49-EC93-44F4-8424-CAE564A51476}] => (Allow) F:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe => No File
FirewallRules: [{7709BD8D-CFEA-454D-B640-3D8723EA8985}] => (Allow) F:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe => No File
FirewallRules: [{AD4C1752-4E9B-4917-AFFB-E4262928575C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{F7254CD1-AFE1-4BAE-8B08-1D8798B6EC10}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{F01049C7-1911-4B9B-B5ED-D0D80DDF53C6}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{81C11DF6-95A4-46A4-A388-B7107DE48E25}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [TCP Query User{3E475C03-2979-4AB5-BF22-9CDC228F768C}F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe => No File
FirewallRules: [UDP Query User{1AEFEF6D-30B7-4142-973E-7B0AD74E81D6}F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe => No File
FirewallRules: [{17E0A457-3033-4A20-ADC3-F8B854A73970}] => (Allow) F:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{31AE0262-EC1C-4A37-A69A-51176FBC379E}] => (Allow) F:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{CB7FF145-62B2-4749-BF80-3B762EE63B53}] => (Allow) F:\hry\steam\steamapps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe => No File
FirewallRules: [{797B3EF9-0B4B-4B70-A241-FD41E6D8E4A7}] => (Allow) F:\hry\steam\steamapps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe => No File
FirewallRules: [{74D6E38B-901E-4A20-9076-C050EFFDC281}] => (Allow) F:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe => No File
FirewallRules: [{62F8E7D1-F5E5-4979-B190-9A19243D4F12}] => (Allow) F:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe => No File
FirewallRules: [{51B76350-F63D-4755-9A0E-665FBBCA0C39}] => (Allow) F:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe => No File
FirewallRules: [{C122104D-F84A-4D39-8218-69A0A537BE67}] => (Allow) F:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe => No File
FirewallRules: [{B07AE6FC-6C90-4885-8D3C-F749E2FFAB5B}] => (Allow) F:\hry\steam\steamapps\common\Feudal Alloy\FeudalAlloy.exe => No File
FirewallRules: [{641DABEF-4CFD-4180-83A8-7E5096EC3255}] => (Allow) F:\hry\steam\steamapps\common\Feudal Alloy\FeudalAlloy.exe => No File
FirewallRules: [TCP Query User{1F3A5A5E-AFC1-40E8-833E-A2F81D1B21DA}F:\hry\wargaming.net\gamecenter\wgc.exe] => (Allow) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{69E54292-94D8-44EB-8C28-DE1FED36574E}F:\hry\wargaming.net\gamecenter\wgc.exe] => (Allow) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{CB07E24A-6724-4558-97D7-46F976B6B6B1}] => (Block) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{5A5B17DB-87AB-44B2-997B-0D688FAFDD3D}] => (Block) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{4256C2FE-29B5-46E2-9A19-1BF02B89068C}F:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) F:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{A96DE001-EF84-498C-A5DC-282CE23421A8}F:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) F:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [{B4C61F24-7B62-46FE-86B8-F039158070B3}] => (Allow) F:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{193DEAE7-3966-40D0-8784-838982E13A30}] => (Allow) F:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{D2971AD2-680D-4276-91D0-A3753FC4481D}] => (Allow) F:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe => No File
FirewallRules: [{D3A44E34-A449-4127-815D-2E3BE07DB6FD}] => (Allow) F:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe => No File
FirewallRules: [{DF8E92DB-FB2D-4A79-89E2-5F94B0434D3B}] => (Allow) F:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe => No File
FirewallRules: [{2F4516E8-C026-4A51-B0DD-F13558C4A967}] => (Allow) F:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe => No File
FirewallRules: [{CE84D752-2F55-4B9E-BAB4-564558D8E860}] => (Allow) F:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe => No File
FirewallRules: [{75E6F033-768E-414E-A3EB-58907F46FC83}] => (Allow) F:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe => No File
FirewallRules: [{ADA4CE28-4853-4A9D-B8EC-0D5DD32BD1B1}] => (Allow) F:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe => No File
FirewallRules: [{74EACFAF-0A2D-44F3-A55B-767C7D2476C0}] => (Allow) F:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe => No File
FirewallRules: [{49268D99-3B9E-4D98-9C25-32DCACDF9AA4}] => (Allow) F:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe => No File
FirewallRules: [{8D797412-9A16-4AD2-B22D-8928E7701FA0}] => (Allow) F:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe => No File
FirewallRules: [{10EDC097-6F14-4386-8C58-31983FEF0137}] => (Allow) F:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe => No File
FirewallRules: [{0C063107-FACD-4587-AE78-8EE41196397D}] => (Allow) F:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe => No File
FirewallRules: [{FE76E071-ED3B-4854-ADC5-79E2151C0982}] => (Allow) F:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe => No File
FirewallRules: [{B2E990A5-874C-4E89-B427-9DC3B09FD0A9}] => (Allow) F:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe => No File
FirewallRules: [{25D3CAFC-892F-4338-B889-78C0CA8FFEFD}] => (Allow) F:\hry\steam\steamapps\common\GoNNER\Gonner.exe => No File
FirewallRules: [{F23C6153-BC28-4B82-B023-93B5FA346205}] => (Allow) F:\hry\steam\steamapps\common\GoNNER\Gonner.exe => No File
FirewallRules: [{367B4779-FE2D-4A89-B225-3B8B7E917764}] => (Allow) F:\hry\steam\steamapps\common\Arrog\Arrog.exe => No File
FirewallRules: [{312E88A4-082E-4E51-B9CA-6FB49A9608A8}] => (Allow) F:\hry\steam\steamapps\common\Arrog\Arrog.exe => No File
FirewallRules: [{77FE0FFD-20AE-4A0B-86D1-9107FB3ED66A}] => (Allow) F:\hry\steam\steamapps\common\Iris.Fall\IrisFall.exe => No File
FirewallRules: [{2DEB68FD-3471-4F4F-9926-40EADAB9E99B}] => (Allow) F:\hry\steam\steamapps\common\Iris.Fall\IrisFall.exe => No File
FirewallRules: [{62A6F29E-5696-46B7-88BE-71FE0BAE6F8B}] => (Allow) F:\hry\steam\steamapps\common\Original War\Owar.exe => No File
FirewallRules: [{217E0FF8-1803-4EE0-999D-0F0C59BEE20F}] => (Allow) F:\hry\steam\steamapps\common\Original War\Owar.exe => No File
FirewallRules: [{00D8DF2D-E55D-4E58-844F-8ADD757E6C1C}] => (Allow) F:\hry\steam\steamapps\common\Dex\Dex.exe => No File
FirewallRules: [{6DD6ADC6-C7DB-4283-A4A4-9E16E5B2D455}] => (Allow) F:\hry\steam\steamapps\common\Dex\Dex.exe => No File
FirewallRules: [{EF6C0BAF-1BF1-4456-ABA2-FEB6E4CFAF83}] => (Allow) F:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe => No File
FirewallRules: [{37B17525-D7DC-4BA5-A402-BA0BAE418B99}] => (Allow) F:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe => No File
FirewallRules: [{EC7AB74F-20AA-467E-8297-85620C4203D1}] => (Allow) C:\Program Files (x86)\Pantone Color Manager\PantoneColorManager.exe (X-Rite Incorporated -> X-Rite)
FirewallRules: [{2CA888C2-3F57-478C-817D-840620245F67}] => (Allow) C:\Program Files (x86)\Pantone Color Manager\PantoneColorManager.exe (X-Rite Incorporated -> X-Rite)
FirewallRules: [{72A996E5-435D-4CA7-B926-09F0F5BBA933}] => (Allow) G:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{6EA940AF-F51A-43E4-B6FC-162725284D5D}] => (Allow) G:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{84E39096-EEC7-40EC-A917-B0F79085C6D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\60 Parsecs!\60Parsecs.exe () [File not signed]
FirewallRules: [{D70C4283-6FCE-4AEB-8D31-C669EC925BDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\60 Parsecs!\60Parsecs.exe () [File not signed]
FirewallRules: [{7AC29804-9396-4455-A45A-8C8B6C848212}] => (Allow) G:\hry\steam\steamapps\common\Arrog\Arrog.exe () [File not signed]
FirewallRules: [{01D61A4F-3EE7-428F-A299-3E0A89F0B7C1}] => (Allow) G:\hry\steam\steamapps\common\Arrog\Arrog.exe () [File not signed]
FirewallRules: [{B00BAE08-4C5C-4506-9F36-893F7C629D8C}] => (Allow) G:\hry\steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{C57D4DC0-5A69-486F-8D4D-798EE0402AAA}] => (Allow) G:\hry\steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{F6FA6EFC-7509-47FE-AF7C-6D314BC0FDA3}] => (Allow) G:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe (Starbreeze Studios AB) [File not signed]
FirewallRules: [{11C6AF84-9186-4C32-A9EE-F9AB5B8A6DAC}] => (Allow) G:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe (Starbreeze Studios AB) [File not signed]
FirewallRules: [{0EF32ACC-3477-4017-A4FB-475084E8A32C}] => (Allow) G:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe (Starbreeze) [File not signed]
FirewallRules: [{2285D612-567B-4BE0-8CF7-8D6F7AD4A428}] => (Allow) G:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe (Starbreeze) [File not signed]
FirewallRules: [{74D140F0-5BD6-4998-BC2C-06F2DEFEFFA4}] => (Allow) G:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [File not signed]
FirewallRules: [{5B9BFC45-6EBC-44D7-86F5-56C0FEA8E172}] => (Allow) G:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [File not signed]
FirewallRules: [{1311836C-9B5E-4A68-B849-1B242290D9DF}] => (Allow) G:\hry\steam\steamapps\common\Dex\Dex.exe (Dreadlocks Ltd) [File not signed]
FirewallRules: [{F1E074C1-E640-4609-8D2F-E13EE9E6FACD}] => (Allow) G:\hry\steam\steamapps\common\Dex\Dex.exe (Dreadlocks Ltd) [File not signed]
FirewallRules: [{559B4CE5-920C-42C0-BD24-E6E2473D9FF1}] => (Allow) G:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe () [File not signed]
FirewallRules: [{E1EBEC45-82C3-4598-8E81-2E0D6D833B77}] => (Allow) G:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe () [File not signed]
FirewallRules: [{9BB0ADE2-D629-483D-9300-0746078356BD}] => (Allow) G:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{9AFD79BF-0E7D-4806-B3EC-B61391AEA301}] => (Allow) G:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{891BA795-10F2-4DF0-B340-F1327756AE49}] => (Allow) G:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{D9D553EC-E49F-49B9-8898-64DB7FBF959A}] => (Allow) G:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{2A81F2D0-91A7-4EE5-A21B-7B278AEE77AE}] => (Allow) G:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{84040FCC-37F5-4FDB-B52E-C55B9BE6EDA7}] => (Allow) G:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{87C64E50-72D3-47E5-B990-CCE6534EBB40}] => (Allow) G:\hry\steam\steamapps\common\The Gardens Between\TheGardensBetween.exe => No File
FirewallRules: [{2AE9373B-5E9A-4E11-8866-BBE0E3D0A164}] => (Allow) G:\hry\steam\steamapps\common\The Gardens Between\TheGardensBetween.exe => No File
FirewallRules: [{77F095B7-240C-4BF5-A84C-EB0E4E465C9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Gardens Between\TheGardensBetween.exe () [File not signed]
FirewallRules: [{E7F7AFE5-C48B-4F2D-996B-18824ADBAD23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Gardens Between\TheGardensBetween.exe () [File not signed]
FirewallRules: [{AC27B752-67BA-454F-974C-86EF07AC138B}] => (Allow) G:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe () [File not signed]
FirewallRules: [{76C46D18-AA0E-4A47-8912-AB81C6B3B253}] => (Allow) G:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe () [File not signed]
FirewallRules: [{567099B5-DAB2-4EB4-9968-90BFCC8EA452}] => (Allow) G:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F9BBF476-19D9-4B35-8B43-E44A4F1FC020}] => (Allow) G:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5B722FE1-2F75-45E4-A78B-35627DF765CF}] => (Allow) G:\hry\steam\steamapps\common\GoNNER\Gonner.exe () [File not signed]
FirewallRules: [{09819D26-4155-4D3C-902D-AEFEE18BF242}] => (Allow) G:\hry\steam\steamapps\common\GoNNER\Gonner.exe () [File not signed]
FirewallRules: [{1719FE35-7E76-4373-920E-0683AF48CF34}] => (Allow) G:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{FE863A7E-5F86-474F-B0F1-C1DF88821FF7}] => (Allow) G:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{0972322E-6A02-412C-988C-C693C36E9080}] => (Allow) G:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe () [File not signed]
FirewallRules: [{4739A424-3D19-4269-B9C0-0A856C42E2FD}] => (Allow) G:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe () [File not signed]
FirewallRules: [{06183FEF-FEB7-4AE0-9ABE-68AE6C121028}] => (Allow) G:\hry\steam\steamapps\common\The Incredible Adventures of Van Helsing\VanHelsing.exe (NeoCore Games) [File not signed]
FirewallRules: [{FD998F9C-61D3-4869-89A5-D4D8A5140201}] => (Allow) G:\hry\steam\steamapps\common\The Incredible Adventures of Van Helsing\VanHelsing.exe (NeoCore Games) [File not signed]
FirewallRules: [{F23231E7-703C-48D8-AC8F-CB40C6351EB8}] => (Allow) G:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe (Rake in Grass) [File not signed]
FirewallRules: [{8115878D-2CB1-4A48-B2E4-AC7AF3EBAC43}] => (Allow) G:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe (Rake in Grass) [File not signed]
FirewallRules: [{8DC4C0A0-C682-4078-A8D9-1DAF80579053}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{C5FDB77A-9F51-4002-8301-655B69F29872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{262BCDC0-5B3C-4801-83E6-2086E1575A23}] => (Allow) G:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe () [File not signed]
FirewallRules: [{8550E0A1-3144-4949-9A0D-761775A2D124}] => (Allow) G:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe () [File not signed]
FirewallRules: [{73052BA0-DB1D-40EF-84C3-34C8AE9719D6}] => (Allow) G:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe () [File not signed]
FirewallRules: [{849ABA3C-98EB-4FAE-B4F4-047495A03C79}] => (Allow) G:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe () [File not signed]
FirewallRules: [{B9F83376-9727-47A3-A622-28F5043951C8}] => (Allow) G:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe () [File not signed]
FirewallRules: [{C68A80EF-0B88-442E-BDC4-4FB2FC32AB45}] => (Allow) G:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe () [File not signed]
FirewallRules: [{73A462D4-440C-45AA-9BB5-8A5CAEA9BB70}] => (Allow) G:\hry\steam\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{9F1710BD-6C6F-4812-8A8D-0928A15219A9}] => (Allow) G:\hry\steam\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{53B5956A-9A84-4847-AC65-BEAC986FD08D}] => (Allow) G:\hry\steam\steamapps\common\Original War\Owar.exe (Stucuk.net) [File not signed]
FirewallRules: [{4581A77F-A5EB-42AF-8EB9-0CD1C7119E45}] => (Allow) G:\hry\steam\steamapps\common\Original War\Owar.exe (Stucuk.net) [File not signed]
FirewallRules: [{E17A0992-DD8C-4D47-8F29-641136BA4FD7}] => (Allow) G:\hry\steam\steamapps\common\PUSS!\PUSS!.exe () [File not signed]
FirewallRules: [{21BD9B10-7682-497B-AD3F-FE9948A28302}] => (Allow) G:\hry\steam\steamapps\common\PUSS!\PUSS!.exe () [File not signed]
FirewallRules: [{5890DE33-07FD-4D0F-9383-A8080C10AC9B}] => (Allow) G:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe () [File not signed]
FirewallRules: [{25BBCB74-582E-47AE-B5DC-BF3A3EE34E4D}] => (Allow) G:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe () [File not signed]
FirewallRules: [{C7CA594F-82BF-40C6-972E-B0857A802B03}] => (Allow) G:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe () [File not signed]
FirewallRules: [{1264BF7E-EA21-46B2-92CB-05771CD51372}] => (Allow) G:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe () [File not signed]
FirewallRules: [{2475BC91-2DD6-4EB4-815B-8E76AD3C94C7}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe () [File not signed]
FirewallRules: [{A2060C10-C6C6-4407-854C-4C11352936F3}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe () [File not signed]
FirewallRules: [{5C32D548-EB39-4082-B299-A744D51CAD04}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe () [File not signed]
FirewallRules: [{F95F9745-5123-4A95-A386-4B200E898552}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe () [File not signed]
FirewallRules: [{DE18DB93-EA90-4871-B56D-C06ED9BC5A5A}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe () [File not signed]
FirewallRules: [{C72FA73E-F2B7-489B-BE5D-1BDE4DB243A2}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe () [File not signed]
FirewallRules: [{BA734F96-24F9-4C13-878E-099ADE574978}] => (Allow) G:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7127A8FA-DBC6-4ADB-8480-319CE6C7AD73}] => (Allow) G:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{FF657433-CFD1-41D3-9A77-4F0022C86285}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\bin\shooter_win64_release.exe () [File not signed]
FirewallRules: [{3B8F2212-EAB3-4539-9719-038CED65090F}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\bin\shooter_win64_release.exe () [File not signed]
FirewallRules: [{2FC035FC-D39D-4251-81C4-530BDAFE45A7}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\bin\X-Morph_Launcher.exe () [File not signed]
FirewallRules: [{5EFD9AD1-EFF9-45FE-BBE3-3F1857D7B9B8}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\bin\X-Morph_Launcher.exe () [File not signed]
FirewallRules: [{30A1EC49-6ED7-47A4-B162-0C323EB39049}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\tools\bin\level_editor_win64_release.exe () [File not signed]
FirewallRules: [{42025099-19D2-410A-A325-8614C5B2287E}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\tools\bin\level_editor_win64_release.exe () [File not signed]
FirewallRules: [{75E448C3-954B-493F-B828-329E0C9AF32A}] => (Allow) G:\hry\steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{47803126-A5F9-4151-A593-1A686A1C09F2}] => (Allow) G:\hry\steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{75C7C0EA-9A0F-4FD1-BD7F-E7268F53B2D7}] => (Allow) G:\hry\steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{207C6942-EED2-4F9D-8028-813C5CC9673D}] => (Allow) G:\hry\steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{29EBEF47-2F6C-4092-9792-C0949623C28C}] => (Allow) G:\hry\steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{012B3B1E-8F52-42A2-B10D-677793D496CA}] => (Allow) G:\hry\steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{3C9E0B2A-1C62-4DDF-BEB5-E8215500254E}] => (Allow) G:\hry\steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{DBEE7FD7-38B3-4FF9-B0FF-A9A4EFE527A8}] => (Allow) G:\hry\steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{9343239F-862D-4784-98BB-1345B6F5539E}] => (Allow) G:\hry\steam\steamapps\common\Legend of Grimrock\grimrock.exe () [File not signed]
FirewallRules: [{9D9FE66A-F634-4B57-9985-693807F5A3A3}] => (Allow) G:\hry\steam\steamapps\common\Legend of Grimrock\grimrock.exe () [File not signed]
FirewallRules: [{0DC77ED0-8934-46EC-89E3-F126FB5B9EC8}] => (Allow) G:\hry\steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{289F0C47-1E3E-4583-9A2C-E77F1A86F079}] => (Allow) G:\hry\steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{E7A7931C-66DE-400B-9203-50CB189BAEC0}] => (Allow) G:\hry\steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{FDFDBE32-28CA-4E1C-892F-047CAFE4A03B}] => (Allow) G:\hry\steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [TCP Query User{D211FBBA-7CCE-4F72-AB9B-66FC24FD7CEF}G:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) G:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe (Focus Home Interactive S.A -> Focus Home Interactive)
FirewallRules: [UDP Query User{44CE35A3-7F3B-4108-BB33-8780DEEDC504}G:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) G:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe (Focus Home Interactive S.A -> Focus Home Interactive)
FirewallRules: [{0DDC3B0C-9A55-43BD-9A8F-4281C5541FAA}] => (Allow) G:\hry\steam\steamapps\common\Samorost 2\Samorost2.exe () [File not signed]
FirewallRules: [{3D30FA52-18A9-4919-BA99-D28E0606D8B0}] => (Allow) G:\hry\steam\steamapps\common\Samorost 2\Samorost2.exe () [File not signed]
FirewallRules: [{192084B5-39C4-4EDF-A65E-6DBCF01573C1}] => (Allow) G:\hry\steam\steamapps\common\Samorost 3\Samorost3.exe () [File not signed]
FirewallRules: [{C6B4F48C-DB7E-4143-ABC8-DCC9AEA4DAE6}] => (Allow) G:\hry\steam\steamapps\common\Samorost 3\Samorost3.exe () [File not signed]
FirewallRules: [{8558BBB9-4CB1-48B4-A740-B207719EB1EF}] => (Allow) G:\hry\steam\steamapps\common\The Incredible Adventures of Van Helsing II\VanHelsing.exe (NeoCore Games) [File not signed]
FirewallRules: [{DAD53C2F-A6C8-47D6-B09B-C8E37244D8F9}] => (Allow) G:\hry\steam\steamapps\common\The Incredible Adventures of Van Helsing II\VanHelsing.exe (NeoCore Games) [File not signed]
FirewallRules: [{27A529FA-973E-4908-81C5-7EAAC5773633}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{89F54969-7807-44C2-AA71-5C718915A03F}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{81E48FB7-5D6E-421D-B182-ABB1DB4A44B5}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{38406054-CF75-4E40-8DC4-0FA375CC5594}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{32D17285-5BDB-4C5E-9835-208D223E0741}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{14A642C6-36E0-4AE3-95A5-13870747110F}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{57648F0A-2FDF-4765-AD70-5DBE8285D378}] => (Allow) G:\hry\steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed]
FirewallRules: [{94DE564B-D980-407D-AE16-693E455000EE}] => (Allow) G:\hry\steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed]
FirewallRules: [{A9D19D8B-E018-4B4D-B237-EE5F541EBD46}] => (Allow) G:\hry\steam\steamapps\common\War For The Overworld\WFTO.exe (BRIGHTROCK GAMES LIMITED -> )
FirewallRules: [{3A59CF14-7C32-4F87-8B1D-5EF876D80C3A}] => (Allow) G:\hry\steam\steamapps\common\War For The Overworld\WFTO.exe (BRIGHTROCK GAMES LIMITED -> )
FirewallRules: [{A7D90EA9-477E-4D76-940F-016DF79B4F94}] => (Allow) G:\hry\steam\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{3F730255-EC89-4F8C-9D56-7C76D2F3B0D1}] => (Allow) G:\hry\steam\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{F950C14B-19BA-468E-87A7-B7894456BF8A}] => (Allow) G:\hry\steam\steamapps\common\Braid\braid.exe () [File not signed]
FirewallRules: [{23B7965D-8D44-4D9F-BADB-76C71C9E2208}] => (Allow) G:\hry\steam\steamapps\common\Braid\braid.exe () [File not signed]
FirewallRules: [{33CCAEFA-F9B8-4792-8F22-B69F014F4CA5}] => (Allow) G:\hry\steam\steamapps\common\BLACKHOLE\BH.exe (FiolaSoft Studio) [File not signed]
FirewallRules: [{3CA83BEE-9D19-4685-A79D-3BCA7AD0C6D2}] => (Allow) G:\hry\steam\steamapps\common\BLACKHOLE\BH.exe (FiolaSoft Studio) [File not signed]
FirewallRules: [{C15F2D0C-47BC-4169-A193-A8FCAF265DD3}] => (Allow) G:\hry\steam\steamapps\common\tbs3\win32\The Banner Saga 3.exe () [File not signed]
FirewallRules: [{00795360-15F4-429D-98D1-7184488D62BD}] => (Allow) G:\hry\steam\steamapps\common\tbs3\win32\The Banner Saga 3.exe () [File not signed]
FirewallRules: [{096F1EBF-5DAF-4AB4-9F80-CE7828F4CEBB}] => (Allow) G:\hry\steam\steamapps\common\tbs2\win32\The Banner Saga 2.exe () [File not signed]
FirewallRules: [{7C616D7B-4C3F-4A22-8F6E-D8C089C91796}] => (Allow) G:\hry\steam\steamapps\common\tbs2\win32\The Banner Saga 2.exe () [File not signed]
FirewallRules: [{F61299EF-1D04-4517-A51A-77DDE05E7C85}] => (Allow) G:\hry\steam\steamapps\common\tbs\win32\The Banner Saga.exe () [File not signed]
FirewallRules: [{EF636D5A-495A-455B-AE0C-69DD4D2CF659}] => (Allow) G:\hry\steam\steamapps\common\tbs\win32\The Banner Saga.exe () [File not signed]
FirewallRules: [{71178CB0-5B06-47EE-BE4D-7F13DD0DFF78}] => (Allow) G:\hry\steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{325678C1-8C19-4F96-9809-2789E5828FEB}] => (Allow) G:\hry\steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{2AE04082-89DD-4B27-A76B-AABB3D65E226}] => (Allow) G:\hry\steam\steamapps\common\Rain World\RainWorld.exe () [File not signed]
FirewallRules: [{B6ECEB30-075A-41DE-A58B-6D5554F25533}] => (Allow) G:\hry\steam\steamapps\common\Rain World\RainWorld.exe () [File not signed]
FirewallRules: [{4763C5DE-063F-46CD-A690-3F32320996BA}] => (Allow) G:\hry\steam\steamapps\common\Guns, Gore and Cannoli 2\ggc2.exe () [File not signed]
FirewallRules: [{AF365338-B207-4708-A281-EF5740287F67}] => (Allow) G:\hry\steam\steamapps\common\Guns, Gore and Cannoli 2\ggc2.exe () [File not signed]
FirewallRules: [{E480FA21-B61F-42F9-8CB4-1BB46721ECBC}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds.exe (Reality Pump -> Reality Pump)
FirewallRules: [{87BE1112-F0D8-4F1C-9F55-DB5010CFA682}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds.exe (Reality Pump -> Reality Pump)
FirewallRules: [{8EB50939-B340-47E1-A1E8-80BD9082920E}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe (Reality Pump -> Reality Pump)
FirewallRules: [{54083F80-7EBD-487E-8BE3-7004DDCAD2BC}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe (Reality Pump -> Reality Pump)
FirewallRules: [{967C6963-F491-48A8-9E30-08C8FB3352DB}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\2WSG.exe (TopWare Interactive AG) [File not signed]
FirewallRules: [{1915CC52-FEA8-45BA-B0DE-95F9F9FE75E1}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\2WSG.exe (TopWare Interactive AG) [File not signed]
FirewallRules: [{C27AEE54-BA9D-449A-8DB2-ED1BAC6DD2A2}] => (Allow) G:\hry\steam\steamapps\common\Lair of the Clockwork God\LotCG.exe () [File not signed]
FirewallRules: [{6EC5228D-EDAD-400D-920F-0102A768B87B}] => (Allow) G:\hry\steam\steamapps\common\Lair of the Clockwork God\LotCG.exe () [File not signed]
FirewallRules: [{B5D1F606-B2CF-41BE-8855-7E338AA3D9C1}] => (Allow) G:\hry\steam\steamapps\common\Devil's Kiss\DevilsKiss.exe () [File not signed]
FirewallRules: [{5D2C43DC-93EF-4C2B-8D9B-A7D2B27854FC}] => (Allow) G:\hry\steam\steamapps\common\Devil's Kiss\DevilsKiss.exe () [File not signed]
FirewallRules: [{CC9AF453-82A0-431C-B8F1-A5F84390D93E}] => (Allow) G:\hry\steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{3C2A107D-FC14-45CA-9F45-2A9435CF47C2}] => (Allow) G:\hry\steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{DB6DF0FE-5657-4D04-AF54-D5140DECC29D}] => (Allow) G:\hry\steam\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{415AE697-9200-4D0D-AC64-0C5EEC90CD5C}] => (Allow) G:\hry\steam\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0DA285FB-BA1D-40FA-9E0A-6D207ACD7D0F}] => (Allow) G:\hry\steam\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.)
FirewallRules: [{F6FFC0D1-F239-438F-880A-63795E62CD20}] => (Allow) G:\hry\steam\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.)
FirewallRules: [{A0EFAD30-4B7C-47D2-9C8C-C9534E106B51}] => (Allow) G:\hry\steam\steamapps\common\CastleCrashers\castle.exe () [File not signed]
FirewallRules: [{CDFB2A75-BB9E-4A8D-9FC8-96593ABA1C1F}] => (Allow) G:\hry\steam\steamapps\common\CastleCrashers\castle.exe () [File not signed]
FirewallRules: [{D5C69429-1A50-48B7-88B3-4C6CE5DFD31F}] => (Allow) G:\hry\steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed]
FirewallRules: [{706BE93D-5602-4CA3-8B14-A05011C1B8C8}] => (Allow) G:\hry\steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed]
FirewallRules: [{A8F6054A-EACA-4A73-9FD0-6907F51B7B1F}] => (Allow) G:\hry\steam\steamapps\common\7th Sector\7TH_Sector.exe () [File not signed]
FirewallRules: [{26833320-0203-466D-A8E4-3A8DD824146C}] => (Allow) G:\hry\steam\steamapps\common\7th Sector\7TH_Sector.exe () [File not signed]
FirewallRules: [{4B1761A7-5F3E-42FD-BAD4-D394644CCEF7}] => (Allow) G:\hry\steam\steamapps\common\Darkwood\Darkwood.exe () [File not signed]
FirewallRules: [{C6E606D8-D549-4F84-A09C-2A30AFB7EFB7}] => (Allow) G:\hry\steam\steamapps\common\Darkwood\Darkwood.exe () [File not signed]
FirewallRules: [{79BD2F4E-7EC1-4819-9710-77997E583853}] => (Allow) G:\hry\steam\steamapps\common\35MM\35MM.exe () [File not signed]
FirewallRules: [{0F1FDD4A-E5DA-49F8-AAF8-707563BF7900}] => (Allow) G:\hry\steam\steamapps\common\35MM\35MM.exe () [File not signed]
FirewallRules: [TCP Query User{45A388CD-0806-4FB6-9CEE-F4CB11B202E4}G:\hry\wot\wargaming.net\gamecenter\wgc.exe] => (Allow) G:\hry\wot\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{257C648B-E323-4C57-A6A5-D76216F7C74E}G:\hry\wot\wargaming.net\gamecenter\wgc.exe] => (Allow) G:\hry\wot\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9C44F5CD-1A95-491B-802A-DC337B310A16}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{0EBEACC1-3149-47DC-A875-3377B6112328}G:\hry\wot\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) G:\hry\wot\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{DCE3703A-5EC2-4C0D-9BD1-895588B93234}G:\hry\wot\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) G:\hry\wot\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{62DBA216-E699-4B52-95E6-73772627B304}] => (Allow) G:\hry\steam\steamapps\common\DLC Quest\DLC.exe (Going Loud Studios) [File not signed]
FirewallRules: [{FFBC629C-5671-484E-8CDE-113CF7463E48}] => (Allow) G:\hry\steam\steamapps\common\DLC Quest\DLC.exe (Going Loud Studios) [File not signed]
FirewallRules: [{CF644652-9060-4F11-BD29-999EF984C2B1}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{13C508F8-29FD-4270-A83F-66EB6CB197A4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{F0242DF7-4781-48A6-9373-86E1D61BA511}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/18/2021 04:48:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/18/2021 12:04:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/17/2021 08:31:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/16/2021 09:16:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/15/2021 03:53:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/14/2021 04:20:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/13/2021 04:04:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/12/2021 10:16:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WorldOfTanks.exe verze 1.11.0.10055 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 24ac

Čas spuštění: 01d6e8fadd2f919e

Čas ukončení: 900

Cesta k aplikaci: G:\hry\WoT\World_of_Tanks_EU\win64\WorldOfTanks.exe

ID hlášení:


System errors:
=============
Error: (01/18/2021 01:34:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby CPEFR bylo dosaženo časového limitu (30000 ms).

Error: (01/18/2021 01:52:03 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby CPEFR bylo dosaženo časového limitu (30000 ms).

Error: (01/18/2021 12:22:26 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (01/17/2021 12:35:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby CPEFR bylo dosaženo časového limitu (30000 ms).

Error: (01/17/2021 02:32:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby CPEFR bylo dosaženo časového limitu (30000 ms).

Error: (01/16/2021 03:20:37 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby CPEFR bylo dosaženo časového limitu (30000 ms).

Error: (01/15/2021 01:16:44 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby CPEFR bylo dosaženo časového limitu (30000 ms).

Error: (01/14/2021 04:24:34 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby CPEFR bylo dosaženo časového limitu (30000 ms).


CodeIntegrity:
===================================

Date: 2020-02-03 22:21:42.446
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:21:42.430
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:21:42.399
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:21:40.199
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:21:40.168
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:21:40.153
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:12:22.733
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:12:22.713
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 3207 04/02/2012
Motherboard: ASUSTeK Computer INC. P8P67 PRO REV 3.1
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 39%
Total physical RAM: 16351.14 MB
Available physical RAM: 9903.31 MB
Total Virtual: 32700.43 MB
Available Virtual: 24496.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:41.94 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (pracovní) (Fixed) (Total:500.16 GB) (Free:120.66 GB) NTFS
Drive f: (data) (Fixed) (Total:1362.85 GB) (Free:321.91 GB) NTFS
Drive g: (hry) (Fixed) (Total:1862.89 GB) (Free:947.24 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: B5C1BBDE)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: A3D1EF07)
Partition 2: (Not Active) - (Size=1863 GB) - (Type=0F Extended)

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================


//do přílohy ještě dávám log ze ZoneAlarmu

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[out_of_space]

Nejsem si jist, jestli jsem to udělal dobře Dal jsem scan, po jednom nálezu tam bylo jen tlačítko karanténa, kam jsem ho poslal a bez nutnosti restartu je tento log:

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1331 octets] - [10/04/2019 16:47:02]
AdwCleaner[C00].txt - [1479 octets] - [10/04/2019 16:47:41]
AdwCleaner[S01].txt - [1535 octets] - [01/02/2020 16:46:58]
AdwCleaner[C01].txt - [1725 octets] - [01/02/2020 16:54:54]
AdwCleaner[S02].txt - [1700 octets] - [18/01/2021 18:13:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

[Rudy]

OK, jen nevím, co to bylo. Pro jistotu dejte nové logy FRST+Addition.

[out_of_space]

Aha, koukám, že jsem nedal celý log

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-18-2021
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\jakub\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1331 octets] - [10/04/2019 16:47:02]
AdwCleaner[C00].txt - [1479 octets] - [10/04/2019 16:47:41]
AdwCleaner[S01].txt - [1535 octets] - [01/02/2020 16:46:58]
AdwCleaner[C01].txt - [1725 octets] - [01/02/2020 16:54:54]
AdwCleaner[S02].txt - [1700 octets] - [18/01/2021 18:13:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########







Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-01-2021
Ran by jakub (administrator) on JAKUB-PC (18-01-2021 23:16:28)
Running from C:\Users\jakub\Desktop
Loaded Profiles: jakub
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331040 2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [325856 2020-01-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Run: [] => [X]
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55872 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\Windows\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2015B39B-EC85-4784-AF46-46DA41073525} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-05] (Google LLC -> Google LLC)
Task: {533085DC-48DD-47E2-ACA8-F6843C64211E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5495550A-3C02-4C33-A0D0-A5E9AA4CF6BE} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233184 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {77024E4C-6B2E-4433-8D2B-29348FFB4C53} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {914A09D4-0AE8-4C15-8A71-204F7B95EAFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-05] (Google LLC -> Google LLC)
Task: {9D48CE40-E6C9-42CC-82B7-2D567141251E} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {C38E3BF6-EA7E-426A-9073-A8A9648BACF4} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29934096 2020-12-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {EAB8389D-10AF-40A7-B8AD-CB2164745344} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F4CFB372-2790-459D-B874-80B372C2828C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-08] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AD083C53-B007-4D18-9361-58B144428CDE}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\jakub\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-28]

FireFox:
========
FF DefaultProfile: nlhpu5mp.default
FF ProfilePath: C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release [2021-01-18]
FF DownloadDir: F:\rozbaleno
FF Session Restore: Mozilla\Firefox\Profiles\2mscpk3t.default-release -> is enabled.
FF NewTabOverride: Mozilla\Firefox\Profiles\2mscpk3t.default-release -> Enabled: pavel.sherbakov@gmail.com
FF NewTabOverride: Mozilla\Firefox\Profiles\2mscpk3t.default-release -> Enabled: @contain-facebook
FF NewTabOverride: Mozilla\Firefox\Profiles\2mscpk3t.default-release -> Enabled: uBlock0@raymondhill.net
FF NewTabOverride: Mozilla\Firefox\Profiles\2mscpk3t.default-release -> Enabled: wikipedia@search.mozilla.org
FF Extension: (Facebook Container) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\@contain-facebook.xpi [2020-09-29]
FF Extension: (BetterTTV) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\firefox@betterttv.net.xpi [2020-12-18]
FF Extension: (New Tab Page) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\pavel.sherbakov@gmail.com.xpi [2020-11-16]
FF Extension: (RescueTime for Firefox) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\rescuetime_firefox@rescuetime.com.xpi [2020-05-27]
FF Extension: (uBlock Origin) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-01-04]
FF Extension: (Matte Black (Red)) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\2mscpk3t.default-release\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2020-10-21]
FF ProfilePath: C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default [2021-01-18]
FF DownloadDir: F:\staženo
FF Homepage: Mozilla\Firefox\Profiles\nlhpu5mp.default -> resource://firefox-at-usepanda-dot-com/data/index.html
FF NewTab: Mozilla\Firefox\Profiles\nlhpu5mp.default -> resource://firefox-at-usepanda-dot-com/data/index.html
FF Session Restore: Mozilla\Firefox\Profiles\nlhpu5mp.default -> is enabled.
FF NewTabOverride: Mozilla\Firefox\Profiles\nlhpu5mp.default -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\nlhpu5mp.default -> Enabled: {d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}
FF Extension: (Avira Browser Safety) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\abs@avira.com.xpi [2020-01-23]
FF Extension: (Group Speed Dial) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2020-01-25]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2019-05-14]
FF Extension: (QR Code Generator) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\jid0-RwTySlpoKU14fw7yw2AflOAihhA@jetpack.xpi [2017-07-27]
FF Extension: (To Google Translate) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-08-21]
FF Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2020-01-11]
FF Extension: (Avira Password Manager) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\passwordmanager@avira.com [2020-02-03]
FF Extension: (TinEye Reverse Image Search) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\tineye@ideeinc.com.xpi [2019-07-10]
FF Extension: (Toggl Button: Productivity & Time Tracker) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\toggl-button@toggl.com.xpi [2020-01-28]
FF Extension: (uBlock Origin) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\uBlock0@raymondhill.net.xpi [2019-12-28]
FF Extension: (ColorZilla) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2017-07-14]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2019-12-28]
FF Extension: (Ecosia - The search engine that plants trees) - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2018-08-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2020-02-04] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default [2021-01-18]
CHR Extension: (Avira Password Manager) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2020-06-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-02]
CHR Extension: (Chrome Media Router) - C:\Users\jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-15]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\2.00.10\atkexComSvc.exe [411096 2017-07-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [975832 2017-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [244888 2020-12-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-12-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1748552 2020-05-06] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-05-06] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2021-01-16] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2021-01-16] (Electronic Arts, Inc. -> Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2020-03-06] (Even Balance, Inc. -> )
R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2020-01-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2020-01-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-06-01] (ASUSTeK Computer Inc. -> )
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222200 2020-11-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [178720 2020-05-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [129648 2021-01-18] (Malwarebytes Inc -> Malwarebytes)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-31] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 VBAudio100VMVAIO3MME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio364_win7.sys [63936 2020-10-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [63936 2020-10-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [63936 2020-10-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [461240 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
U3 iswSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-18 18:12 - 2021-01-18 18:12 - 008458096 _____ (Malwarebytes) C:\Users\jakub\Desktop\adwcleaner_8.0.9.exe
2021-01-18 18:11 - 2021-01-18 18:11 - 008447152 _____ (Malwarebytes) C:\Users\jakub\Desktop\AdwCleaner.exe
2021-01-18 18:10 - 2021-01-18 18:10 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-01-18 18:10 - 2021-01-18 18:10 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-01-18 18:10 - 2021-01-18 18:10 - 000129648 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-01-18 18:10 - 2021-01-18 18:10 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-18 18:10 - 2021-01-18 18:10 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-18 18:10 - 2021-01-18 18:10 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-01-18 18:09 - 2021-01-18 18:09 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-01-18 18:09 - 2021-01-18 18:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-18 18:09 - 2021-01-18 18:09 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-18 18:06 - 2021-01-18 18:05 - 002086424 _____ (Malwarebytes) C:\Users\jakub\Desktop\MBSetup.exe
2021-01-18 17:32 - 2021-01-18 17:32 - 000008345 _____ C:\Users\jakub\Desktop\log_zoneAlarm.zip
2021-01-18 17:20 - 2021-01-18 17:21 - 000077213 _____ C:\Users\jakub\Desktop\Addition.txt
2021-01-18 17:19 - 2021-01-18 23:16 - 000026199 _____ C:\Users\jakub\Desktop\FRST.txt
2021-01-18 17:18 - 2021-01-18 17:17 - 002295296 _____ (Farbar) C:\Users\jakub\Desktop\FRST64.exe
2021-01-16 18:00 - 2021-01-16 18:00 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Free Lives
2021-01-15 20:40 - 2021-01-15 20:40 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2021-01-12 19:17 - 2021-01-13 16:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-01-09 23:59 - 2021-01-09 23:59 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Octavi Navarro
2021-01-09 17:43 - 2021-01-09 17:43 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Alt Shift
2021-01-08 17:06 - 2021-01-08 17:06 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-01-07 17:17 - 2021-01-07 17:17 - 000001805 _____ C:\Users\jakub\Desktop\Spotify.lnk
2021-01-07 17:17 - 2021-01-07 17:17 - 000001791 _____ C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2021-01-04 20:49 - 2021-01-04 20:49 - 000000811 _____ C:\Users\jakub\Desktop\World of Tanks EU.lnk
2021-01-04 20:29 - 2021-01-04 20:29 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Acid Wizard Studio
2021-01-03 01:20 - 2021-01-03 01:20 - 000000000 ____D C:\Users\jakub\AppData\Local\Frontier Developments
2021-01-03 01:20 - 2021-01-03 01:20 - 000000000 ____D C:\ProgramData\Frontier Developments
2021-01-01 18:06 - 2021-01-01 18:06 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Beam Team Games
2020-12-31 17:53 - 2020-12-31 17:53 - 000000000 ____D C:\Users\jakub\AppData\Local\Solitairica
2020-12-25 10:30 - 2020-12-25 10:30 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Size Five Games
2020-12-25 10:22 - 2020-12-25 10:22 - 000000000 ____D C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2020-12-23 23:06 - 2021-01-09 09:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-23 17:33 - 2020-12-23 17:33 - 000000000 ____D C:\Users\jakub\AppData\Local\Kalypso Media
2020-12-23 17:32 - 2020-12-27 09:42 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Tropico 5
2020-12-23 17:32 - 2020-12-23 17:32 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Kalypso Media
2020-12-22 17:31 - 2020-12-22 17:31 - 000000000 ____D C:\Users\jakub\AppData\Local\The Creative Assembly
2020-12-21 20:11 - 2020-12-21 20:11 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Attu Games
2020-12-20 17:38 - 2020-12-20 17:38 - 000000000 ____D C:\Users\jakub\AppData\Local\DefenseGrid
2020-12-19 11:51 - 2020-12-19 11:51 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-18 23:16 - 2019-04-10 17:24 - 000000000 ____D C:\FRST
2021-01-18 23:02 - 2020-02-03 20:00 - 000000000 ____D C:\Users\jakub\AppData\LocalLow\Mozilla
2021-01-18 18:17 - 2020-02-03 19:59 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-18 18:15 - 2020-02-03 20:20 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-18 16:58 - 2020-04-16 07:38 - 000000000 ____D C:\Program Files\CCleaner
2021-01-18 16:53 - 2009-07-14 05:45 - 000031664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-18 16:53 - 2009-07-14 05:45 - 000031664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-18 16:52 - 2011-04-12 09:34 - 000676832 _____ C:\Windows\system32\perfh005.dat
2021-01-18 16:52 - 2011-04-12 09:34 - 000145750 _____ C:\Windows\system32\perfc005.dat
2021-01-18 16:52 - 2009-07-14 06:13 - 001609358 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-18 16:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-01-18 16:47 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-18 01:51 - 2020-02-03 20:26 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-18 01:51 - 2018-08-22 20:44 - 000000000 ____D C:\Users\jakub\AppData\Roaming\discord
2021-01-17 21:47 - 2017-08-13 00:05 - 000000000 ____D C:\Users\jakub\AppData\Roaming\obs-studio
2021-01-17 00:28 - 2020-12-05 13:21 - 000000000 ____D C:\ProgramData\Origin
2021-01-17 00:28 - 2015-06-13 13:15 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Origin
2021-01-16 21:03 - 2020-12-05 13:22 - 000000000 ____D C:\Program Files (x86)\Origin
2021-01-16 21:03 - 2015-06-13 13:32 - 000000000 ____D C:\Users\jakub\AppData\Local\Origin
2021-01-15 20:41 - 2020-11-21 18:55 - 000000015 _____ C:\Users\jakub\AppData\Roaming\obs-virtualcam.txt
2021-01-15 20:40 - 2020-11-22 16:35 - 000000000 ____D C:\Users\jakub\Documents\SavedGames
2021-01-14 16:30 - 2020-02-03 20:12 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2021-01-14 16:26 - 2020-02-03 22:29 - 000000000 ____D C:\Windows\system32\MRT
2021-01-14 16:22 - 2020-02-03 22:29 - 135062968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-01-14 16:19 - 2020-02-03 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-13 16:03 - 2020-04-16 07:38 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-11 22:16 - 2020-02-05 21:09 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-07 17:27 - 2017-07-13 20:07 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Spotify
2021-01-07 17:17 - 2017-07-14 11:07 - 000000000 ____D C:\Users\jakub\AppData\Local\Spotify
2021-01-05 20:41 - 2020-11-26 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-01-04 20:49 - 2020-06-28 09:50 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-01-04 20:48 - 2020-06-28 09:50 - 000000000 ____D C:\Users\jakub\AppData\Roaming\Wargaming.net
2021-01-03 01:20 - 2020-02-03 20:07 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-03 01:20 - 2018-12-16 21:32 - 000000000 ____D C:\Users\jakub\AppData\Local\EpicGamesLauncher
2021-01-01 09:31 - 2020-07-08 08:36 - 000003596 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-12-30 17:06 - 2019-12-28 18:42 - 000000000 ____D C:\Users\jakub\AppData\Local\Ori and the Blind Forest DE
2020-12-29 19:19 - 2020-02-03 20:54 - 000003664 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2020-12-27 11:40 - 2020-02-04 10:02 - 000000000 ____D C:\Users\jakub\AppData\Roaming\EasyAntiCheat
2020-12-27 09:22 - 2020-10-11 18:04 - 000000000 ____D C:\Users\jakub\Documents\Giana Sisters - Twisted Dreams
2020-12-27 09:21 - 2020-12-05 13:36 - 000000000 ____D C:\Users\jakub\AppData\Local\BLACKHOLE
2020-12-19 11:02 - 2014-02-03 20:03 - 000000132 _____ C:\Users\jakub\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2020-12-19 10:59 - 2020-10-10 13:41 - 000001195 _____ C:\Users\jakub\Desktop\Stream Raiders.lnk

==================== Files in the root of some directories ========

2020-04-27 11:38 - 2020-04-27 11:38 - 000000016 ____H () C:\Program Files (x86)\Common Files\asv2-astg
2020-04-27 11:39 - 2020-04-27 11:39 - 000000016 ____H () C:\Program Files (x86)\Common Files\cld2-astg
2020-04-27 11:40 - 2020-04-27 11:40 - 000000016 ____H () C:\Program Files (x86)\Common Files\dys1-astg
2020-04-27 11:41 - 2020-04-27 11:41 - 000000020 ____H () C:\Program Files (x86)\Common Files\inq1-astg
2020-04-27 11:42 - 2020-04-27 11:42 - 000000016 ____H () C:\Program Files (x86)\Common Files\ins1-astg
2020-04-27 11:44 - 2020-04-27 11:44 - 000000016 ____H () C:\Program Files (x86)\Common Files\mir1-astg
2020-04-27 11:45 - 2020-04-27 11:45 - 000000016 ____H () C:\Program Files (x86)\Common Files\pcs2-astg
2020-04-27 11:46 - 2020-04-27 11:46 - 000000016 ____H () C:\Program Files (x86)\Common Files\rst1-astg
2020-04-27 11:47 - 2020-04-27 11:47 - 000000016 ____H () C:\Program Files (x86)\Common Files\sty1-astg
2020-04-27 11:50 - 2020-04-27 11:50 - 000000016 ____H () C:\Program Files (x86)\Common Files\vs2-astg
2020-04-27 11:52 - 2020-04-27 11:52 - 000000016 ____H () C:\Program Files (x86)\Common Files\ws2-astg
2018-07-20 08:02 - 2018-07-20 08:02 - 000000132 _____ () C:\Users\jakub\AppData\Roaming\Adobe Formát AIFF CS6 – předvolby
2014-11-01 00:02 - 2017-11-15 22:19 - 000000132 _____ () C:\Users\jakub\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2014-02-03 20:03 - 2020-12-19 11:02 - 000000132 _____ () C:\Users\jakub\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-01-28 15:45 - 2016-07-23 13:41 - 000000620 _____ () C:\Users\jakub\AppData\Roaming\burnaware.ini
2014-07-27 20:02 - 2014-09-05 19:35 - 000000132 _____ () C:\Users\jakub\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2020-11-21 18:55 - 2021-01-15 20:41 - 000000015 _____ () C:\Users\jakub\AppData\Roaming\obs-virtualcam.txt
2020-09-26 08:34 - 2020-09-26 08:34 - 000332800 _____ () C:\Users\jakub\AppData\Roaming\patcher.dll
2020-10-02 12:05 - 2020-10-02 12:08 - 000060311 _____ () C:\Users\jakub\AppData\Roaming\VoiceMeeterPotatoDefault.xml
2020-02-24 18:45 - 2020-04-11 08:25 - 000000081 _____ () C:\Users\jakub\AppData\Local\.bidstack.fault
2014-02-17 19:38 - 2020-11-14 19:15 - 000001480 _____ () C:\Users\jakub\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-07-23 13:38 - 2016-07-23 13:38 - 000000031 _____ () C:\Users\jakub\AppData\Local\burnaware.ini
2020-01-31 12:27 - 2020-01-31 12:27 - 000000000 _____ () C:\Users\jakub\AppData\Local\oobelibMkey.log
2020-06-10 23:14 - 2020-06-10 23:14 - 000000750 _____ () C:\Users\jakub\AppData\Local\recently-used.xbel
2014-03-22 23:12 - 2014-03-30 14:04 - 000007605 _____ () C:\Users\jakub\AppData\Local\Resmon.ResmonCfg
2008-02-05 14:28 - 2008-02-05 14:28 - 000000051 _____ () C:\Users\jakub\AppData\Local\setup.txt
2016-08-17 19:27 - 2017-07-14 23:05 - 000000425 _____ () C:\Users\jakub\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-01-12 01:17
==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2021
Ran by jakub (18-01-2021 23:17:03)
Running from C:\Users\jakub\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2020-02-03 18:43:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3002702695-1329728289-897546576-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3002702695-1329728289-897546576-1004 - Limited - Enabled)
Guest (S-1-5-21-3002702695-1329728289-897546576-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3002702695-1329728289-897546576-1002 - Limited - Enabled)
jakub (S-1-5-21-3002702695-1329728289-897546576-1000 - Administrator - Enabled) => C:\Users\jakub

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - Eastern European (Group 1) (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe Creative Suite 6 Design Standard (HKLM-x32\...\{0327A4BF-62BF-48BB-8928-B971B749E9E1}) (Version: 6 - Adobe Systems Incorporated)
Affinity Photo (HKLM\...\{D39FC096-62B2-4F21-BA48-04DAC525F929}) (Version: 1.8.3.641 - Serif (Europe) Ltd)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.45.1 - Asmedia Technology)
Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team)
Autosaviour v2.0.1 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{4304D0CC-D1F7-48B7-A1FA-6AFB26418E02}) (Version: 2.0.1 - Astute Graphics Limited)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2101.2069 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.42.14101 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.9.0.11050 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blender (HKLM\...\{892913E7-EB3C-43F8-ABDE-9333ABBF959A}) (Version: 2.82.0 - Blender Foundation)
Boxshot 5 (HKLM\...\Boxshot 5) (Version: 5.2.8 - Appsforlife Ltd)
calibre 64bit (HKLM\...\{69BA0606-DA61-4747-BF34-00A6BE8E9B6B}) (Version: 4.13.0 - Kovid Goyal)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Carmageddon TDR 2000 (HKLM-x32\...\1146738698_is1) (Version: 1.0 - GOG.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Close To The Sun CZ (HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Close To The Sun CZ) (Version: - )
ColliderScribe v2.0.0 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{BCF1C01A-71C1-4E21-8F24-5309A08A2BB1}) (Version: 2.0.0 - Astute Graphics Limited)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
DynamicSketch v1.6.6 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{C23A8A3A-E18C-4B1E-BD12-F1C4E4E8E3DD}) (Version: 1.6.6 - Astute Graphics Limited)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version: - Q, Timeslip)
Fe (HKLM-x32\...\{D6F315B0-EAB6-4210-963F-6393BE9EA1CD}) (Version: - Electronic Arts, Inc.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Check Point SBA (HKLM\...\{C8325D51-E514-475B-AFF2-550C3527E563}) (Version: 86.5.9511 - Check Point Software Technologies Ltd.) Hidden
InkQuest v1.1.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{83FA3DA6-F8BB-421A-ADE0-EDABC6C7838A}) (Version: 1.1.5 - Astute Graphics Limited)
InkScribe v1.6.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{D49A283C-F7A6-49FF-BB62-C946AE44F1A2}) (Version: 1.6.5 - Astute Graphics Limited)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.68.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.68.1 - Hendrik Leppkes)
LibreOffice 6.3.5.2 (HKLM\...\{9FEFBA80-8687-4AC1-83F7-3CD3E9BAF275}) (Version: 6.3.5.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MirrorMe v1.1.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{229CD2F2-481D-4EEE-88D6-DDE2FB1E250E}) (Version: 1.1.5 - Astute Graphics Limited)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.4.2 - Mozilla)
Mozilla Thunderbird 78.6.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.6.1 (x86 cs)) (Version: 78.6.1 - Mozilla)
My Game Long Name (HKLM\...\UDK-870a4197-06dd-4440-9bbb-e834aff98d10) (Version: - Epic Games, Inc.)
NexusFile (5.3.3.5532) (HKLM-x32\...\{ED0FB0C1-CD06-4C29-B903-8A91D4BF5B61}_is1) (Version: - xiles)
nexusfont 2.6 (ver 2.6.2.1870) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.79 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenToonz version 1.4.0 (HKLM\...\{DF519282-600D-4E03-9190-6046329B1CB4}_is1) (Version: 1.4.0 - DWANGO Co., Ltd.)
Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 460.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 460.79 - NVIDIA Corporation) Hidden
Pantone Color Manager 2.4.0.66 (HKLM-x32\...\Pantone Color Manager_is1) (Version: 2.4.0.66 - PANTONE)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Phantasm v3.1.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{EA439092-029D-4AAD-844F-93A99D8A8928}) (Version: 3.1.5 - Astute Graphics Limited)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Rasterino v1.1.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{03D8C4A5-7B98-4BC1-9E34-CECDB3993470}) (Version: 1.1.5 - Astute Graphics Limited)
RawTherapee verze 5.8 (HKLM\...\RawTherapee5.8_is1) (Version: 5.8 - rawtherapee.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
RescueTime 2.14.5.3 (HKLM-x32\...\{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1) (Version: - RescueTime.com)
Sea of Solitude (HKLM-x32\...\{E954B6D6-AE32-401E-8628-D2FF1F30119D}}) (Version: - Electronic Arts, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Spotify) (Version: 1.1.47.684.g136419d9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stream Raiders (HKLM-x32\...\Stream Raiders) (Version: - )
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 20.12.9.680 - StreamElements)
Stylism v1.1.4 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{EC2992E2-A4B1-40C8-B2E6-5AA41527D594}) (Version: 1.1.4 - Astute Graphics Limited)
SubScribe v1.2.5 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{8B8CE331-DF4B-4B42-87E2-455A3A8E9AAB}) (Version: 1.2.5 - Astute Graphics Limited)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: - Electronic Arts, Inc.)
UNRAVEL™ two (HKLM-x32\...\{5DB117FE-6F05-40AC-B7A3-5C67641F14C0}) (Version: - Electronic Arts, Inc.)
Updated Unofficial Fallout 3 Patch v2.3.2 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 2.3.2 - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.4 - Ubisoft)
VectorScribe v2.3.4 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{B3F8A265-5130-4C00-8433-019BA17AB328}) (Version: 2.3.4 - Astute Graphics Limited)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.2.11 - Black Tree Gaming Ltd.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
Wargaming.net Game Center (HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Wargaming.net Game Center) (Version: 20.7.2.2851 - Wargaming.net)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WidthScribe v2.0.2 for Adobe Illustrator CS5-CC 2015 (19) (HKLM\...\{4FA40650-07AA-4490-B59E-E07CD3566563}) (Version: 2.0.2 - Astute Graphics Limited)
World of Tanks EU (HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.002.1006 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{2F77A309-CAB9-4C8A-8ED0-8C8DA3FF0744}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.8.038.18284 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{DA17D180-7193-4070-B085-9827DB80C2F8}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-12-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2019-11-04 15:09 - 2019-11-04 15:09 - 000059392 _____ () [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\SA\dict-vectorizer.dll
2015-09-24 16:41 - 2015-09-24 16:41 - 000334848 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\cs_CZ\Acrobat Elements\ContextMenu64.cze
2020-02-05 22:10 - 2017-06-01 15:24 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.31\ASACPI.DLL
2019-11-27 11:18 - 2019-11-27 11:18 - 000067072 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt64.dll
2019-11-27 11:18 - 2019-11-27 11:18 - 000019968 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr64.dll
2020-02-04 14:36 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-02-03 20:47 - 2013-05-09 17:45 - 000277504 _____ (JetAudio) [File not signed] C:\Program Files (x86)\JetAudio\JetFlExt64.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2020-01-20 21:16 - 2020-01-20 21:16 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
2003-02-20 19:19 - 2003-02-20 19:19 - 000253952 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
2003-02-21 04:42 - 2003-02-21 04:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll
2019-11-10 11:38 - 2019-11-10 11:38 - 001124352 _____ (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll
2020-02-04 03:06 - 2020-02-04 03:06 - 000913920 _____ (ServiceStack) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\1c451b416fc7b4c8b1ecd15a4bb91187\ServiceStack.Text.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\jakub\AppData\Local\Temp:com.affinity.photo.2 [241]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-3002702695-1329728289-897546576-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Calibre2\
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RescueTime.lnk => C:\Windows\pss\RescueTime.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B5D07D6B-1214-4107-B722-BC17AE899170}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{58ABBA5F-1105-4A18-AA04-015217BD2B4E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B979981C-AF1C-4AC1-9125-F363A0BA9442}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{12AD1B9D-E08C-4C13-9377-C18B652FD832}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{24CBB147-754D-4E7D-9726-778AB02BD3DB}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.) [File not signed]
FirewallRules: [{D7A532C6-F177-49BC-9F94-A3D9237EC123}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.) [File not signed]
FirewallRules: [{C7B59647-3F83-4765-960B-E38F8A2EFA7B}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe => No File
FirewallRules: [{C9D05E8A-98D0-444B-BE3E-ACBEDA838D20}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe => No File
FirewallRules: [{8E949993-12E6-4780-A59C-EB5210D18D5A}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe => No File
FirewallRules: [{EC26444E-D77C-42E8-A189-FBDAA4FF2AE7}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe => No File
FirewallRules: [{7BA3E189-60B0-40F5-94D3-DECA7ADCCDA7}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe => No File
FirewallRules: [{5C06E40B-4893-4449-AFE8-5463005940E1}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe => No File
FirewallRules: [{42397776-AA01-4ADE-ADE9-CC2AEBCE062A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EB7A4E79-CB4B-4A21-9F47-5D561A644780}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C5B72334-C455-497E-AC50-B7EB2CC9D14E}] => (Allow) F:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe => No File
FirewallRules: [{E037A63C-774F-4566-A673-EEBFF1E3714C}] => (Allow) F:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe => No File
FirewallRules: [{4B41E720-4310-470C-829F-BA292A46EDC5}] => (Allow) F:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe => No File
FirewallRules: [{AAFFCBF0-A5EF-4A65-8F75-3336F1ED1DFA}] => (Allow) F:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe => No File
FirewallRules: [{4030C564-0844-47DF-ADAA-F87FFD052882}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{62A4F09A-DB92-4BAB-A8B7-2FB96B6EB9FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D81D2404-CB81-4EAA-AFD9-D77BEA755CD2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{CA9A57D7-D26F-4DC2-B5BB-68BCBBDF1949}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{822C9083-C868-4B84-A13B-69FB04BE06AA}] => (Allow) F:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe => No File
FirewallRules: [{5D13C990-4D6E-49DC-98B1-69B32DF6A39A}] => (Allow) F:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe => No File
FirewallRules: [{17412ADE-8D6D-4B21-95A6-848DB89EAE2F}] => (Allow) F:\hry\steam\steamapps\common\Mashinky\Mashinky.exe => No File
FirewallRules: [{B179C414-5C15-45AC-9311-0721248FE85A}] => (Allow) F:\hry\steam\steamapps\common\Mashinky\Mashinky.exe => No File
FirewallRules: [{ED138204-27A5-4889-A5DD-B47223199F94}] => (Allow) F:\hry\steam\steamapps\common\PUSS!\PUSS!.exe => No File
FirewallRules: [{1EC13E62-5E6F-4E5F-9A08-6B80B53D12DF}] => (Allow) F:\hry\steam\steamapps\common\PUSS!\PUSS!.exe => No File
FirewallRules: [{B38EA7DC-178D-4968-8375-924097E9BD79}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe => No File
FirewallRules: [{BFEC7C83-F3BA-41F9-B1A6-9B86AC2B2AD0}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe => No File
FirewallRules: [{AAA8B981-1869-4C42-8193-C26E35A638E4}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe => No File
FirewallRules: [{A95249A9-97E2-43EA-A749-99EA7ACA6ABB}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe => No File
FirewallRules: [{9F3F9569-D3A8-44DE-BD9B-5911D5BBB9CF}] => (Allow) F:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe => No File
FirewallRules: [{C31F7F5A-7A19-478A-857C-8C9420E67FF3}] => (Allow) F:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe => No File
FirewallRules: [{E8928B49-EC93-44F4-8424-CAE564A51476}] => (Allow) F:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe => No File
FirewallRules: [{7709BD8D-CFEA-454D-B640-3D8723EA8985}] => (Allow) F:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe => No File
FirewallRules: [{AD4C1752-4E9B-4917-AFFB-E4262928575C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{F7254CD1-AFE1-4BAE-8B08-1D8798B6EC10}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{F01049C7-1911-4B9B-B5ED-D0D80DDF53C6}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{81C11DF6-95A4-46A4-A388-B7107DE48E25}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [TCP Query User{3E475C03-2979-4AB5-BF22-9CDC228F768C}F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe => No File
FirewallRules: [UDP Query User{1AEFEF6D-30B7-4142-973E-7B0AD74E81D6}F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe => No File
FirewallRules: [{17E0A457-3033-4A20-ADC3-F8B854A73970}] => (Allow) F:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{31AE0262-EC1C-4A37-A69A-51176FBC379E}] => (Allow) F:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{CB7FF145-62B2-4749-BF80-3B762EE63B53}] => (Allow) F:\hry\steam\steamapps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe => No File
FirewallRules: [{797B3EF9-0B4B-4B70-A241-FD41E6D8E4A7}] => (Allow) F:\hry\steam\steamapps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe => No File
FirewallRules: [{74D6E38B-901E-4A20-9076-C050EFFDC281}] => (Allow) F:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe => No File
FirewallRules: [{62F8E7D1-F5E5-4979-B190-9A19243D4F12}] => (Allow) F:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe => No File
FirewallRules: [{51B76350-F63D-4755-9A0E-665FBBCA0C39}] => (Allow) F:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe => No File
FirewallRules: [{C122104D-F84A-4D39-8218-69A0A537BE67}] => (Allow) F:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe => No File
FirewallRules: [{B07AE6FC-6C90-4885-8D3C-F749E2FFAB5B}] => (Allow) F:\hry\steam\steamapps\common\Feudal Alloy\FeudalAlloy.exe => No File
FirewallRules: [{641DABEF-4CFD-4180-83A8-7E5096EC3255}] => (Allow) F:\hry\steam\steamapps\common\Feudal Alloy\FeudalAlloy.exe => No File
FirewallRules: [TCP Query User{1F3A5A5E-AFC1-40E8-833E-A2F81D1B21DA}F:\hry\wargaming.net\gamecenter\wgc.exe] => (Allow) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{69E54292-94D8-44EB-8C28-DE1FED36574E}F:\hry\wargaming.net\gamecenter\wgc.exe] => (Allow) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{CB07E24A-6724-4558-97D7-46F976B6B6B1}] => (Block) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{5A5B17DB-87AB-44B2-997B-0D688FAFDD3D}] => (Block) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{4256C2FE-29B5-46E2-9A19-1BF02B89068C}F:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) F:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{A96DE001-EF84-498C-A5DC-282CE23421A8}F:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) F:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [{B4C61F24-7B62-46FE-86B8-F039158070B3}] => (Allow) F:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{193DEAE7-3966-40D0-8784-838982E13A30}] => (Allow) F:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{D2971AD2-680D-4276-91D0-A3753FC4481D}] => (Allow) F:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe => No File
FirewallRules: [{D3A44E34-A449-4127-815D-2E3BE07DB6FD}] => (Allow) F:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe => No File
FirewallRules: [{DF8E92DB-FB2D-4A79-89E2-5F94B0434D3B}] => (Allow) F:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe => No File
FirewallRules: [{2F4516E8-C026-4A51-B0DD-F13558C4A967}] => (Allow) F:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe => No File
FirewallRules: [{CE84D752-2F55-4B9E-BAB4-564558D8E860}] => (Allow) F:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe => No File
FirewallRules: [{75E6F033-768E-414E-A3EB-58907F46FC83}] => (Allow) F:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe => No File
FirewallRules: [{ADA4CE28-4853-4A9D-B8EC-0D5DD32BD1B1}] => (Allow) F:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe => No File
FirewallRules: [{74EACFAF-0A2D-44F3-A55B-767C7D2476C0}] => (Allow) F:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe => No File
FirewallRules: [{49268D99-3B9E-4D98-9C25-32DCACDF9AA4}] => (Allow) F:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe => No File
FirewallRules: [{8D797412-9A16-4AD2-B22D-8928E7701FA0}] => (Allow) F:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe => No File
FirewallRules: [{10EDC097-6F14-4386-8C58-31983FEF0137}] => (Allow) F:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe => No File
FirewallRules: [{0C063107-FACD-4587-AE78-8EE41196397D}] => (Allow) F:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe => No File
FirewallRules: [{FE76E071-ED3B-4854-ADC5-79E2151C0982}] => (Allow) F:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe => No File
FirewallRules: [{B2E990A5-874C-4E89-B427-9DC3B09FD0A9}] => (Allow) F:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe => No File
FirewallRules: [{25D3CAFC-892F-4338-B889-78C0CA8FFEFD}] => (Allow) F:\hry\steam\steamapps\common\GoNNER\Gonner.exe => No File
FirewallRules: [{F23C6153-BC28-4B82-B023-93B5FA346205}] => (Allow) F:\hry\steam\steamapps\common\GoNNER\Gonner.exe => No File
FirewallRules: [{367B4779-FE2D-4A89-B225-3B8B7E917764}] => (Allow) F:\hry\steam\steamapps\common\Arrog\Arrog.exe => No File
FirewallRules: [{312E88A4-082E-4E51-B9CA-6FB49A9608A8}] => (Allow) F:\hry\steam\steamapps\common\Arrog\Arrog.exe => No File
FirewallRules: [{77FE0FFD-20AE-4A0B-86D1-9107FB3ED66A}] => (Allow) F:\hry\steam\steamapps\common\Iris.Fall\IrisFall.exe => No File
FirewallRules: [{2DEB68FD-3471-4F4F-9926-40EADAB9E99B}] => (Allow) F:\hry\steam\steamapps\common\Iris.Fall\IrisFall.exe => No File
FirewallRules: [{62A6F29E-5696-46B7-88BE-71FE0BAE6F8B}] => (Allow) F:\hry\steam\steamapps\common\Original War\Owar.exe => No File
FirewallRules: [{217E0FF8-1803-4EE0-999D-0F0C59BEE20F}] => (Allow) F:\hry\steam\steamapps\common\Original War\Owar.exe => No File
FirewallRules: [{00D8DF2D-E55D-4E58-844F-8ADD757E6C1C}] => (Allow) F:\hry\steam\steamapps\common\Dex\Dex.exe => No File
FirewallRules: [{6DD6ADC6-C7DB-4283-A4A4-9E16E5B2D455}] => (Allow) F:\hry\steam\steamapps\common\Dex\Dex.exe => No File
FirewallRules: [{EF6C0BAF-1BF1-4456-ABA2-FEB6E4CFAF83}] => (Allow) F:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe => No File
FirewallRules: [{37B17525-D7DC-4BA5-A402-BA0BAE418B99}] => (Allow) F:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe => No File
FirewallRules: [{EC7AB74F-20AA-467E-8297-85620C4203D1}] => (Allow) C:\Program Files (x86)\Pantone Color Manager\PantoneColorManager.exe (X-Rite Incorporated -> X-Rite)
FirewallRules: [{2CA888C2-3F57-478C-817D-840620245F67}] => (Allow) C:\Program Files (x86)\Pantone Color Manager\PantoneColorManager.exe (X-Rite Incorporated -> X-Rite)
FirewallRules: [{72A996E5-435D-4CA7-B926-09F0F5BBA933}] => (Allow) G:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{6EA940AF-F51A-43E4-B6FC-162725284D5D}] => (Allow) G:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{84E39096-EEC7-40EC-A917-B0F79085C6D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\60 Parsecs!\60Parsecs.exe () [File not signed]
FirewallRules: [{D70C4283-6FCE-4AEB-8D31-C669EC925BDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\60 Parsecs!\60Parsecs.exe () [File not signed]
FirewallRules: [{7AC29804-9396-4455-A45A-8C8B6C848212}] => (Allow) G:\hry\steam\steamapps\common\Arrog\Arrog.exe () [File not signed]
FirewallRules: [{01D61A4F-3EE7-428F-A299-3E0A89F0B7C1}] => (Allow) G:\hry\steam\steamapps\common\Arrog\Arrog.exe () [File not signed]
FirewallRules: [{B00BAE08-4C5C-4506-9F36-893F7C629D8C}] => (Allow) G:\hry\steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{C57D4DC0-5A69-486F-8D4D-798EE0402AAA}] => (Allow) G:\hry\steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{F6FA6EFC-7509-47FE-AF7C-6D314BC0FDA3}] => (Allow) G:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe (Starbreeze Studios AB) [File not signed]
FirewallRules: [{11C6AF84-9186-4C32-A9EE-F9AB5B8A6DAC}] => (Allow) G:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe (Starbreeze Studios AB) [File not signed]
FirewallRules: [{0EF32ACC-3477-4017-A4FB-475084E8A32C}] => (Allow) G:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe (Starbreeze) [File not signed]
FirewallRules: [{2285D612-567B-4BE0-8CF7-8D6F7AD4A428}] => (Allow) G:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe (Starbreeze) [File not signed]
FirewallRules: [{74D140F0-5BD6-4998-BC2C-06F2DEFEFFA4}] => (Allow) G:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [File not signed]
FirewallRules: [{5B9BFC45-6EBC-44D7-86F5-56C0FEA8E172}] => (Allow) G:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [File not signed]
FirewallRules: [{1311836C-9B5E-4A68-B849-1B242290D9DF}] => (Allow) G:\hry\steam\steamapps\common\Dex\Dex.exe (Dreadlocks Ltd) [File not signed]
FirewallRules: [{F1E074C1-E640-4609-8D2F-E13EE9E6FACD}] => (Allow) G:\hry\steam\steamapps\common\Dex\Dex.exe (Dreadlocks Ltd) [File not signed]
FirewallRules: [{559B4CE5-920C-42C0-BD24-E6E2473D9FF1}] => (Allow) G:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe () [File not signed]
FirewallRules: [{E1EBEC45-82C3-4598-8E81-2E0D6D833B77}] => (Allow) G:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe () [File not signed]
FirewallRules: [{9BB0ADE2-D629-483D-9300-0746078356BD}] => (Allow) G:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{9AFD79BF-0E7D-4806-B3EC-B61391AEA301}] => (Allow) G:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{891BA795-10F2-4DF0-B340-F1327756AE49}] => (Allow) G:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{D9D553EC-E49F-49B9-8898-64DB7FBF959A}] => (Allow) G:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{2A81F2D0-91A7-4EE5-A21B-7B278AEE77AE}] => (Allow) G:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{84040FCC-37F5-4FDB-B52E-C55B9BE6EDA7}] => (Allow) G:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{87C64E50-72D3-47E5-B990-CCE6534EBB40}] => (Allow) G:\hry\steam\steamapps\common\The Gardens Between\TheGardensBetween.exe => No File
FirewallRules: [{2AE9373B-5E9A-4E11-8866-BBE0E3D0A164}] => (Allow) G:\hry\steam\steamapps\common\The Gardens Between\TheGardensBetween.exe => No File
FirewallRules: [{77F095B7-240C-4BF5-A84C-EB0E4E465C9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Gardens Between\TheGardensBetween.exe () [File not signed]
FirewallRules: [{E7F7AFE5-C48B-4F2D-996B-18824ADBAD23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Gardens Between\TheGardensBetween.exe () [File not signed]
FirewallRules: [{AC27B752-67BA-454F-974C-86EF07AC138B}] => (Allow) G:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe () [File not signed]
FirewallRules: [{76C46D18-AA0E-4A47-8912-AB81C6B3B253}] => (Allow) G:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe () [File not signed]
FirewallRules: [{567099B5-DAB2-4EB4-9968-90BFCC8EA452}] => (Allow) G:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F9BBF476-19D9-4B35-8B43-E44A4F1FC020}] => (Allow) G:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5B722FE1-2F75-45E4-A78B-35627DF765CF}] => (Allow) G:\hry\steam\steamapps\common\GoNNER\Gonner.exe () [File not signed]
FirewallRules: [{09819D26-4155-4D3C-902D-AEFEE18BF242}] => (Allow) G:\hry\steam\steamapps\common\GoNNER\Gonner.exe () [File not signed]
FirewallRules: [{1719FE35-7E76-4373-920E-0683AF48CF34}] => (Allow) G:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{FE863A7E-5F86-474F-B0F1-C1DF88821FF7}] => (Allow) G:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe () [File not signed]
FirewallRules: [{0972322E-6A02-412C-988C-C693C36E9080}] => (Allow) G:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe () [File not signed]
FirewallRules: [{4739A424-3D19-4269-B9C0-0A856C42E2FD}] => (Allow) G:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe () [File not signed]
FirewallRules: [{06183FEF-FEB7-4AE0-9ABE-68AE6C121028}] => (Allow) G:\hry\steam\steamapps\common\The Incredible Adventures of Van Helsing\VanHelsing.exe (NeoCore Games) [File not signed]
FirewallRules: [{FD998F9C-61D3-4869-89A5-D4D8A5140201}] => (Allow) G:\hry\steam\steamapps\common\The Incredible Adventures of Van Helsing\VanHelsing.exe (NeoCore Games) [File not signed]
FirewallRules: [{F23231E7-703C-48D8-AC8F-CB40C6351EB8}] => (Allow) G:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe (Rake in Grass) [File not signed]
FirewallRules: [{8115878D-2CB1-4A48-B2E4-AC7AF3EBAC43}] => (Allow) G:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe (Rake in Grass) [File not signed]
FirewallRules: [{8DC4C0A0-C682-4078-A8D9-1DAF80579053}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{C5FDB77A-9F51-4002-8301-655B69F29872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{262BCDC0-5B3C-4801-83E6-2086E1575A23}] => (Allow) G:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe () [File not signed]
FirewallRules: [{8550E0A1-3144-4949-9A0D-761775A2D124}] => (Allow) G:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe () [File not signed]
FirewallRules: [{73052BA0-DB1D-40EF-84C3-34C8AE9719D6}] => (Allow) G:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe () [File not signed]
FirewallRules: [{849ABA3C-98EB-4FAE-B4F4-047495A03C79}] => (Allow) G:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe () [File not signed]
FirewallRules: [{B9F83376-9727-47A3-A622-28F5043951C8}] => (Allow) G:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe () [File not signed]
FirewallRules: [{C68A80EF-0B88-442E-BDC4-4FB2FC32AB45}] => (Allow) G:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe () [File not signed]
FirewallRules: [{73A462D4-440C-45AA-9BB5-8A5CAEA9BB70}] => (Allow) G:\hry\steam\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{9F1710BD-6C6F-4812-8A8D-0928A15219A9}] => (Allow) G:\hry\steam\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{53B5956A-9A84-4847-AC65-BEAC986FD08D}] => (Allow) G:\hry\steam\steamapps\common\Original War\Owar.exe (Stucuk.net) [File not signed]
FirewallRules: [{4581A77F-A5EB-42AF-8EB9-0CD1C7119E45}] => (Allow) G:\hry\steam\steamapps\common\Original War\Owar.exe (Stucuk.net) [File not signed]
FirewallRules: [{E17A0992-DD8C-4D47-8F29-641136BA4FD7}] => (Allow) G:\hry\steam\steamapps\common\PUSS!\PUSS!.exe () [File not signed]
FirewallRules: [{21BD9B10-7682-497B-AD3F-FE9948A28302}] => (Allow) G:\hry\steam\steamapps\common\PUSS!\PUSS!.exe () [File not signed]
FirewallRules: [{5890DE33-07FD-4D0F-9383-A8080C10AC9B}] => (Allow) G:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe () [File not signed]
FirewallRules: [{25BBCB74-582E-47AE-B5DC-BF3A3EE34E4D}] => (Allow) G:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe () [File not signed]
FirewallRules: [{C7CA594F-82BF-40C6-972E-B0857A802B03}] => (Allow) G:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe () [File not signed]
FirewallRules: [{1264BF7E-EA21-46B2-92CB-05771CD51372}] => (Allow) G:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe () [File not signed]
FirewallRules: [{2475BC91-2DD6-4EB4-815B-8E76AD3C94C7}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe () [File not signed]
FirewallRules: [{A2060C10-C6C6-4407-854C-4C11352936F3}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe () [File not signed]
FirewallRules: [{5C32D548-EB39-4082-B299-A744D51CAD04}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe () [File not signed]
FirewallRules: [{F95F9745-5123-4A95-A386-4B200E898552}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe () [File not signed]
FirewallRules: [{DE18DB93-EA90-4871-B56D-C06ED9BC5A5A}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe () [File not signed]
FirewallRules: [{C72FA73E-F2B7-489B-BE5D-1BDE4DB243A2}] => (Allow) G:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe () [File not signed]
FirewallRules: [{BA734F96-24F9-4C13-878E-099ADE574978}] => (Allow) G:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7127A8FA-DBC6-4ADB-8480-319CE6C7AD73}] => (Allow) G:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{FF657433-CFD1-41D3-9A77-4F0022C86285}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\bin\shooter_win64_release.exe () [File not signed]
FirewallRules: [{3B8F2212-EAB3-4539-9719-038CED65090F}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\bin\shooter_win64_release.exe () [File not signed]
FirewallRules: [{2FC035FC-D39D-4251-81C4-530BDAFE45A7}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\bin\X-Morph_Launcher.exe () [File not signed]
FirewallRules: [{5EFD9AD1-EFF9-45FE-BBE3-3F1857D7B9B8}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\bin\X-Morph_Launcher.exe () [File not signed]
FirewallRules: [{30A1EC49-6ED7-47A4-B162-0C323EB39049}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\tools\bin\level_editor_win64_release.exe () [File not signed]
FirewallRules: [{42025099-19D2-410A-A325-8614C5B2287E}] => (Allow) G:\hry\steam\steamapps\common\X-Morph Defense\tools\bin\level_editor_win64_release.exe () [File not signed]
FirewallRules: [{75E448C3-954B-493F-B828-329E0C9AF32A}] => (Allow) G:\hry\steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{47803126-A5F9-4151-A593-1A686A1C09F2}] => (Allow) G:\hry\steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{75C7C0EA-9A0F-4FD1-BD7F-E7268F53B2D7}] => (Allow) G:\hry\steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{207C6942-EED2-4F9D-8028-813C5CC9673D}] => (Allow) G:\hry\steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{29EBEF47-2F6C-4092-9792-C0949623C28C}] => (Allow) G:\hry\steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{012B3B1E-8F52-42A2-B10D-677793D496CA}] => (Allow) G:\hry\steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{3C9E0B2A-1C62-4DDF-BEB5-E8215500254E}] => (Allow) G:\hry\steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{DBEE7FD7-38B3-4FF9-B0FF-A9A4EFE527A8}] => (Allow) G:\hry\steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{9343239F-862D-4784-98BB-1345B6F5539E}] => (Allow) G:\hry\steam\steamapps\common\Legend of Grimrock\grimrock.exe () [File not signed]
FirewallRules: [{9D9FE66A-F634-4B57-9985-693807F5A3A3}] => (Allow) G:\hry\steam\steamapps\common\Legend of Grimrock\grimrock.exe () [File not signed]
FirewallRules: [{0DC77ED0-8934-46EC-89E3-F126FB5B9EC8}] => (Allow) G:\hry\steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{289F0C47-1E3E-4583-9A2C-E77F1A86F079}] => (Allow) G:\hry\steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{E7A7931C-66DE-400B-9203-50CB189BAEC0}] => (Allow) G:\hry\steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{FDFDBE32-28CA-4E1C-892F-047CAFE4A03B}] => (Allow) G:\hry\steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [TCP Query User{D211FBBA-7CCE-4F72-AB9B-66FC24FD7CEF}G:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) G:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe (Focus Home Interactive S.A -> Focus Home Interactive)
FirewallRules: [UDP Query User{44CE35A3-7F3B-4108-BB33-8780DEEDC504}G:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) G:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe (Focus Home Interactive S.A -> Focus Home Interactive)
FirewallRules: [{0DDC3B0C-9A55-43BD-9A8F-4281C5541FAA}] => (Allow) G:\hry\steam\steamapps\common\Samorost 2\Samorost2.exe () [File not signed]
FirewallRules: [{3D30FA52-18A9-4919-BA99-D28E0606D8B0}] => (Allow) G:\hry\steam\steamapps\common\Samorost 2\Samorost2.exe () [File not signed]
FirewallRules: [{192084B5-39C4-4EDF-A65E-6DBCF01573C1}] => (Allow) G:\hry\steam\steamapps\common\Samorost 3\Samorost3.exe () [File not signed]
FirewallRules: [{C6B4F48C-DB7E-4143-ABC8-DCC9AEA4DAE6}] => (Allow) G:\hry\steam\steamapps\common\Samorost 3\Samorost3.exe () [File not signed]
FirewallRules: [{8558BBB9-4CB1-48B4-A740-B207719EB1EF}] => (Allow) G:\hry\steam\steamapps\common\The Incredible Adventures of Van Helsing II\VanHelsing.exe (NeoCore Games) [File not signed]
FirewallRules: [{DAD53C2F-A6C8-47D6-B09B-C8E37244D8F9}] => (Allow) G:\hry\steam\steamapps\common\The Incredible Adventures of Van Helsing II\VanHelsing.exe (NeoCore Games) [File not signed]
FirewallRules: [{27A529FA-973E-4908-81C5-7EAAC5773633}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{89F54969-7807-44C2-AA71-5C718915A03F}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe (CD Projekt Red) [File not signed]
FirewallRules: [{81E48FB7-5D6E-421D-B182-ABB1DB4A44B5}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{38406054-CF75-4E40-8DC4-0FA375CC5594}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{32D17285-5BDB-4C5E-9835-208D223E0741}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{14A642C6-36E0-4AE3-95A5-13870747110F}] => (Allow) G:\hry\steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe () [File not signed]
FirewallRules: [{57648F0A-2FDF-4765-AD70-5DBE8285D378}] => (Allow) G:\hry\steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed]
FirewallRules: [{94DE564B-D980-407D-AE16-693E455000EE}] => (Allow) G:\hry\steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed]
FirewallRules: [{A9D19D8B-E018-4B4D-B237-EE5F541EBD46}] => (Allow) G:\hry\steam\steamapps\common\War For The Overworld\WFTO.exe (BRIGHTROCK GAMES LIMITED -> )
FirewallRules: [{3A59CF14-7C32-4F87-8B1D-5EF876D80C3A}] => (Allow) G:\hry\steam\steamapps\common\War For The Overworld\WFTO.exe (BRIGHTROCK GAMES LIMITED -> )
FirewallRules: [{A7D90EA9-477E-4D76-940F-016DF79B4F94}] => (Allow) G:\hry\steam\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{3F730255-EC89-4F8C-9D56-7C76D2F3B0D1}] => (Allow) G:\hry\steam\steamapps\common\TheLongDark\tld.exe () [File not signed]
FirewallRules: [{F950C14B-19BA-468E-87A7-B7894456BF8A}] => (Allow) G:\hry\steam\steamapps\common\Braid\braid.exe () [File not signed]
FirewallRules: [{23B7965D-8D44-4D9F-BADB-76C71C9E2208}] => (Allow) G:\hry\steam\steamapps\common\Braid\braid.exe () [File not signed]
FirewallRules: [{33CCAEFA-F9B8-4792-8F22-B69F014F4CA5}] => (Allow) G:\hry\steam\steamapps\common\BLACKHOLE\BH.exe (FiolaSoft Studio) [File not signed]
FirewallRules: [{3CA83BEE-9D19-4685-A79D-3BCA7AD0C6D2}] => (Allow) G:\hry\steam\steamapps\common\BLACKHOLE\BH.exe (FiolaSoft Studio) [File not signed]
FirewallRules: [{C15F2D0C-47BC-4169-A193-A8FCAF265DD3}] => (Allow) G:\hry\steam\steamapps\common\tbs3\win32\The Banner Saga 3.exe () [File not signed]
FirewallRules: [{00795360-15F4-429D-98D1-7184488D62BD}] => (Allow) G:\hry\steam\steamapps\common\tbs3\win32\The Banner Saga 3.exe () [File not signed]
FirewallRules: [{096F1EBF-5DAF-4AB4-9F80-CE7828F4CEBB}] => (Allow) G:\hry\steam\steamapps\common\tbs2\win32\The Banner Saga 2.exe () [File not signed]
FirewallRules: [{7C616D7B-4C3F-4A22-8F6E-D8C089C91796}] => (Allow) G:\hry\steam\steamapps\common\tbs2\win32\The Banner Saga 2.exe () [File not signed]
FirewallRules: [{F61299EF-1D04-4517-A51A-77DDE05E7C85}] => (Allow) G:\hry\steam\steamapps\common\tbs\win32\The Banner Saga.exe () [File not signed]
FirewallRules: [{EF636D5A-495A-455B-AE0C-69DD4D2CF659}] => (Allow) G:\hry\steam\steamapps\common\tbs\win32\The Banner Saga.exe () [File not signed]
FirewallRules: [{71178CB0-5B06-47EE-BE4D-7F13DD0DFF78}] => (Allow) G:\hry\steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{325678C1-8C19-4F96-9809-2789E5828FEB}] => (Allow) G:\hry\steam\steamapps\common\the witcher 2\Launcher.exe (CD Projekt RED) [File not signed]
FirewallRules: [{2AE04082-89DD-4B27-A76B-AABB3D65E226}] => (Allow) G:\hry\steam\steamapps\common\Rain World\RainWorld.exe () [File not signed]
FirewallRules: [{B6ECEB30-075A-41DE-A58B-6D5554F25533}] => (Allow) G:\hry\steam\steamapps\common\Rain World\RainWorld.exe () [File not signed]
FirewallRules: [{4763C5DE-063F-46CD-A690-3F32320996BA}] => (Allow) G:\hry\steam\steamapps\common\Guns, Gore and Cannoli 2\ggc2.exe () [File not signed]
FirewallRules: [{AF365338-B207-4708-A281-EF5740287F67}] => (Allow) G:\hry\steam\steamapps\common\Guns, Gore and Cannoli 2\ggc2.exe () [File not signed]
FirewallRules: [{E480FA21-B61F-42F9-8CB4-1BB46721ECBC}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds.exe (Reality Pump -> Reality Pump)
FirewallRules: [{87BE1112-F0D8-4F1C-9F55-DB5010CFA682}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds.exe (Reality Pump -> Reality Pump)
FirewallRules: [{8EB50939-B340-47E1-A1E8-80BD9082920E}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe (Reality Pump -> Reality Pump)
FirewallRules: [{54083F80-7EBD-487E-8BE3-7004DDCAD2BC}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe (Reality Pump -> Reality Pump)
FirewallRules: [{967C6963-F491-48A8-9E30-08C8FB3352DB}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\2WSG.exe (TopWare Interactive AG) [File not signed]
FirewallRules: [{1915CC52-FEA8-45BA-B0DE-95F9F9FE75E1}] => (Allow) G:\hry\steam\steamapps\common\Two Worlds - Epic Edition\2WSG.exe (TopWare Interactive AG) [File not signed]
FirewallRules: [{C27AEE54-BA9D-449A-8DB2-ED1BAC6DD2A2}] => (Allow) G:\hry\steam\steamapps\common\Lair of the Clockwork God\LotCG.exe () [File not signed]
FirewallRules: [{6EC5228D-EDAD-400D-920F-0102A768B87B}] => (Allow) G:\hry\steam\steamapps\common\Lair of the Clockwork God\LotCG.exe () [File not signed]
FirewallRules: [{B5D1F606-B2CF-41BE-8855-7E338AA3D9C1}] => (Allow) G:\hry\steam\steamapps\common\Devil's Kiss\DevilsKiss.exe () [File not signed]
FirewallRules: [{5D2C43DC-93EF-4C2B-8D9B-A7D2B27854FC}] => (Allow) G:\hry\steam\steamapps\common\Devil's Kiss\DevilsKiss.exe () [File not signed]
FirewallRules: [{CC9AF453-82A0-431C-B8F1-A5F84390D93E}] => (Allow) G:\hry\steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{3C2A107D-FC14-45CA-9F45-2A9435CF47C2}] => (Allow) G:\hry\steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{DB6DF0FE-5657-4D04-AF54-D5140DECC29D}] => (Allow) G:\hry\steam\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{415AE697-9200-4D0D-AC64-0C5EEC90CD5C}] => (Allow) G:\hry\steam\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0DA285FB-BA1D-40FA-9E0A-6D207ACD7D0F}] => (Allow) G:\hry\steam\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.)
FirewallRules: [{F6FFC0D1-F239-438F-880A-63795E62CD20}] => (Allow) G:\hry\steam\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.)
FirewallRules: [{A0EFAD30-4B7C-47D2-9C8C-C9534E106B51}] => (Allow) G:\hry\steam\steamapps\common\CastleCrashers\castle.exe () [File not signed]
FirewallRules: [{CDFB2A75-BB9E-4A8D-9FC8-96593ABA1C1F}] => (Allow) G:\hry\steam\steamapps\common\CastleCrashers\castle.exe () [File not signed]
FirewallRules: [{D5C69429-1A50-48B7-88B3-4C6CE5DFD31F}] => (Allow) G:\hry\steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed]
FirewallRules: [{706BE93D-5602-4CA3-8B14-A05011C1B8C8}] => (Allow) G:\hry\steam\steamapps\common\Broforce\Broforce_beta.exe () [File not signed]
FirewallRules: [{A8F6054A-EACA-4A73-9FD0-6907F51B7B1F}] => (Allow) G:\hry\steam\steamapps\common\7th Sector\7TH_Sector.exe () [File not signed]
FirewallRules: [{26833320-0203-466D-A8E4-3A8DD824146C}] => (Allow) G:\hry\steam\steamapps\common\7th Sector\7TH_Sector.exe () [File not signed]
FirewallRules: [{4B1761A7-5F3E-42FD-BAD4-D394644CCEF7}] => (Allow) G:\hry\steam\steamapps\common\Darkwood\Darkwood.exe () [File not signed]
FirewallRules: [{C6E606D8-D549-4F84-A09C-2A30AFB7EFB7}] => (Allow) G:\hry\steam\steamapps\common\Darkwood\Darkwood.exe () [File not signed]
FirewallRules: [{79BD2F4E-7EC1-4819-9710-77997E583853}] => (Allow) G:\hry\steam\steamapps\common\35MM\35MM.exe () [File not signed]
FirewallRules: [{0F1FDD4A-E5DA-49F8-AAF8-707563BF7900}] => (Allow) G:\hry\steam\steamapps\common\35MM\35MM.exe () [File not signed]
FirewallRules: [TCP Query User{45A388CD-0806-4FB6-9CEE-F4CB11B202E4}G:\hry\wot\wargaming.net\gamecenter\wgc.exe] => (Allow) G:\hry\wot\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{257C648B-E323-4C57-A6A5-D76216F7C74E}G:\hry\wot\wargaming.net\gamecenter\wgc.exe] => (Allow) G:\hry\wot\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9C44F5CD-1A95-491B-802A-DC337B310A16}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{0EBEACC1-3149-47DC-A875-3377B6112328}G:\hry\wot\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) G:\hry\wot\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{DCE3703A-5EC2-4C0D-9BD1-895588B93234}G:\hry\wot\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) G:\hry\wot\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{62DBA216-E699-4B52-95E6-73772627B304}] => (Allow) G:\hry\steam\steamapps\common\DLC Quest\DLC.exe (Going Loud Studios) [File not signed]
FirewallRules: [{FFBC629C-5671-484E-8CDE-113CF7463E48}] => (Allow) G:\hry\steam\steamapps\common\DLC Quest\DLC.exe (Going Loud Studios) [File not signed]
FirewallRules: [{B54E3E73-59C6-4115-B952-337A630B08BD}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{A2C50786-58E0-41C7-BC99-6BC971911CE6}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{54430F0A-7333-4631-8538-E3512CCC8F36}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/18/2021 04:48:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/18/2021 12:04:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/17/2021 08:31:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/16/2021 09:16:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/15/2021 03:53:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/14/2021 04:20:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/13/2021 04:04:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/12/2021 10:16:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WorldOfTanks.exe verze 1.11.0.10055 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 24ac

Čas spuštění: 01d6e8fadd2f919e

Čas ukončení: 900

Cesta k aplikaci: G:\hry\WoT\World_of_Tanks_EU\win64\WorldOfTanks.exe

ID hlášení:


System errors:
=============
Error: (01/18/2021 06:15:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Check Point Endpoint EFR byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (01/18/2021 06:15:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Check Point Sandblast Agent Updater byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (01/18/2021 06:15:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Check Point Sandblast Agent Cipolla byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (01/18/2021 06:15:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Check Point SandBlast Agent Threat Emulation byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (01/18/2021 06:15:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Security byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/18/2021 06:15:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Service Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (01/18/2021 06:15:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/18/2021 06:15:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Check Point Endpoint Remediation byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.


CodeIntegrity:
===================================

Date: 2020-02-03 22:21:42.446
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:21:42.430
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:21:42.399
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:21:40.199
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:21:40.168
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:21:40.153
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:12:22.733
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

Date: 2020-02-03 22:12:22.713
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 3207 04/02/2012
Motherboard: ASUSTeK Computer INC. P8P67 PRO REV 3.1
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 34%
Total physical RAM: 16351.14 MB
Available physical RAM: 10706.57 MB
Total Virtual: 32700.43 MB
Available Virtual: 25556.24 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:41.54 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (pracovní) (Fixed) (Total:500.16 GB) (Free:120.66 GB) NTFS
Drive f: (data) (Fixed) (Total:1362.85 GB) (Free:321.9 GB) NTFS
Drive g: (hry) (Fixed) (Total:1862.89 GB) (Free:947.24 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: B5C1BBDE)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: A3D1EF07)
Partition 2: (Not Active) - (Size=1863 GB) - (Type=0F Extended)

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Jj. AdWare to byl. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Run: [] => [X]
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Run: [GalaxyClient] => [X]
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2015B39B-EC85-4784-AF46-46DA41073525} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-05] (Google LLC -> Google LLC)
Task: {914A09D4-0AE8-4C15-8A71-204F7B95EAFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-05] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U3 iswSvc; no ImagePath
AlternateDataStreams: C:\Users\jakub\AppData\Local\Temp:com.affinity.photo.2 [241]
FirewallRules: [{C7B59647-3F83-4765-960B-E38F8A2EFA7B}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe => No File
FirewallRules: [{C9D05E8A-98D0-444B-BE3E-ACBEDA838D20}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe => No File
FirewallRules: [{8E949993-12E6-4780-A59C-EB5210D18D5A}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe => No File
FirewallRules: [{EC26444E-D77C-42E8-A189-FBDAA4FF2AE7}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe => No File
FirewallRules: [{7BA3E189-60B0-40F5-94D3-DECA7ADCCDA7}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe => No File
FirewallRules: [{5C06E40B-4893-4449-AFE8-5463005940E1}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe => No File
FirewallRules: [{42397776-AA01-4ADE-ADE9-CC2AEBCE062A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EB7A4E79-CB4B-4A21-9F47-5D561A644780}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C5B72334-C455-497E-AC50-B7EB2CC9D14E}] => (Allow) F:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe => No File
FirewallRules: [{E037A63C-774F-4566-A673-EEBFF1E3714C}] => (Allow) F:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe => No File
FirewallRules: [{4B41E720-4310-470C-829F-BA292A46EDC5}] => (Allow) F:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe => No File
FirewallRules: [{AAFFCBF0-A5EF-4A65-8F75-3336F1ED1DFA}] => (Allow) F:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe => No File
FirewallRules: [{822C9083-C868-4B84-A13B-69FB04BE06AA}] => (Allow) F:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe => No File
FirewallRules: [{5D13C990-4D6E-49DC-98B1-69B32DF6A39A}] => (Allow) F:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe => No File
FirewallRules: [{17412ADE-8D6D-4B21-95A6-848DB89EAE2F}] => (Allow) F:\hry\steam\steamapps\common\Mashinky\Mashinky.exe => No File
FirewallRules: [{B179C414-5C15-45AC-9311-0721248FE85A}] => (Allow) F:\hry\steam\steamapps\common\Mashinky\Mashinky.exe => No File
FirewallRules: [{ED138204-27A5-4889-A5DD-B47223199F94}] => (Allow) F:\hry\steam\steamapps\common\PUSS!\PUSS!.exe => No File
FirewallRules: [{1EC13E62-5E6F-4E5F-9A08-6B80B53D12DF}] => (Allow) F:\hry\steam\steamapps\common\PUSS!\PUSS!.exe => No File
FirewallRules: [{B38EA7DC-178D-4968-8375-924097E9BD79}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe => No File
FirewallRules: [{BFEC7C83-F3BA-41F9-B1A6-9B86AC2B2AD0}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe => No File
FirewallRules: [{AAA8B981-1869-4C42-8193-C26E35A638E4}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe => No File
FirewallRules: [{A95249A9-97E2-43EA-A749-99EA7ACA6ABB}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe => No File
FirewallRules: [{9F3F9569-D3A8-44DE-BD9B-5911D5BBB9CF}] => (Allow) F:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe => No File
FirewallRules: [{C31F7F5A-7A19-478A-857C-8C9420E67FF3}] => (Allow) F:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe => No File
FirewallRules: [{E8928B49-EC93-44F4-8424-CAE564A51476}] => (Allow) F:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe => No File
FirewallRules: [{7709BD8D-CFEA-454D-B640-3D8723EA8985}] => (Allow) F:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe => No File
FirewallRules: [TCP Query User{3E475C03-2979-4AB5-BF22-9CDC228F768C}F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe => No File
FirewallRules: [UDP Query User{1AEFEF6D-30B7-4142-973E-7B0AD74E81D6}F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe => No File
FirewallRules: [{17E0A457-3033-4A20-ADC3-F8B854A73970}] => (Allow) F:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{31AE0262-EC1C-4A37-A69A-51176FBC379E}] => (Allow) F:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{CB7FF145-62B2-4749-BF80-3B762EE63B53}] => (Allow) F:\hry\steam\steamapps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe => No File
FirewallRules: [{797B3EF9-0B4B-4B70-A241-FD41E6D8E4A7}] => (Allow) F:\hry\steam\steamapps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe => No File
FirewallRules: [{74D6E38B-901E-4A20-9076-C050EFFDC281}] => (Allow) F:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe => No File
FirewallRules: [{62F8E7D1-F5E5-4979-B190-9A19243D4F12}] => (Allow) F:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe => No File
FirewallRules: [{51B76350-F63D-4755-9A0E-665FBBCA0C39}] => (Allow) F:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe => No File
FirewallRules: [{C122104D-F84A-4D39-8218-69A0A537BE67}] => (Allow) F:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe => No File
FirewallRules: [{B07AE6FC-6C90-4885-8D3C-F749E2FFAB5B}] => (Allow) F:\hry\steam\steamapps\common\Feudal Alloy\FeudalAlloy.exe => No File
FirewallRules: [{641DABEF-4CFD-4180-83A8-7E5096EC3255}] => (Allow) F:\hry\steam\steamapps\common\Feudal Alloy\FeudalAlloy.exe => No File
FirewallRules: [TCP Query User{1F3A5A5E-AFC1-40E8-833E-A2F81D1B21DA}F:\hry\wargaming.net\gamecenter\wgc.exe] => (Allow) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{69E54292-94D8-44EB-8C28-DE1FED36574E}F:\hry\wargaming.net\gamecenter\wgc.exe] => (Allow) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{CB07E24A-6724-4558-97D7-46F976B6B6B1}] => (Block) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{5A5B17DB-87AB-44B2-997B-0D688FAFDD3D}] => (Block) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{4256C2FE-29B5-46E2-9A19-1BF02B89068C}F:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) F:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{A96DE001-EF84-498C-A5DC-282CE23421A8}F:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) F:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [{B4C61F24-7B62-46FE-86B8-F039158070B3}] => (Allow) F:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{193DEAE7-3966-40D0-8784-838982E13A30}] => (Allow) F:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{D2971AD2-680D-4276-91D0-A3753FC4481D}] => (Allow) F:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe => No File
FirewallRules: [{D3A44E34-A449-4127-815D-2E3BE07DB6FD}] => (Allow) F:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe => No File
FirewallRules: [{DF8E92DB-FB2D-4A79-89E2-5F94B0434D3B}] => (Allow) F:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe => No File
FirewallRules: [{2F4516E8-C026-4A51-B0DD-F13558C4A967}] => (Allow) F:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe => No File
FirewallRules: [{CE84D752-2F55-4B9E-BAB4-564558D8E860}] => (Allow) F:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe => No File
FirewallRules: [{75E6F033-768E-414E-A3EB-58907F46FC83}] => (Allow) F:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe => No File
FirewallRules: [{ADA4CE28-4853-4A9D-B8EC-0D5DD32BD1B1}] => (Allow) F:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe => No File
FirewallRules: [{74EACFAF-0A2D-44F3-A55B-767C7D2476C0}] => (Allow) F:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe => No File
FirewallRules: [{49268D99-3B9E-4D98-9C25-32DCACDF9AA4}] => (Allow) F:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe => No File
FirewallRules: [{8D797412-9A16-4AD2-B22D-8928E7701FA0}] => (Allow) F:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe => No File
FirewallRules: [{10EDC097-6F14-4386-8C58-31983FEF0137}] => (Allow) F:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe => No File
FirewallRules: [{0C063107-FACD-4587-AE78-8EE41196397D}] => (Allow) F:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe => No File
FirewallRules: [{FE76E071-ED3B-4854-ADC5-79E2151C0982}] => (Allow) F:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe => No File
FirewallRules: [{B2E990A5-874C-4E89-B427-9DC3B09FD0A9}] => (Allow) F:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe => No File
FirewallRules: [{25D3CAFC-892F-4338-B889-78C0CA8FFEFD}] => (Allow) F:\hry\steam\steamapps\common\GoNNER\Gonner.exe => No File
FirewallRules: [{F23C6153-BC28-4B82-B023-93B5FA346205}] => (Allow) F:\hry\steam\steamapps\common\GoNNER\Gonner.exe => No File
FirewallRules: [{367B4779-FE2D-4A89-B225-3B8B7E917764}] => (Allow) F:\hry\steam\steamapps\common\Arrog\Arrog.exe => No File
FirewallRules: [{312E88A4-082E-4E51-B9CA-6FB49A9608A8}] => (Allow) F:\hry\steam\steamapps\common\Arrog\Arrog.exe => No File
FirewallRules: [{77FE0FFD-20AE-4A0B-86D1-9107FB3ED66A}] => (Allow) F:\hry\steam\steamapps\common\Iris.Fall\IrisFall.exe => No File
FirewallRules: [{2DEB68FD-3471-4F4F-9926-40EADAB9E99B}] => (Allow) F:\hry\steam\steamapps\common\Iris.Fall\IrisFall.exe => No File
FirewallRules: [{62A6F29E-5696-46B7-88BE-71FE0BAE6F8B}] => (Allow) F:\hry\steam\steamapps\common\Original War\Owar.exe => No File
FirewallRules: [{217E0FF8-1803-4EE0-999D-0F0C59BEE20F}] => (Allow) F:\hry\steam\steamapps\common\Original War\Owar.exe => No File
FirewallRules: [{00D8DF2D-E55D-4E58-844F-8ADD757E6C1C}] => (Allow) F:\hry\steam\steamapps\common\Dex\Dex.exe => No File
FirewallRules: [{6DD6ADC6-C7DB-4283-A4A4-9E16E5B2D455}] => (Allow) F:\hry\steam\steamapps\common\Dex\Dex.exe => No File
FirewallRules: [{EF6C0BAF-1BF1-4456-ABA2-FEB6E4CFAF83}] => (Allow) F:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe => No File
FirewallRules: [{37B17525-D7DC-4BA5-A402-BA0BAE418B99}] => (Allow) F:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe => No File
FirewallRules: [{EC7AB74F-20AA-467E-8297-85620C4203D1}] => (Allow) C:\Program Files (x86)\Pantone Color Manager\PantoneColorManager.exe (X-Rite Incorporated -> X-Rite)
FirewallRules: [{2CA888C2-3F57-478C-817D-840620245F67}] => (Allow) C:\Program Files (x86)\Pantone Color Manager\PantoneColorManager.exe (X-Rite Incorporated -> X-Rite)
FirewallRules: [{72A996E5-435D-4CA7-B926-09F0F5BBA933}] => (Allow) G:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{6EA940AF-F51A-43E4-B6FC-162725284D5D}] => (Allow) G:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{87C64E50-72D3-47E5-B990-CCE6534EBB40}] => (Allow) G:\hry\steam\steamapps\common\The Gardens Between\TheGardensBetween.exe => No File
FirewallRules: [{2AE9373B-5E9A-4E11-8866-BBE0E3D0A164}] => (Allow) G:\hry\steam\steamapps\common\The Gardens Between\TheGardensBetween.exe => No File
FirewallRules: [{8DC4C0A0-C682-4078-A8D9-1DAF80579053}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{C5FDB77A-9F51-4002-8301-655B69F29872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[out_of_space]

Zdravím, posílám log.

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-01-2021
Ran by jakub (19-01-2021 16:54:43) Run:2
Running from C:\Users\jakub\Desktop
Loaded Profiles: jakub
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Run: [] => [X]
HKU\S-1-5-21-3002702695-1329728289-897546576-1000\...\Run: [GalaxyClient] => [X]
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2015B39B-EC85-4784-AF46-46DA41073525} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-05] (Google LLC -> Google LLC)
Task: {914A09D4-0AE8-4C15-8A71-204F7B95EAFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-05] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U3 iswSvc; no ImagePath
AlternateDataStreams: C:\Users\jakub\AppData\Local\Temp:com.affinity.photo.2 [241]
FirewallRules: [{C7B59647-3F83-4765-960B-E38F8A2EFA7B}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe => No File
FirewallRules: [{C9D05E8A-98D0-444B-BE3E-ACBEDA838D20}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe => No File
FirewallRules: [{8E949993-12E6-4780-A59C-EB5210D18D5A}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe => No File
FirewallRules: [{EC26444E-D77C-42E8-A189-FBDAA4FF2AE7}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe => No File
FirewallRules: [{7BA3E189-60B0-40F5-94D3-DECA7ADCCDA7}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe => No File
FirewallRules: [{5C06E40B-4893-4449-AFE8-5463005940E1}] => (Allow) F:\hry\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe => No File
FirewallRules: [{42397776-AA01-4ADE-ADE9-CC2AEBCE062A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EB7A4E79-CB4B-4A21-9F47-5D561A644780}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C5B72334-C455-497E-AC50-B7EB2CC9D14E}] => (Allow) F:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe => No File
FirewallRules: [{E037A63C-774F-4566-A673-EEBFF1E3714C}] => (Allow) F:\hry\steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe => No File
FirewallRules: [{4B41E720-4310-470C-829F-BA292A46EDC5}] => (Allow) F:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe => No File
FirewallRules: [{AAFFCBF0-A5EF-4A65-8F75-3336F1ED1DFA}] => (Allow) F:\hry\steam\steamapps\common\JnG Gold\jng_gold.exe => No File
FirewallRules: [{822C9083-C868-4B84-A13B-69FB04BE06AA}] => (Allow) F:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe => No File
FirewallRules: [{5D13C990-4D6E-49DC-98B1-69B32DF6A39A}] => (Allow) F:\hry\steam\steamapps\common\Walking Simulator 2020\WalkingSimulator2020.exe => No File
FirewallRules: [{17412ADE-8D6D-4B21-95A6-848DB89EAE2F}] => (Allow) F:\hry\steam\steamapps\common\Mashinky\Mashinky.exe => No File
FirewallRules: [{B179C414-5C15-45AC-9311-0721248FE85A}] => (Allow) F:\hry\steam\steamapps\common\Mashinky\Mashinky.exe => No File
FirewallRules: [{ED138204-27A5-4889-A5DD-B47223199F94}] => (Allow) F:\hry\steam\steamapps\common\PUSS!\PUSS!.exe => No File
FirewallRules: [{1EC13E62-5E6F-4E5F-9A08-6B80B53D12DF}] => (Allow) F:\hry\steam\steamapps\common\PUSS!\PUSS!.exe => No File
FirewallRules: [{B38EA7DC-178D-4968-8375-924097E9BD79}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe => No File
FirewallRules: [{BFEC7C83-F3BA-41F9-B1A6-9B86AC2B2AD0}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe => No File
FirewallRules: [{AAA8B981-1869-4C42-8193-C26E35A638E4}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe => No File
FirewallRules: [{A95249A9-97E2-43EA-A749-99EA7ACA6ABB}] => (Allow) F:\hry\steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe => No File
FirewallRules: [{9F3F9569-D3A8-44DE-BD9B-5911D5BBB9CF}] => (Allow) F:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe => No File
FirewallRules: [{C31F7F5A-7A19-478A-857C-8C9420E67FF3}] => (Allow) F:\hry\steam\steamapps\common\LEAVES - The Journey\LEAVES_The_Journey.exe => No File
FirewallRules: [{E8928B49-EC93-44F4-8424-CAE564A51476}] => (Allow) F:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe => No File
FirewallRules: [{7709BD8D-CFEA-454D-B640-3D8723EA8985}] => (Allow) F:\hry\steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe => No File
FirewallRules: [TCP Query User{3E475C03-2979-4AB5-BF22-9CDC228F768C}F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe => No File
FirewallRules: [UDP Query User{1AEFEF6D-30B7-4142-973E-7B0AD74E81D6}F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe] => (Allow) F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe => No File
FirewallRules: [{17E0A457-3033-4A20-ADC3-F8B854A73970}] => (Allow) F:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{31AE0262-EC1C-4A37-A69A-51176FBC379E}] => (Allow) F:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{CB7FF145-62B2-4749-BF80-3B762EE63B53}] => (Allow) F:\hry\steam\steamapps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe => No File
FirewallRules: [{797B3EF9-0B4B-4B70-A241-FD41E6D8E4A7}] => (Allow) F:\hry\steam\steamapps\common\The Turing Test\TheTuringTest\Binaries\Win64\TheTuringTest.exe => No File
FirewallRules: [{74D6E38B-901E-4A20-9076-C050EFFDC281}] => (Allow) F:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe => No File
FirewallRules: [{62F8E7D1-F5E5-4979-B190-9A19243D4F12}] => (Allow) F:\hry\steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe => No File
FirewallRules: [{51B76350-F63D-4755-9A0E-665FBBCA0C39}] => (Allow) F:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe => No File
FirewallRules: [{C122104D-F84A-4D39-8218-69A0A537BE67}] => (Allow) F:\hry\steam\steamapps\common\Heave Ho\HeaveHo.exe => No File
FirewallRules: [{B07AE6FC-6C90-4885-8D3C-F749E2FFAB5B}] => (Allow) F:\hry\steam\steamapps\common\Feudal Alloy\FeudalAlloy.exe => No File
FirewallRules: [{641DABEF-4CFD-4180-83A8-7E5096EC3255}] => (Allow) F:\hry\steam\steamapps\common\Feudal Alloy\FeudalAlloy.exe => No File
FirewallRules: [TCP Query User{1F3A5A5E-AFC1-40E8-833E-A2F81D1B21DA}F:\hry\wargaming.net\gamecenter\wgc.exe] => (Allow) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{69E54292-94D8-44EB-8C28-DE1FED36574E}F:\hry\wargaming.net\gamecenter\wgc.exe] => (Allow) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{CB07E24A-6724-4558-97D7-46F976B6B6B1}] => (Block) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [{5A5B17DB-87AB-44B2-997B-0D688FAFDD3D}] => (Block) F:\hry\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{4256C2FE-29B5-46E2-9A19-1BF02B89068C}F:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) F:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{A96DE001-EF84-498C-A5DC-282CE23421A8}F:\hry\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) F:\hry\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [{B4C61F24-7B62-46FE-86B8-F039158070B3}] => (Allow) F:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{193DEAE7-3966-40D0-8784-838982E13A30}] => (Allow) F:\hry\steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{D2971AD2-680D-4276-91D0-A3753FC4481D}] => (Allow) F:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe => No File
FirewallRules: [{D3A44E34-A449-4127-815D-2E3BE07DB6FD}] => (Allow) F:\hry\steam\steamapps\common\Graveyard Keeper\Graveyard Keeper.exe => No File
FirewallRules: [{DF8E92DB-FB2D-4A79-89E2-5F94B0434D3B}] => (Allow) F:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe => No File
FirewallRules: [{2F4516E8-C026-4A51-B0DD-F13558C4A967}] => (Allow) F:\hry\steam\steamapps\common\Fallout 4\Fallout4Launcher.exe => No File
FirewallRules: [{CE84D752-2F55-4B9E-BAB4-564558D8E860}] => (Allow) F:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe => No File
FirewallRules: [{75E6F033-768E-414E-A3EB-58907F46FC83}] => (Allow) F:\hry\steam\steamapps\common\Rez Infinite\Rez-infinite.exe => No File
FirewallRules: [{ADA4CE28-4853-4A9D-B8EC-0D5DD32BD1B1}] => (Allow) F:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe => No File
FirewallRules: [{74EACFAF-0A2D-44F3-A55B-767C7D2476C0}] => (Allow) F:\hry\steam\steamapps\common\The Last Cube Demo\The Last Cube.exe => No File
FirewallRules: [{49268D99-3B9E-4D98-9C25-32DCACDF9AA4}] => (Allow) F:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe => No File
FirewallRules: [{8D797412-9A16-4AD2-B22D-8928E7701FA0}] => (Allow) F:\hry\steam\steamapps\common\Giana Sisters Twisted Dreams\launcher\GSLauncher.exe => No File
FirewallRules: [{10EDC097-6F14-4386-8C58-31983FEF0137}] => (Allow) F:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe => No File
FirewallRules: [{0C063107-FACD-4587-AE78-8EE41196397D}] => (Allow) F:\hry\steam\steamapps\common\FlatOut2\FlatOut2.exe => No File
FirewallRules: [{FE76E071-ED3B-4854-ADC5-79E2151C0982}] => (Allow) F:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe => No File
FirewallRules: [{B2E990A5-874C-4E89-B427-9DC3B09FD0A9}] => (Allow) F:\hry\steam\steamapps\common\Stardust Galaxy Warriors\Stardust Galaxy Warriors Win64.exe => No File
FirewallRules: [{25D3CAFC-892F-4338-B889-78C0CA8FFEFD}] => (Allow) F:\hry\steam\steamapps\common\GoNNER\Gonner.exe => No File
FirewallRules: [{F23C6153-BC28-4B82-B023-93B5FA346205}] => (Allow) F:\hry\steam\steamapps\common\GoNNER\Gonner.exe => No File
FirewallRules: [{367B4779-FE2D-4A89-B225-3B8B7E917764}] => (Allow) F:\hry\steam\steamapps\common\Arrog\Arrog.exe => No File
FirewallRules: [{312E88A4-082E-4E51-B9CA-6FB49A9608A8}] => (Allow) F:\hry\steam\steamapps\common\Arrog\Arrog.exe => No File
FirewallRules: [{77FE0FFD-20AE-4A0B-86D1-9107FB3ED66A}] => (Allow) F:\hry\steam\steamapps\common\Iris.Fall\IrisFall.exe => No File
FirewallRules: [{2DEB68FD-3471-4F4F-9926-40EADAB9E99B}] => (Allow) F:\hry\steam\steamapps\common\Iris.Fall\IrisFall.exe => No File
FirewallRules: [{62A6F29E-5696-46B7-88BE-71FE0BAE6F8B}] => (Allow) F:\hry\steam\steamapps\common\Original War\Owar.exe => No File
FirewallRules: [{217E0FF8-1803-4EE0-999D-0F0C59BEE20F}] => (Allow) F:\hry\steam\steamapps\common\Original War\Owar.exe => No File
FirewallRules: [{00D8DF2D-E55D-4E58-844F-8ADD757E6C1C}] => (Allow) F:\hry\steam\steamapps\common\Dex\Dex.exe => No File
FirewallRules: [{6DD6ADC6-C7DB-4283-A4A4-9E16E5B2D455}] => (Allow) F:\hry\steam\steamapps\common\Dex\Dex.exe => No File
FirewallRules: [{EF6C0BAF-1BF1-4456-ABA2-FEB6E4CFAF83}] => (Allow) F:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe => No File
FirewallRules: [{37B17525-D7DC-4BA5-A402-BA0BAE418B99}] => (Allow) F:\hry\steam\steamapps\common\Dex\GamepadConfigTool.exe => No File
FirewallRules: [{EC7AB74F-20AA-467E-8297-85620C4203D1}] => (Allow) C:\Program Files (x86)\Pantone Color Manager\PantoneColorManager.exe (X-Rite Incorporated -> X-Rite)
FirewallRules: [{2CA888C2-3F57-478C-817D-840620245F67}] => (Allow) C:\Program Files (x86)\Pantone Color Manager\PantoneColorManager.exe (X-Rite Incorporated -> X-Rite)
FirewallRules: [{72A996E5-435D-4CA7-B926-09F0F5BBA933}] => (Allow) G:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{6EA940AF-F51A-43E4-B6FC-162725284D5D}] => (Allow) G:\hry\steam\steamapps\common\60 Parsecs!\60Parsecs.exe => No File
FirewallRules: [{87C64E50-72D3-47E5-B990-CCE6534EBB40}] => (Allow) G:\hry\steam\steamapps\common\The Gardens Between\TheGardensBetween.exe => No File
FirewallRules: [{2AE9373B-5E9A-4E11-8866-BBE0E3D0A164}] => (Allow) G:\hry\steam\steamapps\common\The Gardens Between\TheGardensBetween.exe => No File
FirewallRules: [{8DC4C0A0-C682-4078-A8D9-1DAF80579053}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File
FirewallRules: [{C5FDB77A-9F51-4002-8301-655B69F29872}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jets'n'Guns 2\JnG2.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-3002702695-1329728289-897546576-1000\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-3002702695-1329728289-897546576-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2015B39B-EC85-4784-AF46-46DA41073525}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2015B39B-EC85-4784-AF46-46DA41073525}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{914A09D4-0AE8-4C15-8A71-204F7B95EAFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{914A09D4-0AE8-4C15-8A71-204F7B95EAFF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\System\CurrentControlSet\Services\iswSvc => removed successfully
iswSvc => service removed successfully
C:\Users\jakub\AppData\Local\Temp => ":com.affinity.photo.2" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7B59647-3F83-4765-960B-E38F8A2EFA7B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C9D05E8A-98D0-444B-BE3E-ACBEDA838D20}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E949993-12E6-4780-A59C-EB5210D18D5A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC26444E-D77C-42E8-A189-FBDAA4FF2AE7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BA3E189-60B0-40F5-94D3-DECA7ADCCDA7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C06E40B-4893-4449-AFE8-5463005940E1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{42397776-AA01-4ADE-ADE9-CC2AEBCE062A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB7A4E79-CB4B-4A21-9F47-5D561A644780}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C5B72334-C455-497E-AC50-B7EB2CC9D14E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E037A63C-774F-4566-A673-EEBFF1E3714C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4B41E720-4310-470C-829F-BA292A46EDC5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AAFFCBF0-A5EF-4A65-8F75-3336F1ED1DFA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{822C9083-C868-4B84-A13B-69FB04BE06AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D13C990-4D6E-49DC-98B1-69B32DF6A39A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17412ADE-8D6D-4B21-95A6-848DB89EAE2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B179C414-5C15-45AC-9311-0721248FE85A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED138204-27A5-4889-A5DD-B47223199F94}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1EC13E62-5E6F-4E5F-9A08-6B80B53D12DF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B38EA7DC-178D-4968-8375-924097E9BD79}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFEC7C83-F3BA-41F9-B1A6-9B86AC2B2AD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AAA8B981-1869-4C42-8193-C26E35A638E4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A95249A9-97E2-43EA-A749-99EA7ACA6ABB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F3F9569-D3A8-44DE-BD9B-5911D5BBB9CF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C31F7F5A-7A19-478A-857C-8C9420E67FF3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8928B49-EC93-44F4-8424-CAE564A51476}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7709BD8D-CFEA-454D-B640-3D8723EA8985}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3E475C03-2979-4AB5-BF22-9CDC228F768C}F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1AEFEF6D-30B7-4142-973E-7B0AD74E81D6}F:\hry\epic\snowrunner\en_us\sources\bin\snowrunner.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17E0A457-3033-4A20-ADC3-F8B854A73970}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{31AE0262-EC1C-4A37-A69A-51176FBC379E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CB7FF145-62B2-4749-BF80-3B762EE63B53}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{797B3EF9-0B4B-4B70-A241-FD41E6D8E4A7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74D6E38B-901E-4A20-9076-C050EFFDC281}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{62F8E7D1-F5E5-4979-B190-9A19243D4F12}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51B76350-F63D-4755-9A0E-665FBBCA0C39}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C122104D-F84A-4D39-8218-69A0A537BE67}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B07AE6FC-6C90-4885-8D3C-F749E2FFAB5B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{641DABEF-4CFD-4180-83A8-7E5096EC3255}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1F3A5A5E-AFC1-40E8-833E-A2F81D1B21DA}F:\hry\wargaming.net\gamecenter\wgc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{69E54292-94D8-44EB-8C28-DE1FED36574E}F:\hry\wargaming.net\gamecenter\wgc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CB07E24A-6724-4558-97D7-46F976B6B6B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A5B17DB-87AB-44B2-997B-0D688FAFDD3D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4256C2FE-29B5-46E2-9A19-1BF02B89068C}F:\hry\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A96DE001-EF84-498C-A5DC-282CE23421A8}F:\hry\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B4C61F24-7B62-46FE-86B8-F039158070B3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{193DEAE7-3966-40D0-8784-838982E13A30}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D2971AD2-680D-4276-91D0-A3753FC4481D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D3A44E34-A449-4127-815D-2E3BE07DB6FD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF8E92DB-FB2D-4A79-89E2-5F94B0434D3B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F4516E8-C026-4A51-B0DD-F13558C4A967}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE84D752-2F55-4B9E-BAB4-564558D8E860}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75E6F033-768E-414E-A3EB-58907F46FC83}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ADA4CE28-4853-4A9D-B8EC-0D5DD32BD1B1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74EACFAF-0A2D-44F3-A55B-767C7D2476C0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{49268D99-3B9E-4D98-9C25-32DCACDF9AA4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D797412-9A16-4AD2-B22D-8928E7701FA0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{10EDC097-6F14-4386-8C58-31983FEF0137}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C063107-FACD-4587-AE78-8EE41196397D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE76E071-ED3B-4854-ADC5-79E2151C0982}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B2E990A5-874C-4E89-B427-9DC3B09FD0A9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{25D3CAFC-892F-4338-B889-78C0CA8FFEFD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F23C6153-BC28-4B82-B023-93B5FA346205}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{367B4779-FE2D-4A89-B225-3B8B7E917764}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{312E88A4-082E-4E51-B9CA-6FB49A9608A8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{77FE0FFD-20AE-4A0B-86D1-9107FB3ED66A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2DEB68FD-3471-4F4F-9926-40EADAB9E99B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{62A6F29E-5696-46B7-88BE-71FE0BAE6F8B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{217E0FF8-1803-4EE0-999D-0F0C59BEE20F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00D8DF2D-E55D-4E58-844F-8ADD757E6C1C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DD6ADC6-C7DB-4283-A4A4-9E16E5B2D455}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EF6C0BAF-1BF1-4456-ABA2-FEB6E4CFAF83}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{37B17525-D7DC-4BA5-A402-BA0BAE418B99}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC7AB74F-20AA-467E-8297-85620C4203D1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2CA888C2-3F57-478C-817D-840620245F67}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{72A996E5-435D-4CA7-B926-09F0F5BBA933}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EA940AF-F51A-43E4-B6FC-162725284D5D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87C64E50-72D3-47E5-B990-CCE6534EBB40}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2AE9373B-5E9A-4E11-8866-BBE0E3D0A164}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8DC4C0A0-C682-4078-A8D9-1DAF80579053}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C5FDB77A-9F51-4002-8301-655B69F29872}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10640028 B
Java, Flash, Steam htmlcache => 531548174 B
Windows/system/drivers => 161970 B
Edge => 0 B
Chrome => 140658 B
Brave => 0 B
Firefox => 1119750205 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 58624768 B
systemprofile32 => 58698694 B
LocalService => 58764922 B
NetworkService => 58831150 B
jakub => 495856437 B

RecycleBin => 6708 B
EmptyTemp: => 2.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:54:55 ====

[Rudy]

Smazáno, log by již měl být OK.

[out_of_space]

V tom případě, děkuji za pomoc

[Rudy]

Rádo se stalo!